Changing Authentication For A Changing World

In the hot-off-the-presses PYMNTS Digital Identity Tracker™, powered by Socure, Adam Vancini, head of authentication for virtual channels at Wells Fargo, explains why the­­ bank is turning to mobile to better authenticate customers. Find that, plus the latest headlines and rankings of 116 top players in the space, inside the Tracker.

From their affinity for brunch (and avocados on toast) to their attachment (uncorded, of course) for subscription services, it’s no secret millennials have some significant spending differences compared with older generations. According to research, the newest group to hit adulthood is more interested in preserving their financial and personal freedom than settling into a long-term job or tying themselves down to long-term commitments like a monthly payment on a car or house.

That may be all well and good for the young consumers themselves. But those changes in spending habits are causing friction for those charged with ensuring that consumers are who they claim to be.

According to Adam Vancini, head of authentication for virtual channels at Wells Fargo, banks and financial institutions have long relied on traditional indicators to authenticate consumers — but these new young consumers aren’t behaving the way banks are used to. That means security experts like Vancini and his team have had to develop new methods of identifying and authenticating users, based on the new spending habits of younger consumers.

And in a recent interview, Vancini told PYMNTS that it isn’t just new consumers who are causing complications — it’s also new transaction types that deliver increased speed and access to consumers and businesses. And as with most anything new in the digital realm, there are inevitably also new vulnerabilities for fraudsters to attempt to exploit.

Focusing on mobile millennials

As a result of the increased generational emphasis on savings and flexibility and rejiggered financial priorities, many millennials lack a credit history and other basic identity authentication indicators.

While he noted that more millennials will likely purchase cars and homes eventually, Vancini said the fact that these landmark events are happening later in life, if at all, has forced him and his team at Wells Fargo to come up with new ways of identifying and authenticating young consumers. Some of those tools are designed to help the financial institution better understand existing customers — using data from spending histories, for example, to help determine typical activity for individual customers and flag inconsistent or fraudulent charges.

“If you think about the behind-the-scenes data that’s available, we can get a pretty good snapshot and pretty good identity confidence levels about our new customers,” he said. “Once a millennial, or anyone else, has an account with us, there’s a lot we can do to learn about their habits and use that information to help protect them.”

But the bigger challenge is identifying and authenticating new customers as they open bank accounts. In those cases, Vancini said the company relies on technology that millennials have in their hands constantly — smartphones and other mobile devices — to learn more about new customers. By using information gleaned from mobile device usage, like GPS location data and behavioral and biometric data, financial institutions can learn more about these new customers and determine whether to authenticate them — or not.

“We can get a really high confidence level about a consumer using the mobile device the customer is coming in with and using,” he explained. “That can be a tremendous help. One of the great things about millennials and about this era of innovation we’re living in is that the way people use mobile devices and the things we can recognize about mobile device usage make them a really secure method both for the consumers and for us.” 

Making faster payments more secure

And it isn’t just consumers and their spending habits that are changing — the technology that people and businesses use to send and receive payments is changing along with them. One of the innovations Vancini pointed to in the payments space is real-time and instant bank transfers, which promise to reduce logistical issues that accompany payments.

But while that technology may be giving businesses and customers new capabilities, it’s also giving fraudsters new weaknesses to exploit. Faster and real-time payment types are especially vulnerable, Vancini said.

“The immediacy means you need to feel really comfortable with your authentication process for real-time payments, because once that money is gone, it’s gone,” he said. “It’s much harder to get it back or stop or fix a fraud attack after it’s happened.”

In order for both the bank and its customers to feel comfortable with real-time transfers, Vancini and his team have worked to offer new security methods. These include two-factor authentication, along with other security methods specifically built for faster transaction protection, such as Early Warning, which can help determine how likely a transaction is to be fraudulent before it’s processed.

“In most cases, that protection comes in the form of a one-time passcode, which gives us a second factor of authentication, and it’s really easy to use,” he said. “But we’re also using a lot of the information that underlies those transactions to really understand, ahead of time, the risk associated with a transaction. That’s what gives us that comfort and confidence in these transactions.”

Keeping up with what’s next

Security experts around the world are still adjusting to the changes set in place by millennials, but Vancini said it would be silly to believe that the revolution is over — or that more changes aren’t on the way.

In just a few short years, “post-millennials” — the next generation — are predicted to make up more than 40 percent of the North American population. These consumers seem eager to spend on experiences like meals at restaurants, video games and leisure, rather than items like fashion or apparel.

And perhaps unsurprisingly, they’re even more plugged into mobile devices and social media than older generations, including those no-longer-all-that-scruffy millennials. And, Vancini said, being plugged in is a good thing, at least as far as security is concerned.

“One of the most exciting things in this space is that innovation is making things more secure and really leaning on mobile devices and mobile device usage,” he said. “It’s also increasingly where the cool customer experiences are happening and where customers want to interact online. In the past several years we’ve really seen a merger of safety and customer experience that’s predominantly happening because of the usage of mobile devices.”

As consumer patterns and the world itself continually changes, security providers will inevitably need to also continually adapt quickly to keep up. For now, the answer’s inherently elusive, because it’s mobile.

To download the June edition of the Digital Identity Tracker™, powered by Socure, please fill out the form below 

    First Name*

    Last Name*

    Title*

    Company*

    Work Email*

    The PYMNTS.com Digital Identity Tracker™, powered by Socure, is a forum for framing and addressing key issues and trends facing the entities charged with efficiently and securely identifying and granting permission to individuals to access, purchase, transact or otherwise confirm their identity.