5 ways to create awesome banking experiences with face authentication
Article by Pedro Torres on 2022-05-27. Original website post.
How will the world of banking look like in the near future??Imagine paying with a simple look as you leave a store or a supermarket, instead of scanning each item and fetching your credit card, loyalty app and maybe your ID to prove your 18+. Consider checking out in an e-commerce website or logging in to your online banking with a simple click and looking at your laptop webcam: no special codes, no SMS. Opening a bank account in a new bank, asking for a loan, signing a contract. All these use cases could be incredibly simple. So why aren't they??
Can you remove friction in banking while increasing security??Have you noticed how easy it is to switch payment providers? Many users even keep various equivalent apps. If one doesn't respond in a couple of seconds, they will switch to the other. That's the time you have before you lose that customer. So, you need to get rid of every tiny aspect of user friction. But such friction is greatly brought by a strong need for security in the banking world, the recurring theme that you need a compromise between efficiency and security. But is that the case? Or can you remove that friction from financial processes, while increasing security? Well... you can. Do read on.
Face Authentication to the rescue.?In this in-depth article, we bring you 5 ways to remove friction in banking, fintech and payments with face authentication, by enabling fast authentication processes that save your customer time and have them love your service, while decreasing support hours from your IT teams and minimizing security and privacy breaches. Speed to market in adopting awesome experiences is key not to lose your customers to competition. Are you up for the challenge?
Short on time??Check the key takeaways and benefits at the end.
1. Become passwordless
Banking codes are broken.?All of us have numerous banking accounts and payment methods. They all come with associated alphanumeric access codes which are particularly difficult to memorize. Some cannot even be changed. So either people start writing them down, which is a security issue, or they change them to be the same and coincide with birthdays or memorable digit sequences. If you need to recover some of these credentials, you may have to get a physical letter in the post or go to branches in person. In making these codes perfect for security, humanity has made them unmanageable for humans and, ultimately, both a convenience and a security nightmare. The worst of both worlds.
The banking future is passwordless and your face holds the key.?Face authentication can enable a passwordless experience by providing a secure single sign-on. Whichever device you are using, whenever you need to sign-up or sign-in, your face can act as the only password you will ever need. Any laptop, mobile or tablet camera, even low-end, can verify you are the right person. And most applications these days use underlying authentication protocols that are compatible with Open ID and, as we've seen before, you can bring Open ID and Face Authentication together to?streamline the login experience with passwordless single sign-on. Pay by face hands-free in stores, apply for loans or open bank accounts with face only, do any financial transaction online by just being you.
In short, banking codes are broken but face authentication enables a passwordless banking experience, increases customer retention and onboarding rates, while reducing IT support hours and giving peace of mind to your legal team on all security breach and liability ramifications that can come from weaker codes.
2. Keep it frictionless even in high-security environments
Second factor authentication is currently a usability nightmare.?Sometimes, risk management does indeed impose additional authentication checks to reduce fraud. Say you want to transfer a very large amount of money, or the transaction has raised some fraud detection flag that requires an additional check. While there are currently various security measures in place for these cases, they vary a lot across different banks and include very inconvenient workflows, such as second factor authentication with SMS codes sent to phone or other convoluted 3DS procedures in online payments.
Adding face to an authentication flow enables great experiences and increases security.?It is super easy to achieve Secure Customer Authentication combining face authentication, mobile device possession and proximity as part a of a holistic Multi-Factor Authentication (MFA) strategy. This enables amazing fluid user experiences that everyone loves, while increasing security. And this can be done for every single industry, including Banking. Read more on how to achieve this on our earlier article on?how you can leverage face-based MFA solutions to get frictionless user authentication.
Overall, current second-factor authentication is very inconvenient, but face authentication allows implementation of hands-free multi-factor workflows that do not rely on memorized codes, typing or additional hardware, providing amazing experience, while increasing security levels.
3. Know Your Customer at every transaction
Do you really know who is accessing your customer accounts??With the immense increase in remote work, people are more and more doing everything online. And while many companies provide identity screening, it is still a challenge to make sure the documents provided by customers and companies around the world indeed belong to the person or entity that you end up hosting funds from. And with passwords, cards, and codes, it is impossible to know that the person using the right credentials is in fact who they should be. Furthermore, tools such as Face ID from Apple only provide an assurance that the person making the transaction knows the PIN code of that Apple phone. Not that they are who they should be.
Face enables Knowing Your Customer at every transaction.?Just as with?checking-in to a hotel, face authentication can support the identity verification process and ensure the onboarded face corresponds to the right identity. Furthermore, as the authentication is done using a face, you can be sure every single transaction taking place, any account access, any payment -- be it passwordless, MFA, or even physical -- matches the official identity of the person that was onboarded in the first place. All the KYC processes clients go through would mean nothing if someone else could use their credentials. But with face authentication you can verify that on each transaction. Only then can you have peace of mind that the person accessing your bank's accounts and systems is indeed who they claim to be.
In summary, KYC (Know Your Customer) is highly beneficial from a compliance and security perspective and can be automated. Plus, if you use face authentication on transactions themselves, as you perform it, you can be sure who the person accessing accounts and assets really is, on every single transaction, no cards or codes being passed around.
领英推荐
4. End the privacy compliance nightmare
The privacy saga.?Financial companies and many identity verification businesses, some quite small, have been building a huge castle of cards by centralizing personal identifiable data. This honey pot is any hacker's dream. Sometimes shielded behind anti money laundering and law-enforcing exceptions to GDPR, the truth is that all of the good practices of GDPR are somehow disregarded and centralized servers with scans of passports and customer photos have been created. Just like with?Facebook Analytica scandal back in 2018, the fuse is ignited and bound to quickly reach its destination. It is only a matter of time before very expensive breaches take place for which data controllers will be held liable.
Decentralize and put users in control, by design.?The modern take on identity is that users should be in absolute control of their data. As in, being the data controller themselves. In the so called self-sovereign identity paradigm, users obtain certified identity tokens that they can fully control and manage permissions for. Instead of storing scans of passports, pictures of customers, and archiving everything in your central server, companies simply use pointers to identity data that is held by the user, which in turn can abide by all the requirements of GDPR or other local privacy laws.
Centralized databases of personal identifiable data are a dangerous practice, which can be addressed through decentralized solutions for biometrics and identity data where the users are in full control of their data.?
5. Create awesome experiences while increasing security and privacy
Improve user experience and become a service everyone loves.?When you look at the combination of all the above ideas, you will find the whole is more than the sum of the parts. By bringing together all the above experiences, your customers will feel a holistic, seamless, personalized experience and will save on average 20 minutes every single day on using your banking services, recovering access, re-authenticating, switching context. They will love their banking experience and will recommend it, enabling your company to grow customer base. Just imagine the amazing degree of efficiency and personalization of the end-to-end banking journey in a?do anything with a look?world. No passwords, no cards, just people.
Increase security and compliance levels.?In addition to great customer experience and increased convenience, introducing face authentication in banking brings privacy and security to a whole new level. Just think about the security and liability ramifications involved with weak passwords or, in parallel, the costs of the IT help desk on recovering passwords or granting access to new users. All those become a thing of the past. Or the major liability of centrally storing all the personal identifiable information, including scans of passports and ID cards of every single customer, sitting there waiting for a major leak. The future is about keeping personal data in user possession and ensure only they can control it. Pure and simple privacy by design.
In summary, if you were unsure whether introducing seamless face authentication experiences would come at the cost of privacy or security, our recommendation is that you should certainly consider it, as cost savings and improved user experience are significant and potential costs originating from security risks and privacy compliance are in fact decreased.
Key takeaways
What's in it for you
By implementing these processes, your bank can:
How can you offer these features to your clients?
YooniK provides most of the face authentiation solutions described above and would love to bring them to your company. At YooniK we think that seeing is believing. And because we trust so much in the quality of our products, we make it possible for anyone to integrate and test our solutions in minutes.
If you're a technical leader or developer, to start integrating and testing, just?register?and?subscribe a free plan. Any specific tool you would like to integrate face authentication with? We're integrated with Auth0, Okta and are continuously expanding this list. Feel free to get help on our?discord channel?or get in touch directly with our?support team.
If you're a business leader or decision-maker and want to know more about how to offer banking experiences that just work,?send us a message?or feel free to?book a meeting?with our team of specialists, who will be happy to help.
You can also browse our pages to learn more about our?Hospitality,?Banking,?Retail?and?Digital Workplace?solutions.