Frictionless transactions: seamless authentication, secure customer data and cybersafe
If you look back over the past six months, what we have achieved through technology has been nothing short of remarkable. For all the pain that the COVID-19 pandemic has caused, in terms of digitalisation and the way consumers have accessed products and services online, the pedal has certainly been put to the metal. But the more we use digital technology the greater the risk of your cyber security being compromised.
In this changing world, there are ruthless entrepreneurs who are making money in this new economy. Unfortunately, they are cyber criminals and they are on the wrong side of the law. They pose new challenges to legitimate businesses, and companies need to think differently about how to protect their competitive advantage and develop new models with a goal of becoming and remaining cyber secure.
Cyber security professionals need to demonstrate they can protect the heart of the transformed business with an agility of thought and action that recognises the pace and speed at which cybercriminals operate.
Underlying its importance, the Federal Government announced in its 20/21 Budget an investment of $256.6 million dollars over the next two years to boost our nations digital identity with a focus on improving online access to government services and payments. The funding includes developing world leading facial biometric matching capabilities and trialling the use of digital identity with the states.
The landscape as we see it
With new technology comes a new standard. With increased use of online services such as banking, welfare and insurance people will expect an enhanced experience every time. The best customer experience will be from the company that provides the least ‘friction’ within their platform.
So, what do we mean by this?
Think about the time you logged into your favourite online shopping website for the first time in a while, and you forgot the password. To gain access you will have to login to your email, reset your password, and on some occasions, you might even need to enter a pin sent to your mobile. This is friction.
Now while this process is obviously there for security purposes, everyone wishes it could be easier. In response, many companies are leaning into a machine learning–based approach that enables them to understand their clients’ typical, yet unique characteristics and behavioural patterns, such as finger or voiceprints and a variety of physical biometric traits.
Rising to the challenge
First and foremost, companies – regardless of industry – should work to connect the data, authentication, and fraud teams systematically. A deep understanding of the governance requirements including, what data you’re pulling, who owns it, where it’s coming from, and how it’s going to be leveraged is the first and arguably the most essential step.
From there, businesses need to think about how they drive a better experience for their customers where they’re being asked questions to authenticate. It needs to be a priority to have a system in place where they can more easily identify themselves – again highlighting the notion that the less friction, the better.
It is important to note that much of this data will likely be stored in the cloud. Organisations need to know how to encrypt and protect it.
Further to this, companies will need to rethink the way they evaluate this data. The traditional approach of applying a massive set of rules to various data sets will no longer be tenable. It’s creates too many false positives and too many use cases to fall through the cracks for fraudsters to pick up on. The idea of leveraging machine learning algorithms to parse that data in a more efficient manner to identify behaviour-based trends is key.
Finally, businesses need to be alert to the correlation between people and technologies across their overall prevent/detect/respond process. They need to recognise the process not only spans the entire organisation, but also impacts the world outside with security issues open to being triggered by a third party.
In the end, it’s about lessons learned. When it comes to authenticating users, businesses need to take the time to review past incidents and reintroduce them to their security protocol for stress testing and less friction for business and consumers.
Read: Key Cyber Considerations in the New Reality, analyses the current situation of digital technology and how it is impacting businesses.
Tags Cyber security