Why banks want to improve their authentication processes

Posted on: December 04th, 2013 by Art Barger

To understand what authentication and customer service issues banks are dealing with, we’re talking to financial institutions all the time. What we’ve learned is banks have been under immense pressure for years to do more with less. Sound familiar? Anyone reading this will understand what I mean.

As corporate decision makers, we’re all under the microscope to reduce head counts and automate wherever we can. Speed up and improve all banking processes with tighter budgets and less resources. And this is true for customer authentication.

In our discussions, I’ve pulled out a few of the main reasons why banking institutions are looking to enhance their authentication processes over the telephone channel.

  • Confusion with FFIEC requirements: While federal regulations are intended to improve the overall security of modern banking, the requirements around two-factor authentication can be confusing. Many believe they can still meet the FFIEC’s two-factor authentication criteria by doing more of the same. But asking two — or for that matter a hundred — different knowledge-based security questions doesn’t mean you’ve met the multi-factor criteria. Why? You’re still working within the same “something you know” (password, PIN number, personally identifiable information [PII]) authentication factor. To truly meet the multi-factor requirements, banks need to meet at least two of the following categories, including “something you know”, “something you are” (fingerprint, DNA, retinal pattern) and “something you have” (ID card, security token, telephone). Understanding these categories is important to meeting the FFIEC’s multi-factor authentication paradigm for identifying customers.
  • Ineffective authentication processes: Frustrations with today’s customer identification processes like knowledge-based authentication (KBA) are a big issue for financial institutions. Some banks are finding the bad guys can just blow past PII-based processes, which does nothing for securing their networks. When it comes down to it, KBA is no longer predictive for identifying customers over the phone, it’s expensive, intrusive and extremely time-consuming, all of which can have a significant impact on the customer’s overall impression of the bank.
  • Improve customer experience: Then, there are those who have consistently experienced fraud losses for many years. While reducing fraud rates would be nice, what really matters to them is how they serve their customers. They understand the value that a best-in-class experience is worth to their brand in the eyes of their customers.

For banks and organizations looking to comply with new federal regulations, deploy effective authentication tools, and improve the banking experience over the telephone channel, the TRUSTID® Physical Caller Authentication solution helps with all three strategic initiatives.

First, by verifying the physical calling devices, we help banking institutions meet the important “something you have” FFIEC authentication criteria. Our real-time telephone network forensics don’t rely on beatable knowledge-based identification tools to proactively validate the Caller ID and ANI on all incoming calls. And finally, by automating authentication pre-answer TRUSTID speeds up the caller identification process to ensure a faster, more reliable and secure banking experience for customers.