Strong Customer Authentication

Driven by regulation such as PSD2 and industry standards including 3-D Secure 2, financial institutions are on the hook to deliver compliant identity authentication.

people walking view from above
Radial circle
Abstract image

Adaptive authentication helps banks to deliver strong customer authentication

PSD2 in Europe and 3-D Secure 2 globally require payment service providers to develop compliant identity authentication strategies that are risk-based and take account of customers’ abilities and preferences. With adaptive authentication, decisions about when to deploy authentication and what methods to use are appropriate and optimized for each occasion.

What authentication strategies are banks investing in?

As payment service providers adapt their authentication strategies to meet the requirements of 3-D Secure 2 and PSD2 Strong Customer Authentication, we wanted to know more about their priorities. FICO’s 2020 banking survey found the following near-term investment priorities:
Abstract image
Percentage of banks planning to enhance customer experience of existing authentication
Percentage of banks planning to enhance device recognition capabilities
Abstract image
Percentage of banks planning to enhance biometric capabilities
concrete steps
Percentage of banks planning on improving the collective working of existing authentication capabilities across areas
Take a risk-based approach to strong customer authentication

Financial services organizations want to make a proportionate response to risk that is also compliant with regulatory and scheme rules.

When strong customer authentication is applicable, customers must be authenticated using at least two factors each from a different category of inherence, possession, and knowledge.
Something you are; this includes physical biometrics such as fingerprints, facial images, and voiceprints, and behavioral biometrics such as keystroke analysis.
Something you have; device telemetry and one-time passcodes delivered by SMS, email, or within applications are authentication methods based on the possession factor.
Something only you know; passwords and secret questions are examples of authentication using knowledge.
A risk-based approach balances the demands for account security and excellent customer experience while meeting the requirements of regulation and scheme rules.
Authentication is adapted to the circumstances present, be that customer preferences, level of risk, risk appetite, or cost of authentication; authentication decisions that are appropriate in every instance.
The combination of authentication and fraud data leads to better decisions; for example, authentication data from a customer’s device combined with transactional information lets you know that they are present where a purchase is being made.
May 16, 2023 – May 19, 2023

FICO World 2023

Every year, this global forum gives business leaders ideas for advancing their digital transformation, launching new customer strategies and outsmarting the competition. Register now and secure your analytic edge.

Register now
Abstract image

From the FICO Blog

Read our experts' opinions about strong customer authentication.
October 16, 2020

PSD2 Strong Customer Authentication: Will Banks Succeed?

Read more
September 25, 2020

Customer Identity Management: Can You Meet Digital Demands?

Read more
September 02, 2020

Biometrics in the Future of Customer Identity Management

Read more

How can we help?

Would you like to learn how you can build better strong customer authentication strategies and meet the requirements of PSD2 and 3-D Secure 2?