Financial institutions have some of the most stringent authentication processes across e-commerce. Users have to choose a username and password, set answers to multiple security questions, and set up two-factor authentication. In addition to all of this, they'll also need to remember a PIN for the ATM.
Worse, when any one part of the above chain breaks down, perhaps because the user hasn't logged on to the institution's system for a while or forgot their password, user inconvenience skyrockets, and the user is then forced into a workflow of having to remember answers to security questions, be able to receive temporary codes on their mobile phone, reset their password, and all within a certain time period.
To say there is a lot of friction in the financial institution login process is an understatement. One of the main culprits behind all of this friction is the password. It simply won't go away. Not only are passwords inconvenient, but they are also prone to be hacked.
“Under current protocols, users gain access to their banking assets through one-time passcodes or go through multiple knowledge-based authentication questions, such as their mother’s maiden name, first pet, and even social security number,” Collin Davis, CTO of Pindrop, an AI-based voice authentication and fraud detection firm, told tearsheet.co. “These are not only time-consuming and inconvenient for customers but are also an easy target for fraud. Our research shows that fraudsters tend to successfully respond to these questions more than half of the time, while the actual user forgets the correct answers 20 to 40% of the time.”
Many services, including financial institutions, are slowly moving away from password authentication. This is happening mostly on mobile phones through face authentication. However, the process is still tied to a password since one has to be set up to open financial accounts.
Face authentication falls under biometric authentication. In addition to face authentication is voice verification, now being used by many financial institutions. These two biometric authentication processes are helping transition away from password authentication. It is true that a password must be established initially, but thereafter, authentication can proceed using biometrics.
Biometric authentication has the added benefit of being far more secure than passwords.
So, when is the right time for financial institutions to ditch passwords? As mentioned, that transition is already underway. There's no cold turkey solution where institutions can just drop passwords completely for biometrics. Establishing biometric credentials immediately without the aid of passwords doesn't really exist yet. But institutions are on the right path to phasing out consistency dependencies on passwords.
Let Us Know What You Thought about this Post.
Put your Comment Below.