Banks and payment services providers are set to benefit from new identity verification functionality in the latest major version release of the trust platform, Aspect Verify version 17 from Aspect Software.
The software has been designed to offer heightened support for multi-factor identity authentication for internet payments, while maintaining a seamless and secure user experience.
Aspect Verify supports the multi-factor authentication process for online and mobile payments by enabling banks and other payment services providers to perform imperceptible security checks via the customers’ mobile phone. The latest major release increases the number of checks that banks can make on a transaction to increase the probability of identifying and resolving suspicious activity.
Keiron Dalton, global program senior director at Aspect Verify, commented: “The increasing need for two-factor authentication of internet payments in response to increasingly sophisticated fraud techniques will require a lot of providers to rethink their current models. Many providers are increasingly using one-time passwords (OTPs) via soft (SMS) or hard tokens (small plastic devices) to complete transactions. Unfortunately, although it is popular, SMS is easy to compromise when used in isolation, with sophisticated fraudulent techniques like SIM Swap taking significant advantage. The challenge is that users are driving their experiences and expecting speed and convenience as they go about their digital lives. This adds multiple, complex layers of security that can run the risk of introducing friction to the experience, which can leave customers frustrated.”
The biggest addition to Aspect Verify 17 is Proximity. Verification requests in Proximity leverage user mobile data to check the geo-location of the customer making the transaction, combining it with known customer information to confirm the user is in a trusted location, such as home, work or a bank branch. Proximity not only reduces the risk of false positive identification of fraud, which can lead to innocent customers losing access to their accounts, but increases completion rates and reduces efforts for escalations. The use of trusted locations, supported by all of the UK’s major mobile networks can ‘soft verify’ transactions where other red flags are raised.
Aspect Verify 17 also features Automatic Risk Assessment of the concluding risk score, which takes into account all available security check results, including SIM Swap detection. Advanced reporting enables organisations to provide more insight into statistics to enable the identification of trends and sudden developments. To date, Aspect Verify has been used to secure 1.5 trillion financial transactions globally, and has saved one major bank upwards of £10m per annum in associated costs of fraud.
Aspect Verify also significantly helps organisations to meet the requirements set out in the EU’s Payment Services Directive 2 (PSD2), which will become law in all Member States by 13th January 2018, and will remain part of UK law after the UK leaves the EU in 2019. PSD2 rules state that the two or more methods of authentication must be independent so they cannot be compromised by each other.
“Aspect Verify is ideally suited to help organisations resolve this challenge because it requires almost zero effort from the user to authenticate an identity, but boosts the levels of fraud prevention. The platform works in harmony with primary factors such as passwords, PINs, and increasingly, different kinds of fingerprint and Touch ID on mobiles, because it doesn’t require anything to be memorised or for the user to have a hard token on their person. Imperceptible checks like these make use of what is already publicly available – i.e. mobile data – to offer extra protection to both the customer and the bank,” Dalton concluded.
Other new features in Aspect Verify 17 include flexibility, allowing the user to orchestrate the increasing number of available security for each API lookup, as well as a user interface.