Banks and financial institutions face a growing number of increasingly sophisticated frauds. Meanwhile, customers expect high levels of security during their online operations. However, it is not easy to manage both issues. Luckily, Intelligent Adaptive Authentication helps reduce risk and satisfy customers.
What is Intelligent Adaptive Authentication?
What is Intelligent Adaptive Authentication? Intelligent Adaptive Authentication (IAA) is an AI-driven authentication solution that uses machine learning to identify user behavior patterns and assess risk in real-time.
In other words, instead of simply verifying the identity of users through systems that are certainly simple but can easily be compromised (such as usernames, passwords, and even tokens), IAA analyzes the behavior of users during their online sessions to identify fraudulent activity. This analysis leads to the attribution of a risk score to the single activity which triggers the most suitable authentication process.
Therefore, Intelligent Adaptive Authentication is a flexible and effective solution that provides a high level of security. Moreover, the fact that the authentication method changes depending on the risk level means that users do not have to follow frustrating procedures for simple operations, thus guaranteeing a good user experience.
The three steps of the Intelligent Adaptive Authentication process.
Let’s see in detail how the Intelligent Adaptive Authentication process works.
1) When the user start a transaction, the IAA technology collects a large amount of data, such as the type and security status of the device used, the geo-location, or the home banking app. In addition, it analyzes data on how the user behave on digital channels or their payment habits, so that if the transaction deviates from these models, it can recognize this deviation and decide how to proceed.
The IAA does not have access to the user’s bank account or cards.
2) Meanwhile, machine learning help the IAA to acquire new information that will help it more accurately identify fraud or suspicious activity in the future.
3) Thanks to the wealth of information, the IAA creates a model of behavior in real time that allows it to determine whether the transaction is suspicious or not. Based on this, it assigns a risk score that determines the next step, which is the type of authentication to be done by the user. For example, IAA may require an additional OTP, a one-time password, while for high-risk transactions, it may require a biometrical authentication such as fingerprint scan. However, the IAA may also decide that the transaction falls within the user’s typical behavioral parameters, and not ask for any further authentication.
Obviously, the user does not notice the previous steps that take place behind the scenes, and once authenticated, they can proceed with the transaction.
Differences between Intelligent Adaptive Authentication and Multi-Factor Biometrical Authentication
Intelligent Adaptive Authentication is different from biometrical multi-factor authentication in a few key ways:
– IAA is a sort of evolution of multi-factor authentication;
– machine learning is what makes IAA able to analyze data and identify user behavior patterns; while biometrical authentication and multi-factor authentication rely only on the physical characteristics of users or multiple static factors that can be reproduced or stolen (passwords, but also fingerprints or face recognition);
– IAA analyzes the behavior of users during their online sessions and adapts the authentication process accordingly, while multi-factor authentication requires users to go through a predefined authentication process that cannot be adapted in real-time;
– IAA is a flexible and user-friendly solution, while multi-factor authentication can be intrusive and difficult, especially for high-risk operations. In fact, it always requires a combination of 2 or more factors that belongs to 3 categories:
– Something the user knows (username, password);
– Something the user has (an OTP);
– Something the user is (fingerprint).
However, using multiple factors for all authentications reduces the usability of an app or service. On the other hand, Intelligent Adaptive Authentication decides which and how many steps a user needs to easily and securely authenticate.
The benefits of IAA
In the last few years, the volume and value of bank fraud have been increasing. In particular, identity theft is on the rise: the US Federal Trade Commission received 4.8 million fraud and identity theft reports just in 2020.
As a result, banks and financial institutions need to strengthen cybersecurity and ensure that only authorized users access customer-only data and services. IAA technology is an effective solution that, moreover, does not affect the quality of the user experience but rather makes it smoother.
Furthermore, the IAA is in line with the requirements in terms of security and privacy provided for by the European directives PSD2 and GDPR.