Why do fraudsters love it when companies have a siloed approach to identity authentication?
PYMNTS explored this question in an article this week that focused on how enterprises can thwart fraud and improve the customer experience by breaking down organizational silos, or the walls between departments that become obstacles to sharing knowledge or accomplishing goals. The post, which quoted David Barnhardt, executive vice president of product at GIACT, touched upon several points that we think are worth summarizing for anyone interested in optimizing their company’s identity authentication and digital trust framework and not surrendering the customer experience to fraudsters:
- Barnhardt explains that approaching the job of identity authentication and fraud prevention from separate departments rather than as a whole company all too often makes things easier for criminals who can use the lack of communication between departments to their advantage. “Look at the enrollment group, tasked with protecting the front door,” he explains. “Then they hand off responsibility to another group to manage the ongoing customer relationship.”
- Just as the task of protecting customers against fraud should be a holistic and continuous effort, we need to shift our view of identity from something that is static (social security numbers, physical addresses, and knowledge-based security questions) to ongoing and dynamic. This can be accomplished by implementing next-generation tools such as continuous and persistent identity through anonymized ID tokens and a zero-knowledge architecture that can combat fraud more effectively by giving real-time insights into whether a person really is who they say they are when completing a digital transaction.
- This concept of a holistic view also highlights the need to bolster identity authentication with multiple verifiers of identity rather than just one or a few sources. Fraudsters exploit systems with limited identity verifiers because they are much easier to infiltrate or trick. Going back to the need for persistent identity, some identity verifiers will also have outdated information that could make it easy for scammers to break in, whereas having a number of backup identity verifiers with up-to-date information would decrease the chances of that happening.
In the grand scheme of things, all of these considerations will lead to higher customer satisfaction and engagement by offering customers a secure, seamless and end-to-end experience rather than just one-and-done transactions.
So how do your identity authentication processes and experiences stack up? Do they tick these boxes?
☐ Persistent: Do they create a unique and persistent identity token for each customer that allows for continuous identification across business units and channels?
☐ Private: Do they protect your customers’ data privacy by replacing their personal information with an anonymous encrypted token?
☐ Passive: Do they allow for a fast, frictionless and fraud-free customer experience where the customer does not need to take any action (such as typing in an SMS passcode or answering knowledge-based security questions)?
☐ Pervasive: Do they start with your marketing team and touch every functional team in your organization?
For the full article, visit PYMNTS