Hand-in-hand: How to bring security and simplicity together in mobile banking

By Christina Luttrell, Senior Vice President of Product, Client Solutions and Marketing, IDology

The way we bank is rapidly changing. According to CACI, consumer visits to retail bank branches are expected to drop 36 percent between 2017 and 2022. It's not surprising that many financial institutions are feeling the pressure to rethink and, in some cases, revolutionize their approach to mobile banking.

Money transfers, bill pay, check cashing and a long list of other banking transactions that were once carried out at a branch or on a desktop computer are now taking place on mobile devices.

This shift is driven by: 1) the fact that mobile is more convenient; and 2) it's especially relevant to digital natives and millennials who are simply more comfortable transacting on mobile devices.

Unfortunately, the mobile banking channel comes with increased vulnerability. Also unfortunately, many financial institutions make the mistake of separating fraud prevention from customer experience when, in reality, the two should go hand-in-hand.

Mobile users rely on legacy identity verification and authentication processes that are rooted in desktop or even in-branch experiences. For mobile banking purposes, though, this can be inconvenient, requiring too many steps to afford a positive customer experience.

An excessive number of steps can be off-putting to the mobile user, resulting in transaction abandonment and attrition, while still doing too little to protect accounts from increased risks associated with the mobile channel.

Know Your Customer — and their mobile device

From account opening to document review, banking processes need to be rethought with the mobile customer in mind.

As mobile becomes more popular with consumers, it becomes more popular with criminals, as well. Identity thieves are constantly testing new ways to exploit device vulnerabilities by masking their identity and device attributes.

Meanwhile, as transactions migrate from branch to mobile, Know Your Customer isn't going anywhere. Instead it is being extended to the device, ushering in a new requirement to "Know Your Device."

Further complicating authentication, data breaches have created a huge marketplace for the sale of identity and account data on the Dark Web. As a result, a "perfect identity" or a seemingly legitimate and matching set of ID credentials can no longer be taken at face value. This is why "knowing" the device has become so important.

Many of the older password and two-factor authentication methods are easy for fraudsters to compromise. And even one-time passcodes for two-factor verification delivered via SMS are now considered less secure due to the proven ability of fraudsters to intercept these messages. Not to mention the clunky and often frustrating user experience.

The answer to the mobile banking conundrum

Fortunately, it is possible to meet the demand for quick and easy account access and address the complex security vulnerabilities that come with mobile.

Innovative financial institutions are striking this balance by combining device and activity attributes to create a more thorough digital footprint of the customer. And, they're doing it behind the scenes to make mobile transactions effortless for customers.

When the dust settles in the mobile banking marathon, the winners will be the competitors who really know their digital customers. So how can you step up your mobile banking game? By doing these three things:

Simplify mobile security. Make customer experience part of the fraud prevention conversation. Your customers should not have to go through a lengthy, multistep process to verify their identity just because they've chosen to interact with your institution on a mobile device. Rethink how you interact with mobile customers. Leverage technology and innovation to make verification quick, effortless and safe.

Rethink identity. Think about customer identity as more than the static attributes of name and address. Advances in technology make it possible to profile and authenticate a customer behind the scenes using elements such as mobile carrier data and characteristics of their mobile device. 

Stay on top of trends. Knowledge is power. The best way to keep fraudsters at bay is to know about the latest technologies — and the dynamic methods fraudsters are to try to compromise them.