By Tapesh Bhatnagar
The rising penetration of smartphone usage which has surged from 15% to 66% in the last 8 years alone, is a major building block of India’s transforming digital landscape. Along with its rise, country has also witnessed a significant plunge in mobile data costs, from INR 260/GB to a mere INR 7/GB. This tectonic shift is playing a vital role in spreading mobile internet to the nooks and corners of the state, leading to enhanced reachability of digital banking services across the nation.
Is Authentication landscape up for a change?
Ever-growing figures of digital payments in last decade speaks a lot about the positive state of India’s digital payment sphere. As stated by the Ministry of Finance, total digital payment transaction volume has increased from $0.25 billion in FY 2017-18 to $1.63 billion in FY 2022-23 at a CAGR of 45 percent. In this courageous journey where banks continue to leverage technology for providing better services and improve their bottom line, somehow authentication as a cornerstone of customer experience in digital world – is left to cumbersome and phishable password and SMS-OTP, leaving room for fraudsters to sneak in and shake up trust of GenZ and millennials in digital offerings.
One-time passwords, which has become a defacto second factor of authentication – is vulnerable to phishing and evolving cyber threats. In a forward looking move to leverage technology, RBI Governor Mr. Shaktikanta Das has proposed a principle-based framework for the authentication of digital transactions, aiming to explore alternative solutions beyond the traditional SMS-based OTP.
Financial institutions face the imperative to accommodate emerging payment methods, addressing fraud prevention, safeguarding customer information, and optimizing the checkout process for enhanced convenience. The demand for secure transactions remains paramount, necessitating a departure from outdated methods. With ongoing technological advancements, Banks are presented with advanced authentication alternatives, surpassing the limitations of SMS-OTPs and elevating the overall customer experience built on more sophistication and trust.
Biometrics and Passwordless Authentication: Shaping the Future
Imagine a future where ‘something you have’ (your device) and ‘something you are’ (your biometrics) seamlessly merge to create a more secure (phishing resistant, device bound) and frictionless payment authentication experience!
Authentication becomes an unobtrusive yet entirely secure experience – a simple touch of a thumb or a glance at a camera is all it takes for robust customer authentication – and the underlying FIDO-based technology ensures that the second factor remains invisible to the user. This seamless integration results in a two-factor authentication process that feels remarkably like a single-factor experience. It offers enhanced security, resistant to phishing attempts and bound to the device, while simultaneously providing unmatched convenience, akin to unlocking one’s phone.
Passwordless authentication, powered by biometric technology, is not new. Most modern devices, from smartphones to laptops, have featured fingerprint or facial recognition capabilities for more than a decade. Moreover, a survey by Mastercard found that 93% of consumers would be willing to adopt biometrics.
Adaptive Authentication: Striking the Right Balance
Consumers increasingly seek a delicate balance between strong security measures and user convenience, where the context of each transaction holds significant importance. Take, for example, a customer desiring a frictionless authentication experience for a modest INR 100 transfer but expecting more visible and robust authentication protocols for transactions involving larger amounts.
Striking the right equilibrium involves customizing authentication methods according to the specific transactional context. Lower-value transactions may find ample security in biometrics alone, discreetly incorporating the second factor. On the other hand, higher-value transactions might necessitate an additional layer of security, such as fingerprint or hardware-based authentication linked to one’s debit/credit card.
Expanding the Horizon of Contactless Payment Cards
Contactless payment cards are designed to offer more than just regular transactions at POS machines; they are innovatively crafted to provide a holistic user experience with secure authentication. A card can serve as one of the authentication factors within a secure environment. This can be done achieving an extra layer of security for significant payments with a single card tap against the phone, eliminating the need for inconvenient OTP generators or additional apps.
Recognizing the changing landscape, card issuers are blending the physical card with interactive smartphone features to create a unified customer experience. This approach ensures security for the bank and a seamless experience for customers, with just a tap of the payment card facilitating a simpler and easier customer journey into mobile banking.
Future Outlook and Conclusion
With the consumer devices enabled to adopt new authentication methods, , banks can assertively lead the way into a password-less authentication era, offering a secured yet convenient experience for users. The role of technology and innovation in shaping the future cannot be overstated. Biometric authentication, NFC technology and advanced security measures will continue to evolve, making the lives of billions more secure. The journey towards a password-less authentication process is not just an evolution but a revolution in the making, ensuring a secure and seamless digital future for all.
In this dynamic era of evolving authentication, G+D, a global SecurityTech with a legacy of 170 years, is emerging as a pioneer, offering state-of-the-art solutions that not only redefine security but also enhance the customer experience for financial institutions. With more than two decades of presence in India, catering to multiple banks for payment cards and partnering with PSPs for online transaction authentication, G+D has ventured into the realm to provide secure solutions for digital authentication. Elevate your authentication standards with G+D – where Security meets Ingenuity.
The author is head – digital solutions, Giesecke + Devrient MS India Pvt Ltd
