The digital banking world requires high security and efficiency in its operations. Digital banking transactions are projected to increase by 9.11% annually, reaching 63 trillion rupiahs by 2024. Digital Financial Services (DFS) are also expected to continue growing rapidly, driven by the increasing use of mobile banking and the appetite for financial services.
Given the increasing cybersecurity threats such as phishing, social engineering, and malware attacks, conventional authentication methods like passwords and SMS OTPs are becoming increasingly inadequate for the banking world. So, what solution is needed to secure digital banking? Read on to find out!
Weaknesses of Conventional Authentication Methods
Conventional authentication methods like Passwords, PINs, and OTPs have many weaknesses that can be exploited by cybercriminals.
First, Passwords and PINs. Data from Google Security shows that about 90% of passwords are vulnerable to hacking, and 65% of people use the same password for multiple accounts. This increases the risk of data breaches and brute force attacks.
Second, SMS OTPs. Security company reports noted that SIM swapping attacks increased by 450% in 2023, indicating that SMS OTPs can easily be compromised.
Moreover, other reports state that SMS OTPs are not a form of authentication. Authentication must consist of one of the following: Something You Know, Something You Have, and Something You Are. OTPs are codes we receive, not something that originates from us.
Although many financial services still use passwords, PINs, or OTP codes, it does not mean these authentication methods are the safest. Phishing, Man in the Middle attacks, and Social Engineering remain major threats to these authentication methods.
Have you ever received an SMS containing a link and an OTP code even though you did not request it? That is one form of phishing via SMS.
Although not specifically caused by phishing, significant financial losses due to fraud are predicted to grow to $10.5 trillion by 2025. In 2022 alone, the average cost to handle a data breach was $4.35 million.
These data points highlight the importance of stronger and more efficient security measures to safeguard data.
So when passwords, PINs, and OTP codes are not safe for banking, what alternative authentication method should be used?
Use Biometric Authentication in Banking
Biometric authentication using facial recognition is considered the safest way to confirm a user's identity. Biometrics are difficult to fake or compromise. Biometric authentication ensures that only legitimate users can access their accounts or perform transactions.
The biometric authentication process is quick and easy, so users do not need to remember complex passwords. Complex and time-consuming passwords often lead users to abandon the transaction process.
Biometrics can also prevent account takeovers and spoofing attacks. By using biometric authentication, banks can increase user trust and reduce financial losses due to fraud.
VIDA Authentication demonstrates how biometric authentication can be implemented in various banking scenarios to enhance security and efficiency. Here are some examples of its implementation:
1. Password Replacement
Biometric authentication can replace conventional passwords. In password reset scenarios, biometrics can prevent social engineering attacks and save on SMS delivery costs, as well as speed up the password reset process from several minutes to just a few seconds.
2. High-Value Transactions
For high-value transactions, biometric-based authentication can enhance security and user experience. For example, in transactions over IDR 500 million, biometric authentication can ensure that only legitimate users can complete the transaction.
3. Account Takeover Prevention
By integrating biometric authentication, banks can prevent account takeovers that often occur due to SIM theft or other social attacks. Biometric authentication ensures that the user logging in is the original user registered with the bank's system.
In a case study, biometric authentication replaced SMS OTPs, resulting in a 15% cost reduction and increasing the success rate of authentication delivery to 99.97%.
Biometric authentication can help banks better protect their customers' data and transactions. Implementing this technology, as offered by VIDA, can provide a better user experience and prevent financial losses due to fraud.
.png)
VIDA - Verified Identity for All. VIDA provides a trusted digital identity platform.
