If you accept the fact that digital fraudsters are never going to just go away, Trulioo Senior Vice President of Identity Solutions Garient Evans told PYMNTS, the case for a collaborative, personal and professional response starts to make a lot more sense.
Add in the fact that the rise in digital commerce has broadened the range of potential targets, and addressing this user authentication problem takes on a newfound level of urgency.
“These attack vectors are increasingly clever and successful,” Evans said, noting that the situation has left consumers ever more cynical about being the victim of data theft and feeling powerless about being able to prevent it.
That concern stands in conflict with the reality that consumers also expect convenience wherever and whenever they transact digitally, he said, thanks in part to years of “training” by sites such as Amazon that has conditioned them to expect single-click convenience no matter where they shop.
“You take that cynicism, and you try to balance it with convenience,” he said. “So you have to be able to offer a secure account opening experience and make sure that people see it and feel it to create a sense of trust.”
Secure From The Start
Consumers understand we live in the era of the data breach, but as a result, they are also increasingly willing to embrace a bit of friction in return for knowing their data will remain secure after onboarding.
As Evans noted, this openness can be likened in part to the development and deployment of biometrics, including Apple’s embrace of the technology, versus a generation ago, when the idea of a constant fingerprint and facial scans would have creeped-out many consumers.
“I think that’s a corollary to what you can experience when engaging with consumers to open an account, and then providing them with ongoing access,” said Evans. “That small tradeoff between convenience and security needs to exist. I think consumers are now expecting options for how to onboard themselves.”
Those options work best when firms are upfront and honest about what they are and why they exist, he said. A good example is a firm that has turned onboarding into a multi-level process. At the simplest level, the sign-on would be a name and an email address. As the consumer adds onto their use of a platform — to transact, to buy cryptocurrency, to send money to friends and family, etc. — the authentication and requirements increase.
“It’s a clever way to create engagement with the brand, and to also inform the consumer about why you’re collecting what you’re collecting,” Evans explained. “And that’s before you allow them to transact, which is upping the risk associated with that new account relationship. So, there are many clever ways to start opening these accounts, engaging with consumers and giving them options.”
An Ever-Evolving Landscape
We will never live in an environment where no data is collected, but that doesn’t mean the current environment is static either. Evan noted the regulatory winds in the U.S. are shifting to resemble Europe more closely, with an increasing drive to allow customers to better understand what is collected and who has their data, and to give them the option to correct the information or have it deleted if they so desire. Businesses need to develop a privacy-centric approach by avoiding the collection of extraneous information, explaining what customer information is being collected and using it for its intended purpose.
The challenge for the entire ecosystem will be working collaboratively to “get smarter as fraud fighters,” said Evans. Consumers are willing to participate and have their data used by things like artificial intelligence (AI) as part of verification and authentication in order to protect their own safety.
“Folks are willing to fight fire with fire when it comes to stopping these fraudsters,” said Evans. “Three-quarters of people say they feel secure when asked to log into their bank account, for example, to verify their identity. I think we’ve reached the point where customers understand it, and they’re willing to participate to prevent fraud.”