Newly released research from iProov, providers of biometric authentication technology, suggests many banks are falling short in delivering digital convenience to their customers.
Online Banking in the U.S.: How 20 of America’s Top Banks Are Balancing Security and User Experience For Digital Account Access focuses on the range and usability of online services offered to existing customers. Researchers looked at 39 data points, including how easy it was for a customer to move money, request a new debit card or change personal details online. The first part of the research, which looked at the onboarding process for opening accounts with each of the 20 banks, was released in October.
The key findings of the new research include:
- Banks are missing out on revenues and growth opportunities – many banks are making it difficult for their customers to access additional products and services. Thirty percent of the banks asked the researchers to complete an application process for an additional account completely from scratch, rather than using secure authentication to streamline the process.
- Secure account processes still require offline intervention –half of the banks did not enable a PIN to be changed online and half did not allow customers to request a new debit card online. Customers were asked to visit a branch, call the bank or use an ATM to complete the request.
- Customers are being put under pressure to monitor account security – the researchers reported that ‘after-the-fact’ email and text alerts about changes to their account made them uncomfortable. Personal details such as passwords or addresses could readily be changed online, with alerts putting the onus on the customer to report unexpected activity.
“Genuine Presence Assurance technology has changed the game for the financial services sector,” iProov president Joe Palmer said. “It is now possible to verify that an online customer is the right person, a real person and that they are authenticating right now. That assurance, completed with an effortless face authentication, means that even the most secure processes can be completed online, whether it’s requesting a replacement debit card, changing an address or applying for a new credit card.”
The researchers noted face verification is already being used by U.S. consumers to access their accounts. Face ID and Touch ID could be used to access the banks’ mobile apps, if supported by the customer’s device.
“Face ID allows the customer to be recognized by the mobile device,” explained Mr. Palmer. “The device then populates the password without the customer having to type it in. It’s convenient but it’s not the same as biometric authentication with the bank itself. If the device has been compromised by someone that shouldn’t have access, the bank will still make the transfer or process the request.”
Other findings from the report include:
- Of the two thirds of banks that offered easier access to new services, only 35 per cent made it simple for the customer. The other third required some additional details before the application could be submitted.
- All of the banks allowed passwords to be reset online but it was a lengthy process in some cases. Two banks asked the customer to supply four or more pieces of security information (for example an SSN) for this to be completed.
- 75 per cent of banks asked for additional security verification if the customer wanted to transfer funds to an external account. Methods varied, from confirming the numbers on a debit card to making a trial deposit to the other account.
- 85 per cent allowed the customer to change their primary email address online and most did not ask for additional information beyond username and password.
- 90 per cent allowed the customer to update a password by confirming their old one. Of the others, one bank required no verification and one sent a one-time passcode.
- 60 per cent allowed a customer to change personal information, such as address and cellphone, without additional verification beyond the initial username and password login.
“Challenger banks and other disruptors in the banking sector have recognized that customers want reassuring simplicity,” said Mr. Palmer. “They know that customers value convenience and once they’ve experienced it, they won’t go back. With Genuine Presence Assurance, customers get the reassurance of visible authentication along with the effortlessness that they love.”
