The realm of possibility: A balance between security and convenience
This is a guest post by Kathleen Peters, Experian’s Senior Vice President and Head of Fraud & Identity, North America.
Security or convenience? It’s the question that many risk and identity management professionals have encountered since the dawn of the digital age. For many years, the consensus has always been that the two priorities couldn’t co-exist – one always came at the expense of the other.
Think about it – it’s nearly impossible to provide a seamless and low-friction customer experience when there’s an over reliance on login credentials and security questions, as well as mandatory account creation for one-time purchases. We’ve all experienced the frustration as customers when we need to reset our passwords. It’s a painstaking process that often requires remembering the first concert you attended or your favorite color or teacher, as well as adhering to strict parameters around the new password. Not to mention, this process likely extends across hundreds of other online accounts.
Let’s also consider the opposite end of that equation. Let’s remove the password and account creation requirements, as well as other barriers that prevent customers from accessing online resources. Customers won’t encounter any obstacles that might make online transactions more cumbersome, but are organizations positioned to quickly and accurately authenticate and verify a person’s identity? The lack of security protocols and solutions could lead to a higher frequency of fraud losses, but more importantly, negatively impact the customer.
While it’s been long assumed that these principles were at odds, we’ve reached a point where it’s no longer necessary to have a trade-off between the two. So, it begs the question, how do risk and identity management professionals achieve the elusive balance between security and convenience?
It’s quite simple. It’s a commitment to fraud prevention and identity management measures that extend beyond the use of basic demographic information and reliance on methods that can be easily defeated, such as security questions. Solely relying on traditional fraud and identity management methods can be problematic on both fronts.
Most organizations recognize the need for more fraud management resources. According to Experian’s 2019 Global Identity & Fraud Report, more than half of businesses globally report an increase in fraud budgets over the past 12 months. That said, 55 percent of businesses have reported an increase in online fraud-related losses – there’s a clear disconnect. While there’s an increased commitment to the fight against fraud, risk and identity management professionals may need to rethink their current strategies – and a refined approach can also bring the balance between security and convenience.
A better approach is to start by identifying the type of identity risk – for example, first-party fraud, synthetic identity, identity theft, etc. The added context enables risk professionals to uncover the best next action to take across the customer lifecycle. Does that next action require some friction or not? Does that next action require an additional check against alternate data assets and intelligence? Advanced analytics techniques and a broader universe of data assets make such assessments possible, but must be underwritten with decisioning capabilities and strategies along with compliant and explainable governance.
When risk and identity management professionals explore and implement security methods that rely on advanced data and technology, the balance between security and convenience is possible. In fact, based on Experian’s report, consumers ranked greater functionality (ease of navigation, visible signs of security and seamless access to accounts) and more sophisticated security measures as the top factors contributing to a better online experience. Fraud and identity management strategies, such as physical and behavioral biometrics, device intelligence, digital tokenization and document verification, offer more security and minimize the effort required on a customer’s behalf to prove they are who they say they are – many of these fraud strategies work behind-the-scenes to authenticate the customer. Additionally, the report shows when customers were exposed to more advanced authentication methods, such as physical biometrics, their confidence increased significantly.
For example, criminals and fraudsters tend to reuse data and stolen credentials at a high volume and attempt to access online accounts from one or two devices. If an organization can implement advanced device intelligence, it becomes easier to analyze and identify potentially fraudulent behavior – stopping it at the source. Risk management professionals can recognize the velocity at which credentials and information are being used and if the login request is originating from a location with frequent fraudulent activity – all without any increased burden on the customer.
On the other hand, a strategy employing identity document verification usually does require some interaction from the customer. However, it still drastically reduces the overall effort, by allowing an individual to submit images of their identification document and a selfie – saving the person time and energy, and perhaps even a trip to a branch or store location. Again, it’s important to assess the type and level of identity risk, as it allows organizations to determine the best approach to implement.
Risk and identity management professionals also need to move beyond the point-in-time mentality. That means applying advanced identity measures across the entire customer lifecycle – account opening, logins and transactions, among a host of other interactions. This approach enables organizations to continually protect a customer’s identity and provide an experience that could positively impact the customer for a lifetime.
A silver bullet for fraud prevention and identity management doesn’t exist. The combination of advanced data and technology can help organizations stay ahead of the criminals and still provide a pleasant experience for the customer. The security landscape will continue to evolve, but the battle between security and convenience has been solved.
About the author
Kathleen Peters is the Senior Vice President and Head of Fraud & Identity for Experian’s Decision Analytics Business Unit in North America.
DISCLAIMER: BiometricUpdate.com blogs are submitted content. The views expressed in this blog are that of the author, and don’t necessarily reflect the views of BiometricUpdate.com.