Digital natives' interactions with your business will likely begin & end in an app, not a browser. Our approach to fraud must match their needs & focus on protecting what our user wants—their transaction.
Rules-based analytics and other approaches developed for digital transplants have not provided the magic bullet for preventing fraud – or reducing customer friction.
“Digital natives,” users who grew up with Internet-enabled mobile computers in their pockets, aren’t like the “digital transplants” who started on desktops and acquired a smart phone. Digital natives transact primarily on their phones, versus transplants who use their phones opportunistically.
The ranks of natives are growing—one online brokerage estimates that 1/3 of their new accounts are opened via a mobile app. The journey of a digital native’s interactions with your business will likely begin and end in an app, not a browser, and changing a cumbersome app provider for a better one is as common as changing their socks.
Digital natives value frictionless experiences and are less brand loyal. As natives become a dominant consumer demographic, most established businesses fall well short and will lose to technology-based disruptors. A recent survey by DBR research found that only 18 percent of banks and credit unions allow new checking accounts to be opened via an app, and under five percent allow the entire process to be app based.
The natives are already restless. That’s not good news if you work for a company that’s older than the customers you want to reach...
What Is the answer?
Our problem will not be solved by a new and better way to challenge users to hard authenticate. Our problem will not be solved by a new and better channel to communicate with a trusted user. Technologists approaching the fraud problem with a fresh pair of eyes should develop security solutions that completely eliminate these potential apertures for intercepting data.
Our problem will be solved when we change our approach to match the new needs and focus on protecting what our user wants—their transaction.
Confirming identity of a previously hard-authenticated user (done in the moment through biometrics plus possession of a specific device) provides seamless multifactor authentication. But then we need to use that authentication to sign an immutable record which contains the specific transaction details, such as opening a new account, transferring money, or sharing health data.