Banking customers want biometric authentication

biometric authentication systems

Banking customers want more biometric authentication systems than what is currently being offered by their banks, according to a study by KuppingerCole

Customers want to use the device of their choice and an authentication process they are familiar with, for example built-in biometrics, or an approach which is convenient to them, says KuppingerCole.

The analyst adds that the lack of support for adaptive authentication and biometrics “stands in stark contrast to this expectation”.

The KuppingerCole study, The Future of Banking – Innovation & Disruption, was conducted in cooperation with business consultants PwC, and in light of the EU’s European Payment Services Directive, also known as PSD2.

When looking at the answers on both the state of adaptive authentication versus multi-factor authentication and risk-based authentication as well as the authentication technologies in use or planned, KuppingerCole says it “observed a lack in supporting the customers’ demand for convenience”.

While close to 90 per cent of the organizations already support MFA or plan for it, only 13.6 per cent already have adaptive authentication support in place.

While KuppingerCole believes that number will continue grow, with concrete rollouts and planning adding up to another approximately 30 per cent, “there are still many organizations showing a gap in that field”.

Many of the organizations affected by PSD2 have not yet found a solution which supports both the evolving requirements of PSD2 and the need to provide convenient customer authentication.

Banking customers want more biometrics than what banks are offering, says KuppingerCole Click To Tweet

KuppingerCole adds that when it looked at the API capabilities supported today, it found “a very mixed result”. Access to customer data is most common, while payment and bank account related APIs are rather rare, it says.

“We observed a strong need for financial institutions to rethink and redefine their API management and security strategies, as well as their approach for providing APIs in the context of PSD2,” says KuppingerCole.

Furthermore, KuppingerCole observed a “lack of modern approaches” towards supporting “know-your-customer” requirements and initial customer identification.

This indicates that many financial institutions are “still immature” when it comes to balancing regulatory compliance with customer convenience. “There is a growing number of more convenient approaches available but adoption rate still is very low,” says the analyst.

KuppingerCole adds that traditional financial institutions are more likely to fail to balance regulatory compliance with customer convenience, which puts them at risk of losing ground in their competition with the dynamic financial technology companies.