In financial services, security is non-negotiable. Fortunately, technology is making it possible for financial institutions to meet customer expectations for speed, ease and convenience while maintaining security best practices. Two-factor authentication is one area where these practices are evolving to the benefit of the customer experience.
Smartphones and software tokens in the form of apps are replacing the traditional two-factor authentication hardware token on a security keychain. For business owners and other commercial accountholders, who often have multiple accounts at multiple institutions, an easily accessible app is a vast improvement over a pocketful of physical tokens.
For business owners and other commercial accountholders, who often have multiple accounts at multiple institutions, an easily accessible app is a vast improvement over a pocketful of physical tokens.
Two-factor authentication adds an important layer of security for accountholders by requiring a password and a second bit of information only known by the user to authenticate to a bank account. Software authentication uses a secure app on a phone to generate that information. Although hackers always pose a concern, software authentication helps financial institutions provide a secure and seamless customer experience, especially for high-value commercial accounts.
Most financial institutions are already looking at ditching cumbersome hard tokens for the ease of soft tokens, so the real question is timing. Why should organizations work with their commercial accounts now to replace their hardware tokens? Here are four compelling reasons for moving to software authentication sooner rather than later.
Financial institutions are increasingly pressed to serve people online and on-the-go via mobile while balancing security with a positive customer experience. Technology helps eliminate the trade-off between the two, making it possible to deliver a solution that's highly secure and provides an easy, intuitive user experience.
Most banking customers, including busy business owners and executives, increasingly expect to use touch ID and other forms of biometric authentication on mobile devices. Those capabilities provide effortless, immediate identity verification that is simply not available to hardware-only, one-time password users.
To protect against emerging threats to mobile users and the information transmitted through their devices, financial institutions may require a stronger defense against fraud. Although criminals may find holes in every system or process, using software authentication, including devices equipped with secure channel communications, provides an encrypted, independent, cross-platform and secure channel between the server and the client device. That helps ensure only authorized devices will receive transaction information.
In addition to the authentication technology itself, push notifications provide an additional layer of security. Through a soft token, a financial institution can now inform mobile users of both authorized and unauthorized account changes, and provide context to what's happening behind the scenes. Where a hardware token just provided a set of randomly generated numbers, the soft token can do more – providing information and context that enables accountholders to make smarter decisions about transactions.
Strengthening mobile security and authentication enables financial institutions to broaden mobile offerings and maintain a level of flexibility that hard tokens cannot offer. Flexibility is key: Soft tokens allow a new accountholder to be up and running quickly without having to receive a physical hardware token. The ease of soft tokens also creates an optimized user experience, which likely enhances your customer retention.
With increasing reliance on smartphones and mobile devices, more people are becoming accustomed to the convenience of apps. Offering soft token security to your business accountholders delivers that same convenience and security to financial services. It's time for commercial accountholders to clean out their pockets and scrap their hardware tokens.