Biometric authentication is nothing new for banks. Fingerprint scanners are an example of a commonly accepted form of password-less authentication. But with fraud on the rise, banks must find a better way of managing authentication systems.

The challenge is to manage authenticators and meet compliance standards without being tied to any particular vendor or modality. Accenture believes the solution is an "authentication hub" that can:

  • Pick and choose biometric and non-biometric authenticators.
  • Embed existing authentication technologies, thereby reducing or eliminating technical debt (flaws, complexities, and inadequacies that make legacy systems unfit for today's business environment).
  • Deploy a flexible architecture for greater fluidity, while facilitating compliance with emerging legislation.
  • Offer contextual, risk-based, and persistent authentication to help reduce fraud and improve the customer experience.
  • Prompt customers for a secondary authentication method in case of a breach.

Driven by Payment Services Directive 2 (PSD2) regulations, a rise in payment fraud and client expectations to improve the customer experience, biometric authentication is being widely pursued in the financial services sector.

Essentially, with biometiric authentication, banks can save time and money while fighting fraud

Authentication in the New

The idea of an authentication hub will allow customers to sign on to accounts seamlessly using one authentication method. Banking customers can now use biometric authentication at ATMs, and some are also pioneering new authentication methods, such as social login. A single, simple interface would eliminate the need for customers to authenticate on individual applications.

This new type of authentication platform would facilitate multi-factor and multi-modal authentication and use data from transactions, risk and fraud systems to make informed decisions about what the customer can do. Because the framework only needs to be integrated once to provide access to all the authenticators, it is easy to reuse them for many business functions—such as transaction authorization, third-party access via APIs or cross-channel authentication from branches or contact centers.

Components of the authentication hub explained:

Mobile Know Your Customer (mKYC) technology to facilitate identification and verification for digital user enrollment and account sign-up

Biometric Authentication Framework to integrate biometric authenticators, such as voice and fingerprints

Pick and choose authenticators that allow users to nominate how they authenticate within acceptable security baselines, including the ability to plug and play legacy authenticators, such as OTPs, PINs and pattern drawing; as needed

Risk engine aligned to fraud, and that provide information and context on users, behaviors, devices and transactions

Signing in the New with both tactical and strategic solution to eliminate wet signature in both the short and long term

The biometric authentication hub is made up of five components

Pick and choose authenticators

Banks must define how biometric authentication will help them reach their objectives. Biometric technology in smartphones and wearables offer many new authentication capabilities that can seamlessly work together through the Authentication Hub. An omni-channel vision can help firms determine which authenticators are most useful. These will be deployed on a flexible, compliance and secure architecture via a hybrid approach to take advantage of the benefits of both a centralized server environment and on-device security.

In addition to giving the business more choice, a flexible hub architecture also provides much greater consumer choice by allowing end users to select their preferred means of authentication—within the risk guidelines defined by the hub.

Explicit

Knowledge

PINs, passwords

Possession

Smartphone, card reader

Inherence

Biometric factors

Persistent

Continuous contextual authentication

Geolocation, travel time

Continuous behavioral authentication

Typing, swiping, device usage

Risked-based transactional authentication

Payment values, recipients, patterns

Deploying an Authentication Hub requires careful consideration and a vision for how authenticators can be reused to solve wider business problems, such as document signing and transaction authorization. Now is the ideal time for firms to explore how this technology can help them improve customer service and cybersecurity. Read the report to learn more about the technical capabilities and use cases for the Authentication Hub.

About the Authors

Christine Leong

Managing Director – Accenture Security


Daniel Bachenheimer

Principal Director – Accenture Security


Dan Preston

Manager – Accenture Financial Services Technology Advisory


James Alexander

Manager – Accenture Financial Services Technology Advisory

MORE ON THIS TOPIC


Subscription Center
Stay in the Know with Our Newsletter Stay in the Know with Our Newsletter