DBA, The Key to Improving Security and CX Without Compromise


Written by Seshika Fernando, Vice President of Banking and Financial Services, WSO2


Today’s consumers demand Amazon-like digital banking experiences. However, striking the right balance between customer experience and security remains an arduous challenge for banks. A consequence of user-driven authentication mechanisms is that a better customer experience usually comes at the expense of robust security measures.

Contributing to the challenge is the fact that the majority of banks today rely on user-driven customer identity and access management (CIAM) systems. This requires customers to provide information each time verification is needed. One such example, beyond using a basic username and password, is multi-factor authentication (MFA). This form of authentication performs more comprehensive checks on customer authenticity and intent. MFA requires customers to submit different types of information at various verification points during their digital interactions. This information typically comprises three elements: something you know (e.g., a password), something you are (e.g., biometrics/fingerprints), and something you have (e.g., a USB fob or token). While MFA was popular a few years ago, it has now become a nuisance for customers.

Some banks have tried to reduce the friction by introducing biometric verification, but this doesn’t solve the problem completely because it still requires a specific action from the consumer and is only available to users with biometric technology.

While user-driven authentication measures have been crucial in the fight against fraud, they also disrupt the customer experience, create a sense of distrust, and potentially deter customers from completing their transactions. Furthermore, they are not foolproof against sophisticated fraud attempts.

Introducing data-driven behavioural authentication (DBA)

Fortunately, the emergence of data-driven behavioural authentication (DBA) offers the potential for banks to provide the seamless experiences that consumers expect. The crux of DBA is its ability to utilise vast amounts of data to automatically verify customers while they are interacting with the digital banking channel. It does not require the customer to take any specific action, thereby creating a seamless, uninterrupted user experience. Additionally, DBA allows for more comprehensive verifications with increasing frequency. As a result, DBA not only enhances security but also improves customer experience in a virtuous cycle, driving loyalty and trust.

Personalisation through DBA

In today’s ‘always on’ world, consumers tend to expect ultra-personalised digital services, whether it’s movie recommendations from Netflix, workout programmes from Apple Fitness, or a financial statement from their bank. DBA can play a crucial role in meeting those expectations. Unlike traditional CIAM technology, DBA also provides the ability to expose identity data as APIs that can be used for personalisation via AI and machine learning technology.

Personalising financial products goes beyond just collecting data on a customer’s digital banking usage. It involves understanding life events such as buying a home, getting married, or having children, which can be found in other sources like social media feeds. Some progressive banks are already leveraging this information, but it relies on customers’ comfort in sharing such data and the bank’s ability to handle privacy and access it for personalisation. Modern CIAM systems with open banking support enable granular customer consent, allowing them to specify what data can be shared, with whom, for how long, and for what purpose.

Conclusion
DBA presents a compelling solution for banks seeking to enhance security and CX simultaneously. By automating background verification. It also enables banks to deliver ultra-personalised services based on comprehensive customer insights. As banks embrace DBA, they can achieve a delicate balance between security and a seamless customer experience and stay ahead in the increasingly competitive financial services landscape.

Previous post The CISO’s next priority isn’t technology. It’s building a great Employee Experience
Next post Cybersecurity for SMEs: seven steps to a Zero Trust approach