security, compliance and customer experience a balancing act · 2015-03-11 · customer experience...
Post on 26-May-2020
2 Views
Preview:
TRANSCRIPT
Security, Compliance and
Customer Experience – A
Balancing Act
Anne Myers
Member Advisory Board
TokenOne
Security, Compliance and Customer
Experience
A Balancing Act
Anne Myers Member Advisory Board, TokenOne
The Banker’s Dilemma
Compliance
Cost Customer
Experience
IT Security in Banking
Cost Compliance
Customer Experience
An example: Multi-Factor Authentication
Proving User Presence
• What you know
• What you have
• What you are
What do customers want?
• My funds are safe and secure
• The service is easy to use
• The service is reliable
• Protect my identity
A critique of commonly used methods
• Customer
• multiple and complex passwords
• SMS issues
• device issues
• Cost
• infrastructure
• SMS
• password management
• Compliance
• proving user presence
• password management processes
• vendor hacking risk
Are biometrics the solution?
• Customer
• reliability
• non-revocable
• personal data concerns
• Cost
• expensive
• capture
• Compliance
• biometrics are not a secret
• secure storage of templates
• technical or legal standards
The New Knowledge Factor
Something you know BUT it is
• never entered
• never stored
• never revealed
It is a secret that is never shared - with anyone
The Nirvana for Multi-Factor Authentication?
• Highly secure
and can be easily revoked
• Easy to use
I don’t have to remember a range of complex passwords
• Reliable
even when there is no connectivity
• Enables me to keep my secrets secret
- from everyone
Nirvana?
Factor Method
What you know
Confirmation of a PIN without ever entering the actual PIN using a One time password
What you have
Proof of control of the users smartphone via a tokenised solution
What you are
Backed up by use of TouchID or other biometric
What do customers want?
• My funds are safe and secure
• The service is easy to use
• The service is reliable
• Protect my identity
…all of which reduce your fraud
costs and improve your compliance
To find out how TokenOne will redefine your
Identity Assurance expectations contact us at:
info@tokenone.com
top related