Banks are facing not only a dramatic increase in the number of cyber-attacks but also sophistication and complexity of those attacks.
Fraudsters and hackers are constantly challenging the security measures put in place by banks to protect sensitive business data.
In the meantime, consumers are using more and more new innovative services with a seamless experience and expect banks to find the right balance between the security level needed and reduced friction in the user journey.
Evaluating risk and adapting accordingly
The new European legislation, the revised Payment Service Directive (PSD2), requires that banks adopt security measures to the level of risk involved.
Payment service providers (PSPs) have the obligation to operate transaction and risk monitoring in order to assess, detect and prevent risks linked to payments and any access to account operations.
- For those transactions identified as low risk, a payment service provider can bypass any strong customer authentication (SCA) requirements.
- For those transactions that are deemed more high risk such as sudden changes in location or abnormal spending step-up authentication will be required.
By evaluating risk and adapting accordingly, banks are able to offer a targeted approach that strikes the right balance between security and user convenience.
Thales Gemalto IdCloud Fraud Prevention
Looking to provide robust security to your banking and financial services while still maintaining an optimal end-user experience?
The risk management services of our Gemalto IdCloud platform provide a groundbreaking approach to proactive fraud prevention in online banking. The smart risk assessment enables banks to analyse online banking sessions in real-time, and select the most appropriate level of customer authentication for each individual transaction.
A risk based authentication (RBS) approach is the winning combination of security and convenience in the new digital and open banking ecosystem.
And our Gemalto IdCloud Fraud Prevention is the perfect answer, with risk management services that meets the PSD2/RTS requirements in risk assessment.
It helps banks to evaluate the actual risk of each transaction in order to only activate additional authentication measures when necessary.
Powered by machine learning, the profile and behaviour of customers are analysed in real-time across a range of attributes and signals including geolocation, device profiling, IP address, device assessment and behavioural biometrics.
Thanks to Gemalto IdCloud, banks can define a granular authentication policy based on customer segmentation, customer preferences, use cases and their own parameters.