|
Online services provide organizations with additional channels to generate revenue, strengthen branding, and meet customer demand for anytime, anywhere services. However, as online identity theft, fraud, and credit card data breaches become increasingly sophisticated, user names and passwords are insufficient to verify or authenticate users’ identity and protect high-value transactions. In this high-stakes environment, passwords are simply too easy to steal, guess, or lose. Industry regulators are already addressing this fact: The Federal Financial Institutions Examination Council (FFIEC), for example, has passed regulations mandating stronger forms of authentication to protect consumers. To address risk and compliance issues, many organizations are deploying two-factor consumer authentication solutions. These solutions require significant investment in planning, deploying, managing, and maintaining not only the authentication infrastructure, but also the second-factor authentication credentials. Adding to the challenge is the requirement to provide two-factor authentication across multiple delivery channels (e.g., computers, mobile phones, and television) and to an extremely diverse user population. In deploying a two-factor consumer authentication solution, organizations must continually balance cost, complexity, risk, and user convenience. The following strategies address these considerations while helping reduce the high cost of two-factor authentication.
Strategy 1: Use improved security to differentiate your brand and build brand loyalty.
This strategy helps attract new customers and strengthen relationships with existing customers. At the same time, it encourages online usage of low-cost, high-margin services, rather than more costly face-to-face interactions. Brand trust and loyalty are critical to a company’s success, and organizations devote large portions of their budget to build and support their brand. Organizations recognize that brand equity and business opportunities can crumble instantly as a result of negative publicity associated with a privacy breach or data theft. While improved security helps prevent brand corrosion, it can also be used to enhance brand loyalty and reduce churn. Organizations can differentiate their brand, demonstrate respect for customers, and give customers peace of mind by using security mechanisms that help create a user-friendly, trusted, and safe online experience. They can also distribute branded security credentials (e.g., security tokens) that subtly reinforce the brand with every use. Finally, organizations can establish trust and strengthen their online identity (especially in the case of less-well known organizations or new entrants to online business) by using security credentials and security branding from a trusted provider of security.
Strategy 2: Understand your customers’ online usage and match security to the value of their transactions.
This strategy optimizes the allocation of security resources and helps reduce costs by eliminating expenditures on security mechanisms and credentials that are stronger than necessary. One authentication scenario does not fit all customers. By understanding the value of transactions conducted by a particular customer or on a specific online application, organizations can use a layered approach to security. With this approach, organizations can selectively apply graduated levels of security to match specific customers’ usage. Doing so helps reduce costs by limiting two-factor authentication to those users who truly require it. For example, Secure Sockets Layer (SSL) encryption or user ID/password authentication costs less and may be sufficient for some types of online interactions (e.g., low-dollar online purchases), while high-value transactions (e.g., regular transfers of thousands of dollars between institutions) would require two-factor authentication. The key is to work with a vendor that offers a range of complementary security mechanisms to meet diverse needs, and importantly, one that has the expertise to help implement customer-appropriate security policies and mechanisms. Then, once authentication architecture is in place, its cost can be distributed appropriately across all the applications, services, or business centers that it supports.
|
