The financial services industry is in the midst of sweeping change. Earlier this year, we saw one of the latest shifts with the introduction of the European Union’s revised Payment Services Directive (PSD2).
In recent years, a growing number of organizations have employed two-factor authentication (2FA) as a primary safeguard mechanism. They all share the notion that requiring a second security layer will be instrumental in reducing data breaches and identity theft. Two-factor authentication is based on the fundamental assumption that at least two out of three authentication factors are used in the process (“something you know, something you have, something you are”). 2FA is not a new security measure, nevertheless, it is in extensive use, despite the growing recognition that it is not so effective.
As account opening continues to transition from physical to digital channels, financial institutions, issuers, lenders, and other organizations must optimize the digital experience of applicants in order to compete. At the same time, fraud is on the rise as criminals have become more successful than ever, thanks to some of the same digital channel benefits enjoyed by consumers: convenience, speed, and ease of use. To achieve the necessary balance between preventing fraud and providing a delightful experience for consumers, an approach to identity proofing that accounts for the channel, product, customer, and threat environment is absolutely critical. But regardless of the approach, inconspicuous solutions — like those based on applicant behavior — have a distinct role to play in how institutions manage the risk of application fraud.
The widespread digitization of financial services is causing large-scale and sweeping transformations across various facets of the business, creating new growth opportunities but also new challenges and inherent risk. In the insurance sector, particularly, digital transformation is driven by new competitive threats, ongoing cost pressures, aging technology and increasing regulatory requirements. Put all together, there is a huge opportunity to modernize, to create new business models, acquire customers on new channels and create competitive and compelling customer experiences.
BioCatch is a cybersecurity company that delivers behavioral biometrics, analyzing human device interactions, to protect users and data. Banks and other enterprises use BioCatch to significantly reduce online fraud and protect against a variety of cyber threats, without compromising the user experience.
According to multiple threat index reports issued at the end of 2018, the threat of Remote Access Trojans (RATs) is at an all time high. One RAT made Checkpoint’s Global Threat Index Top 10 list, while Proofpoint reports that the number of RATs doubled each quarter of 2018, accounting for more than 5% of all malicious payloads for the year, marking a significant change from the past.
As mobile devices eclipse computers and laptops as the preferred method of going online, fraudsters have followed users, porting their modus operandi –account takeover, social engineering, and malware based remote control attacks – to the mobile arena. Mobile has opened up many new ways for users to communicate and connect without being tied to a desk or a power outlet – and at the same time, it has presented hackers with many more opportunities to perpetrate fraud and carry out attacks that cannot be detected with traditional tools used to detect attacks in web sites. As a result, companies need to apply new fraud controls to protect mobile users and enable them to carry out transactions, check bank accounts, make purchases, etc.