Strong Customer Authentication

Driven by regulation such as PSD2 and industry standards including 3-D Secure 2, financial institutions are on the hook to deliver compliant identity authentication.

people walking view from above
Radial circle
Abstract image
Arrow
Overview

Adaptive authentication helps banks to deliver strong customer authentication

PSD2 in Europe and 3-D Secure 2 globally require payment service providers to develop compliant identity authentication strategies that are risk-based and take account of customers’ abilities and preferences. With adaptive authentication, decisions about when to deploy authentication and what methods to use are appropriate and optimized for each occasion.

What authentication strategies are banks investing in?

As payment service providers adapt their authentication strategies to meet the requirements of 3-D Secure 2 and PSD2 Strong Customer Authentication, we wanted to know more about their priorities. FICO’s 2020 banking survey found the following near-term investment priorities:
Abstract image
55
%
Percentage of banks planning to enhance customer experience of existing authentication
Escalator
52
%
Percentage of banks planning to enhance device recognition capabilities
Abstract image
51
%
Percentage of banks planning to enhance biometric capabilities
concrete steps
51
%
Percentage of banks planning on improving the collective working of existing authentication capabilities across areas
Take a risk-based approach to strong customer authentication

Financial services organizations want to make a proportionate response to risk that is also compliant with regulatory and scheme rules.

When strong customer authentication is applicable, customers must be authenticated using at least two factors each from a different category of inherence, possession, and knowledge.
Something you are; this includes physical biometrics such as fingerprints, facial images, and voiceprints, and behavioral biometrics such as keystroke analysis.
Something you have; device telemetry and one-time passcodes delivered by SMS, email, or within applications are authentication methods based on the possession factor.
Something only you know; passwords and secret questions are examples of authentication using knowledge.
A risk-based approach balances the demands for account security and excellent customer experience while meeting the requirements of regulation and scheme rules.
Authentication is adapted to the circumstances present, be that customer preferences, level of risk, risk appetite, or cost of authentication; authentication decisions that are appropriate in every instance.
The combination of authentication and fraud data leads to better decisions; for example, authentication data from a customer’s device combined with transactional information lets you know that they are present where a purchase is being made.
Event
December 1, 2020 – December 4, 2020

Decision Modeler | December 1-4, 2020

Foundational knowledge to build and deploy a Business Rule Application using Decision Modeler.

Register now
Escalator

From the FICO Blog

Read our experts' opinions about strong customer authentication.
March 31, 2020

What is Adaptive Identity Authentication?

Read more
July 22, 2019

New Challenges for Strong Customer Authentication

Read more
February 18, 2019

PSD2 Strong Customer Authentication – 3 Reasons to Include SMS

Read more

How can we help?

Would you like to learn how you can build better strong customer authentication strategies and meet the requirements of PSD2 and 3-D Secure 2?