In September 2017, news of the Equifax privacy breach rocked the people’s belief that their personal information is secure. This latest violation of consumer privacy put more than half of U.S. citizens at risk for identity theft. While it’s easy to be critical of a breach of this magnitude, the incident is indicative of a larger issue: how difficult it has become for financial institutions to protect customers’ information.
A number of factors are at play here. Social engineering schemes and fraudulent activity are becoming more frequent and sophisticated. The Equifax breach is just the latest in a long string of costly breaches that enable fraudsters to acquire personal information and identities of individuals. Albertsons,
T-Mobile, Adobe, Target, and Yahoo are among a long list of companies that have experienced breaches in the last 5 years.1 And, more than 9 billion data records have been lost or stolen since 2013 alone.2 On top of the public scrutiny and pressures felt after breaches, new regulations around data protection, open banking and faster payments are coming into effect. These regulations are focused on making transactions and financial innovation easier as well as facilitating better consumer protections, but they are also forcing changes in how institutions can use individuals’ data and carry significant penalties for non-compliance. The lifestyles of consumers are becoming more digital all the time, too. As consumers conduct more of their personal business online, the footprint of their digital identity gets bigger and opportunity for fraudsters grows.
Financial institutions are taking steps to better protect consumers. However, they are finding that not only are their traditional cybersecurity approaches not fully up to today’s challenges, but they also create roadblocks in the customer experience. This is a problem when 54% of financial institutions think removing friction from the customer journey is the most important trend in banking.3 This blog will explore the shortcomings of traditional approaches, and will examine how emerging behavioral biometrics solutions enable a new layer of visibility in fighting cybercrime and identity theft while minimizing customer friction.
The “old ways” are laden with digital identity shortcomings
Digital financial channels aren’t brand new, but the security challenges they present are so rapidly changing, it’s hard for financial institutions to keep pace. New account fraud and account takeover scenarios are two areas where this inability to keep pace manifests the most for financial institutions. Because personal information is so widely available, traditional authentication is no longer enough to prevent hackers from opening new accounts in unsuspecting victims’ names or with made up digital identities. In fact, losses due to new account fraud increased by 40% from 2015 to 2016.4 Likewise, fraudsters now have increasingly sophisticated ways of circumventing a wide range of controls and gaining access into peoples’ accounts after they have logged in.
Most cybersecurity techniques employed today leverage point-in-time solutions. And, although having strong endpoint security and login authentication is important, many fraudulent schemes go around these systems, essentially rendering them useless. To make things worse, continuing to layer more of these traditional approaches to plug security gaps generally harms the customer experience by adding steps and increasing the frustration to end-users with minimal improvement to security. Certainly, these traditional approaches leave a lot to be desired, but new technology is showing promise for financial institutions that are looking to get ahead of cyberthreats.
The promise of behavioral biometrics solutions
Behavioral biometrics is an emerging technology that analyzes and uses a user’s unique way of interacting with a website or mobile applications across devices to create a behavior-based biometric identification. By identifying and analyzing how a person types, scrolls and navigates between fields, for example, this technology provides a new layer of visibility into user activity for the purposes of digital security and authentication.
Behavioral biometrics solutions help financial institutions digitally transform their operations. This approach goes beyond traditional means of security to detect malware, bot and remote access activity while still protecting consumer digital identities. Behavioral biometrics cannot be lost or stolen because they are based on an individual’s unique behavioral patterns. They are cloud-based, working in the background with no change in the user experience, to produce real-time actionable alerts when suspicious behavior is identified.
Delivering on the promise in a holistic way
BioCatch, built on Microsoft Cloud technology, enables a holistic approach to behavioral biometrics. The solution is an advanced behavioral biometrics platform that develops profiles of web and mobile users to recognize a wide range of human and non-human imposters (malware, bots, aggregator, and RAT activity). Implementing this pioneering technology helps financial institutions stay ahead of cyberthreats, reduces friction in the user experience, and adds a new dimension to stopping fraud in its tracks. To learn more about BioCatch, try the solution demo on Microsoft AppSource.
1 New York Times, 2013
2 Breach Level Index, 2017
3 Financial Brand, 2016
4 Javelin, 2017