The EU’s Payment Services Directive II (PSD2) and EMVCo’s 3D Secure 2.0 protocol are just two of many drivers compelling organizations to reconsider their customer authentication strategy. Selecting the right customer authentication solution is critical in order to combat rising levels of fraud and give consumers the best experience of online and mobile services.
If your organization is currently in the process of seeking to add or upgrade customer authentication services, or plans to in the near future, here is a practical checklist of five key questions you should ask to potential vendors:
1. Choice: What array of authentication choices do you offer to support a multi-channel environment?
The fact is, we no longer live in a Web-only world and as the volume of mobile transactions continues to grow, an authentication solution should be able to address the unique requirements of customers regardless of the channel they choose. For example, for high-risk transactions in the Web channel, an organization may choose to challenge a user with an out-of-band SMS but want to induce biometrics for the same transaction coming from a mobile device. The bottom line: consumers expect choice when it comes to authentication and want to be involved in the process. A recent survey found that 93% of consumers want to be involved in how their personal information and accounts are protected. Choice is an essential component to the overall user experience.
2. Convenience: How does your solution simplify the customer experience?
The “balance security and convenience” debate is more than just a marketing tagline. It is a real business challenge that organizations face, especially as it pertains to consumer-facing websites and applications. There are many elements that factor into convenience, including customer authentication choice and challenge rates.
3. Fraud Detection: What is your average fraud detection rate over time and across channels?
Fraud levels are on the rise globally with mobile becoming the number one cybercrime target; both as an originator, with 60% of overall fraud now originating from a mobile device, and a target. It is important for a customer authentication solution to be able to demonstrate consistent performance across multiple channels, and potential vendors should be able to readily produce their average fraud detection rates across various levels of intervention. You should also request other key performance indicators such as false positive and false negative rates.
4. Mobile First: How does your solution address the needs of mobile users?
Simply put, customer authentication must meet the demands of millions of global users who prefer to transact from their mobile device. This is not limited only to design, but it should extend to fraud detection and prevention, as the risk indicators for a Web transaction are going to be different than those for a mobile transaction. Therefore, a customer authentication solution should also offer optimized risk modeling to address fraud detection across multiple channels.
5. Market Ready: How prepared are you to help my organization address existing and future regulations?
Government and industry standards, such as PSD2 and 3D Secure 2.0, are helping to propel the adoption of customer authentication across the globe. Solution providers should actively participate in and influence key industry initiatives so that they can fully understand how it impacts an organization’s business strategy.
Regulatory powers are adapting existing regulations or introducing new ones to ensure that consumers are protected when using the latest digital services. While there are other considerations that your organization will likely have, such as deployment options and total cost of ownership, these five questions are among the most common ones asked as it pertains to consumer protection. A trusted technology partner should be able to easily answer them.
About Tim Ayling
Tim Ayling is the EMEA Director for RSA’s Fraud & Risk Intelligence division, where he is responsible for setting the EMEA strategic vision, sales, channel strategy and ensuring customer success for RSA’s fraud prevention solutions. Ayling has held roles in the information security and anti-fraud sector for over twenty years, with experience in both starting organisations from scratch in new markets, to steering a stable path through highly regulated markets. His experience spans the globe, with leadership roles in EMEA, Australia and Asia.
About RSA
RSA offers business-driven security solutions that uniquely link business context with security incidents to help organizations manage risk and protect what matters most. RSA solutions are designed to effectively detect and respond to advanced attacks; manage user identities and access; and, reduce business risk, fraud, and cybercrime. RSA protects millions of users around the world and helps more than 90% of the Fortune 500 companies thrive in an uncertain, high risk world.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now