Financial institutions (FIs) must continually focus on providing seamless and secure customer onboarding experiences.
Those with too-stringent authentication measures risk losing customers behind locked digital doors, while those with weak verification tools are holding those doors open for fraudsters.
FIs are out of options, however, as they have an obligation to create and maintain a balance that enables customers to securely complete onboarding processes without pushing them toward abandonment, Patrick Sells, chief innovation officer for digital-first FI Quontic Bank, said in a recent interview with PYMNTS. They must also keep up with digital banking innovations to ensure their platforms can both oust fraudsters — who often have access to equivalent technologies — and keep customers satisfied.
Quontic Bank recently upgraded its digital onboarding solution to that end, focusing further on identity verification and eliminating many common authentication and fraud protection friction points. The crucial change is not how it is authenticating these customers, Sells said, but the data it is now using to do so.
“That [onboarding] process at most banks takes eight, nine, 10 minutes and is slow and cumbersome,” he explained. “The process we [rolled out] takes about … three minutes. It is much easier for the consumer and much safer for the bank. The key to how we have been able to shorten that experience and process is by using data [regarding] who a customer is to verify [their identities].”
Seamless onboarding requires current data, Sells added. Making sure customers can authenticate quickly allows them to begin communicating with their banks and interacting with financial services as soon as possible. This is particularly important because consumers expect the same instant services from FIs that they receive from other businesses online.
The Problem of the Retail Experience
A large share of U.S. consumers quickly transact through digital and mobile channels, meaning they now expect banks to do the same — even at their first point of contact. FIs must thus be prepared to onboard potential users the way large-scale digital retailers would: in a few minutes and with minimal questioning.
Most FIs are well-acquainted with these expectations and are searching for technologies that can bring eCommerce-style onboarding to the financial space. Quontic Bank operates just one branch in New York City and pivoted to focus on its digital experiences approximately a year and a half ago. The decision largely involved abandoning its brick-and-mortar services, and the FI learned that creating retail-like experiences requires extensive and accurate data.
“Technology is an example in which we can use Big Data to create better experiences for customers, and you see that in our lives as consumers,” Sells said. “When we shop, we go online and Amazon knows exactly what we want. [It is] doing the same thing and using data to drive that experience, and that is one of the key things that we are doing: … using data that is available to us to not only make the experience of interacting with [us] better but also more intuitive and easier.”
Using alternative data streams such as geolocation, online shopping behavior or mobile app analytics is much easier after customers have already onboarded, but banks can also use them to help build out more detailed customer profiles and differentiate legitimate users from bad actors. Their access to this information during onboarding has been limited to keep that process as seamless as those of online retailers, however.
Amazon and like businesses onboard users in an instant with an email address and password — and sometimes verification codes sent to these addresses for two-factor authentication (2FA) — but that is the critical point at which banks must deviate in their approaches. Amazon does not need personal identifiers like Social Security numbers or home addresses up front because those can be verified at the point of purchase if necessary. These key data points can help FIs determine if users’ identities are real, however, meaning they are needed to match retail’s onboarding times with greater security.
Legacy onboarding processes cannot keep up with the number of digital applications consumers submit daily, making digital onboarding even riskier. Accepting these applications at speed could result in inadvertently approved fraudsters gaining access to FIs’ platforms. Blocking identity theft, IP address or new account fraud is thus a challenge for banks before, during and after onboarding, Sells said. Data is the key to making sure FIs have the information they need to protect against fraudsters at every step because one data point can be cross-referenced with multiple others to ensure legitimacy.
“The key with third-party data is to not overly trust any one data point but to understand the totality of the picture being painted,” he explained. “It is easy for a false positive data point to exist, hence the need for the large data set.”
Larger data caches are critical because more information is better for banks as they build out cohesive online customer profiles. Voluminous data caches contain more specific customer information that helps FIs distinguish between real and illegitimate actions, while those based on weaker or smaller data sets do not have enough points available to ensure certain online activities fit consumers’ typical patterns, making onboarding processes more vulnerable to fraud.
Data and the Security Game
Using these large data sets for seamless onboarding processes allows FIs to use diverse information about consumers’ online lives to verify them. This may help stop fraudsters, but banks must be sure to keep seamlessness in mind.
Quontic Bank’s onboarding solution uses several third parties to ensure this balance is met, including those that provide verification technologies to ease security burdens. Such partners’ expertise and data caches provide FIs with alternative perspectives on customers’ online behaviors and are essential to stopping cybercriminals from gaining access.
Banks need expansive back-end data sources, such as digital receipts and security metrics like biometric authentication, that will help them achieve both efficiency and security during onboarding. These databases allow FIs to build more transparent views of their customers and stay one step ahead of fraudsters, especially as large-scale data breaches and hacks grow cybercriminals’ information pools.
“There is probably an immeasurable [number] of data breaches, so the combination of that and just the nature of our lives [means] we have much larger data footprints,” Sells said. “Bad actors out there … have a plethora of self-generated data. They have data they can get from these breaches, and they can manipulate that data to try to commit bank fraud … That is probably the area we see the most activity, if you will.”
Banks must be sure to safeguard their platforms against fraudsters using stolen data to perpetrate attacks. Doing so can be especially difficult during onboarding if FIs do not have access to alternative sources of information, like consumers’ typical online browsing habits or spending patterns that showcase their normal activities. Fraudsters rely on such gaps to convince banks they are legitimate with only one or two pieces of stolen information, but banks that can quickly and seamlessly authenticate legitimate users, without adding too much friction to the experience, will likely gain savvy consumers’ loyalties.