- Security TWENTY
- Women in Security
With banks increasingly faced with pressure to innovate across digital platforms, the vulnerability of users and their data is inevitably growing. To counter this threat, a number of security innovations are rising up to provide security solutions to financial services, but how can banks make the correct decisions on what security innovations are best for their organisation and their customer requirements? asks Neil Costigan, CEO of biometric authentication product company BehavioSec.
1) Analyse security alongside usability: Today’s banks are expected to provide on-the-go services, and their security options need to fit with this model. Adding supplementary security hardware such as card readers can reduce potential risks by introducing two factor authentication, but this frustrating additional security barrier goes against the bank’s intention of providing a digital streamlined service. Finding a balance between security and ease of use has never been more important.
Behavioural biometrics can provide an answer to this issue, as it sits in the background of the technology device, rather than proactively requesting for a user to pass through more authentication processes. It can assess behaviour such as the speed at which someone types or holds their device, while enabling them to continue with an uninterrupted interaction with the device.
2) Adopt multiple layers: Alongside minimising customer disruption, banks are also seeking technologies that enable them to introduce increased security to their businesses without impacting company activity.
Undergoing an entire IT overhaul every time the bank introduces a new security measure simply isn’t an option. As such, it is important that the security they invest in does not require them to take an “either, or” approach – that forced them to completely remove existing technology in order to replace it with another. Moreover, by layering on top of existing solutions, financial institutions won’t just be relying on any single control for authorising important transactions.
3) Steer away from the blanket approach: Adopting a layered approach allows banks to embrace niche specialist security providers, rather than investing in a service that offers a broad brush approach to security. A flexible security strategy allows a bank to be more forward-thinking in its approach, and implement more tailored solutions.
4) Maintain responsibility: It is crucial that banks maintain responsibility for their customer data, rather than relinquishing control over to their security provider. The security solution should act as a jury – analysing insights on the behaviour of the user and flagging warning signs of uncharacteristic behaviour to the bank. It is then up to the bank to act as judge – making the final decision on whether the user should be granted access. As such, banks need to pick security providers that deliver strong insight and data that enables them to make informed and smart decisions on authentication.
Banks realise that security is not a competition point, and is a crucial component in ensuring their services run smoothly without risking their customers’ data. Consumers expect bank’s services to be secure and are unlikely to see a banks security measure as a reason for choosing their services. However if a bank fails to ensure its data is safe it is enough of a reason for them to take their custom elsewhere. Consumer complacency has now placed all the pressure on the banks to make complex decisions about the solutions they need to protect their customers.
Developing a security checklist that suits the bank’s requirements is an essential foundation for making informed decisions on the best security measures. Security may not be the deciding factor that encourages new customers, but usability and determining client satisfaction is essential in preventing customers from considering a competitor.