By Saeed Ahmad, Managing Director, Middle East, and North Africa, Callsign
Digital transactions are shaping the future of payments, revolutionising commerce as we know it. A recent McKinsey survey showed that about 58% of Middle Eastern consumers prefer digital payments methods over cash.
To keep up with the changing face of the payments landscape, banking and retail organisations are digitising customer journeys. However, the wide acceptance of digital payments has been accompanied by a massive rise in online fraud.
According to Visa’s 2021 Stay Secure survey, four in ten UAE customers have experienced online fraud attempts. Around a quarter of consumers experienced phishing attacks, while a fifth (19%) experienced credit card fraud.
Regional organisations and banks constantly strive to make the consumer experience seamless and secure to retain their loyalty in a competitive business landscape.
Consumer authentication and verification require adaptability, convenience, and security. Adding too many security steps frustrates customers, even if this is done to prevent fraud. However, it has always been the customer’s responsibility to prove their identity.
In the past, authentication was a much simpler process. Banking consumers visited their local branch, were recognised by personnel, and were given access to their accounts. This tried, tested, and low-risk authentication and verification technique was widespread. However, with the advent of the internet, digital service providers had to find a solution to prove the identity of the unseen consumer.
While digital transformation has aided in increasing production, efficiency, competitiveness, and lowering overheads, security has lagged behind. Over the years, financial institutions have switched their focus and resources on securing smartphone transactions through OTPs.
The problem, in this case, is that OTPs are delivered to a registered number with the premise that the device belongs to and is managed by the customer. This assumption is OTP’s Achilles Heel, and it is brutally abused by hackers, which is why phone fraud is common.
Rebuilding digital trust
Validation of digital identities is the cornerstone of restoring trust in online services ranging from social networking to mobile banking. There must be a fundamental shift in how identities are generated and confirmed to enable safe, secure, and protected online interactions for this to succeed.
There are technologies available today that can positively identify a legitimate customer online without an OTP, thereby helping to rebuild digital trust between the bank and the customer.
As banks integrate their digital offerings to provide seamless experiences to users, customers must have confidence in the security of their digital identities; otherwise, these newly launched digital services will never be a source of sustainable growth.
Behavioural biometrics to the rescue
The solution can be found in technology, which dates back to the invention of the telegraph when messages were sent via morse code. Operators could be identified by how they tapped out dots and dashes, which also helped determine the legitimacy of communications.
This early kind of behavioural biometrics served as a predecessor to today’s far more advanced and accurate authentication technology.
The core technology is machine learning, which is used to learn an individual’s behaviour, such as how they hold their phone and how they type or swipe their touchpad or computer keyboard. This is then integrated with additional contextual data points such as device intelligence, threat detection, and cryptography.
All this information adds up to 99.999% identity accuracy, preventing fraud and other risks.
A simple swipe on the phone screen or how a password is typed is as distinctive as a fingerprint or retina, thereby keeping fraudsters at bay. Layering behavioural biometrics with device and threat intelligence helps detect various threats such as authorised push payments from social engineering, account takeover fraud, identity fraud, and stolen credentials because they identify the person, not just the device or the password.
Using human gestures to validate a customer’s identity eliminates the need for one-time passwords while also increasing digital trust. As digital transformation continues, behavioural biometrics will make customer authentication and fraud detection easier, faster, and more secure.