With tech giants going passwordless, will banks be ready to meet new consumer expectations?

Two key breakthroughs will soon intersect, influencing how people access and safeguard their financial data.

Big Tech firms are paving the way for a future without passwords

As banks, financial service providers, and fintechs continue to implement open banking, consumers’ ability to share financial information in order to gain access to new financial services and other online financial tools expands, and new technologies are being developed to enhance the security of online authentication.

Apple, Google, and Microsoft are spearheading a movement to replace passwords with digital passkeys, a solution that will benefit all consumers and users. As both developments acquire greater public acceptance, enterprises must ensure that their identity proofing and authentication solutions match customer expectations for the passkey technologies that aspire to replace traditional passwords.

The emergence of open banking foreshadows a future in which an increasing number of customers will get the benefits of new, innovative online financial services – and many are now reaping the benefits of the basic services.

According to Mastercard, 9 in 10 consumers in the US and Canada use online and mobile financial applications to manage money, with paying bills (82%) and banking (80%) as the most popular use cases.

According to Cyberlink, in 2022, 77% of millennials said they would likely switch to digital-only banks. By 2025, it is anticipated that the number of neobank and conventional bank account holders will be equal. Even offline tactics are employed by some neobanks to sign up new users for digital banking services. For instance, GoTyme, a new digital bank created to give financial inclusion and empowerment to consumers, allows people to open an account in less than five minutes via digital kiosks positioned in shopping malls and supermarkets.

In tandem with the rising convenience of digital banking and mobile payments, consumer expectations have shifted. Apple, Venmo, Stripe, and other consumer technology and fintech firms make it easier for customers to pay or conduct transactions. How can banks, financial institutions, and fintechs ensure that they are preserving financial data and complying with financial regulations across numerous areas as they face increasing demand to provide the same degree of seamless, user-friendly online services?

Consumers are placing their faith in banks and other providers to safeguard their funds, but the usage of authentication and security measures beyond typical passwords by banks, financial institutions, and customers is not widespread. And threats have only grown in severity.

As the banking sector expands its online presence, fraud risks such as data breaches, synthetic identities, and account takeovers have become increasingly prevalent. Weak passwords are among the most significant contributing causes. According to GovTech, around 80% of breaches are known to stem directly from compromised passwords, making them one of the most glaring vulnerabilities in any cyber resilience strategy.

The road ahead

Apple, Google, and Microsoft, along with the FIDO Alliance and the World Wide Web Consortium, are paving the way for a future without passwords by promoting passkeys as an industry standard for consumer-friendly identity verification and authentication. Passkeys are a more simple, secure, and quicker alternative to passwords for logging in.

Apple’s recent announcement of passkey integration will enhance user expectations for quicker, seamless authentication – particularly more biometric authentication – across all online transactions and interactions. Apple has always led the way in consumer adoption of new technology, eventually resulting in commercial and enterprise adoption of the same goods and services. Consumers are already comfortable with biometrics to access their iPhone and other iOS apps (FaceID) – why not leverage this technology elsewhere? According to the FIDO Alliance, 39% of people are familiar with the concept of passkeys – and this familiarity is especially high, at 48%, among 18–34-year-olds.

While there’s still a long way to go until banks and financial institutions can become truly passwordless, some have begun utilising facial recognition as an authentication factor to access mobile applications or other banking services. In 2021, American Banker reported approximately 15-20% of the 1,000 financial institutions in the United States were using selfie photo imaging in combination with document verification to prove users’ identities.

By introducing more complete identity verification and authentication solutions across all channels, banks can stay up to date with these changes. They must deploy scalable biometric solutions across web, mobile, in-person, and contact centres. Multi-factor biometric authentication is the most secure authentication factor that enterprises can use to know their customers with absolute confidence.

Staying compliant while reducing friction

Banks and financial institutions need more secure digital channels to guard against malicious attackers – without creating a negative experience for customers. When customers are accessing their financial information, they have historically struggled with frustrating digital-authentication requirements, most of which stems from levels of complexity that companies have introduced to deter cyberthreats.

As banks and other financial institutions continue to create identity proofing and authentication systems, they will need to strike a balance between regulatory and legal requirements pertaining to identity and a seamless consumer experience. Complying with government regulations on anti-money laundering (AML) and know your customer (KYC), a component of AML, is only one of the many compliance requirements that these businesses must follow. In order to comply with these requirements, some organisations may develop cumbersome onboarding procedures, which might annoy legitimate clients and raise desertion rates.

By streamlining KYC and AML flows based on applicant risk profiles, clients are exempt from additional authentication requirements. This helps to provide clients with a better, seamless experience and improves account creation and onboarding, uptake of new services, customer happiness, and costs related to fraud prevention.

Changes to authentication are therefore on the horizon for firms in the financial services industry, and they can benefit both your clients and your company’s growth. But now is the time to begin planning for the future transition away from traditional passwords and toward a more comprehensive identity verification and authentication standard.