By Iain Swaine, Head of Cyber Strategy EMEA at BioCatch
The Twitter vs. Elon Musk saga is a lesson to any business built on user numbers – quantity doesn’t guarantee quality. Today, banks and FinTechs are aware that they must switch from a growth-focused strategy to one that caters to the requirements of its key demographics and fosters loyalty if they are to become profitable, robust, and able to weather the current economic storm.
This was a key theme at this year’s Money 20/20 show. The convergence of customer experience, loyalty, digital transformation and fraud suggested a new paradigm for strategic success: slower growth and increased quality. For example, neobanks like Starling articulated its strategic focus on attracting and retaining those in its key demographics to achieve profitability instead of chasing numbers of accounts.
That’s a wise move since, according to BankInfo Security, 85% of new account opening applications are subject to fraud. The old days of valuations in terms of number of users are disappearing fast. It is clear that when banks solely chase large numbers of account openings, criminals are happy to oblige and systems may not be of the highest cybersecurity standard, meaning they open fake accounts to support their criminal enterprises. Indeed, FinTechs see three times more fraud than traditional banks for exactly these reasons.
For most growing companies soaring account openings are cause for celebration, illustrating strong user adoption and brand recognition. Criminals see growing companies looking to quickly on-board new customers as a ripe opportunity. For example, one bank’s promotion for high-income prospects to obtain immediate approval for a deposit account and a credit card with a single application resulted in a subset of criminal applications. These were later tied to down-the-line credit fraud losses and exploitation of mule accounts.
Similarly, while digital and automated account processes have helped banks provide faster services to customers, they are also susceptible to cybercriminals who can use stolen or synthetic identities to create new accounts. This can generate millions of dollars in fraud losses for individual institutions and erode trust.
Undetected fraudulent account openings are a clear path to failure. Success and long-term viability are proved by building genuine customer loyalty – which requires a holistic approach that incorporates the latest digital technologies, seamless customer experiences and more robust fraud detection and prevention.
How to cultivate lasting loyalty
Providing a flawless client experience (both online and offline) and guaranteeing the highest level of fraud protection and prevention are two essential components for banks in fostering customer loyalty. Battling fraud to protect customers is essential – but at the same time, customers want a fast and seamless digital experience they expect from consumer-style apps.
This is the great challenge for banks, traditional and new. They need to ensure that application and transfer processes are consumer-friendly while also ensuring stringent fraud checks. Banks must continue to deliver a frictionless experience to loyal customers while working hard to protect them as they engage with more and more services. Adding layers and layers of identity authentication can alienate customers and lead to genuine application abandonment, while increasingly complex criminal networks can still easily sidetrack many current fraud protection programs and processes. Banks cannot keep up with how hackers are overcoming each new layer, from passwords to device IDs, one-time passcodes, and various authentication tools.
From social engineering to credential stuffing, criminals are adept at using digital trickery to break down prevention barriers. However, they cannot fake the genuine behaviours of a valid customer. In the fight against fraud and toward safe, streamlined customer experiences, behavioural biometrics is taking a stand on the front line.
Reversing the course of criminal behaviour
Behavioural biometrics uses machine learning to analyse user behaviour to differentiate between legitimate users and criminals, preventing fraud and identity theft while also enhancing consumer experiences. It does this by analysing real-time physical interactions such as keystrokes, mouse movements, swipes, and taps, profiling user activity on both the user and population levels to identify behavioural anomalies and patterns associated with genuine and fraudulent activity.
Like poker players always have their ‘tell’, cybercriminals cannot mask the subtle behaviours that set them apart from genuine customers. For example, legitimate users tap into their long-term memory when continuously entering personal information, knowing their details well, while cybercriminals often pause to reference information or use copy and paste functions as they input unfamiliar information. Another example looks at age-related behaviour, how a senior citizen enters data is different from that of younger users, which can signal when a cybercriminal is trying to take over the account.
Even if the profile seems to represent a known legitimate user’s physical traits and preferences, micro-behaviours can even give away the user’s emotional state. For example, cognitive analysis can uncover even the most advanced social engineering scams by determining whether a user acts with purpose or exhibits signs of duress. Some of today’s most sophisticated attacks can be detected only when fraud protection solutions continuously monitor throughout a session for the most subtle deviations in user behaviour.
In essence, preventing fraud is essential to the success of today’s financial services, from account opening to steadfast loyalty. Criminal behaviour patterns stand out in a huge group of genuine users; it requires cutting-edge technology to find them, but they are impossible to conceal. Adopting behavioural biometrics allows true customers to experience seamless interactions and fraud protection merely by being themselves. The financial sector has undergone a digital transformation today, and frictionless services and secure protection are essential. With the use of strong AI and machine learning, we can now leverage criminals’ actions against them and give devoted consumers an even better experience.