The following is a guest post from Bob Eckel, President, and CEO, of Aware.
Every traditional financial service has an emerging fintech innovation to deliver an even better user experience.
And we know that fintech users, in particular, demand the apps and services they engage with be unfalteringly fast, reliable, and secure.
As a result, many fintechs are considering changes to make their UX as slick and polished as possible, especially in authentication — identifying, verifying, and granting a user access to a platform.
Password-related frustrations run high
A recent industry survey revealed the extent to which general consumers and small to mid-sized businesses (SMBs) have had more than their fill of traditional authentication techniques like passwords, and the findings bore this out;
More than half of consumers have given up on purchasing a product or service because they couldn’t remember their password;
More than half said that having to go through a password reset process has negatively impacted their mood and their day;
Almost half have experienced “password rage,” defined as experiencing password stress and fatigue;
A majority (two out of three) report avoiding or dreading the password reset process; and
Almost half report they’d be more likely to continue using a service that offered biometrics instead of password-setting as part of the account set-up process.
While this survey reflected attitudes among general consumers and SMB owners, we can only surmise that users of popular fintech apps (for example, personal finance, digital banking, and investment trading mobile apps) would exhibit even more robust responses, given the importance of intuitive, friction-free access to one’s finances and investments.
Passwords’ associated risks remain prevalent
The drawbacks of passwords have been understood and acknowledged for years – they are easy to forget and a source of annoyance while also being weak and prone to theft and loss.
Despite this, passwords remain heavily entrenched in our society, with research showing that most leading mobile apps from prominent fintechs and banks continue to rely on them.
This puts fintechs at significant risk for creating unwelcomed user frustration, with the average time required to reset a password being one minute and 12 seconds.
Frustration with password processes can cause people to abandon efforts to conduct transactions or open accounts, as well as being a high cost to a business: Gartner estimates that 20-50 percent of all help desk calls are related to password resets.
Passwords also considerably increase a fintech’s exposure to fraud risk.
In particular, neobanks (sometimes referred to as “challenger banks” or fintech firms offering apps, software, and other technologies to streamline mobile and online banking) are known to be very susceptible to fraud.
“Account takeovers,” where swindlers steal passwords to access another person’s account and start spending, are the most prevalent fraud targeted at neobanks. According to recent data, fintech companies like neobanks have an average fraud rate that’s double that of credit cards and triple that of debit cards.
Convenience and security: Balancing the scales
In this context, fintechs must deliver the utmost convenience combined with superior security in their authentication process and often have to compromise one for the other.
Organizations focused on optimizing security may be sacrificing the user experience, but those focusing predominantly on convenience risk that security won’t be strong enough.
For years, fintechs and traditional financial services firms have been forced to accept these trade-offs and have been willing to write off millions or even billions in fraud per year to keep applications easy to use.
However, with fraud now costing U.S.-based firms more than ever, it is becoming much less palatable to accept these trade-offs as “the cost of doing business.”
Ironically, fintechs’ most commonly used authentication method — passwords — deliver neither the best in convenience nor security. Newer forms of authentication, such as biometrics, address the challenge comprehensively by delivering both while enjoying widespread user receptivity.
Three-quarters of consumers are willing to provide their bank with their biometric data.
Barriers to more widespread adoption among fintechs
Despite their benefits, biometrics have remained beyond the reach of many smaller emerging fintechs.
Several changes are needed to alter this course, including:
A more accessible, efficient delivery model — moving to a cloud or SaaS-based model can negate the often-extensive infrastructure costs and time required to implement biometrics. In their race to market, few fintechs can afford this, and by moving to the cloud, up-front work could be handled by the biometrics provider.
Data security and privacy assurances — In a cloud delivery model, biometric and non-biometric best practices must be implemented to ensure the security and privacy of biometric data in the cloud. Furthermore, these best practices must apply to every step in the process – for example, encryption of all data in transit, erasure of data at various intervals, no storage of personally identifiable information, and more.
Crystal-clear communications and options — fintechs should always provide a clear choice for users not to store their biometrics in the app and instead log in with a password or other form of authentication. It’s not likely many users will choose this option, but offering it is essential for transparency and trust-building.
An unfortunate reality is that a majority of fintech startups will ultimately fail. There are many reasons this can happen, ranging from lack of funding to non-compliance to failing to gain adoption fast enough due to the lack of competitive differentiation.
For many fintechs, this last point – identifying one’s niche in an increasingly crowded space is the hardest part, and there’s no reason for a cumbersome, porous authentication process to serve as one more obstacle.
Instead, biometric authentication should be viewed as an opportunity to accentuate differentiation, and fortunately, new developments are bringing modern methods like these within reach for a broader range of fintechs.
As President and CEO of Aware, Inc., Bob is responsible for the strategic direction, growth, and operations of a leading, recognized global supplier of biometric solutions and services for government and commercial customers and industry partners.