In 2019, Intuit — a global technology platform — joined other industry leaders to share on the Identiverse stage their experience in implementing FIDO authentication. The progress in adopting FIDO authentication standards, in partnership with Nok Nok Products, has been consistent since then. While FIDO Alliance members are at the forefront of the initiative to push password free authentication, the technology has been rolled out to various products.

There are millions of customers using Intuit. All of them put their trust in the company to handle sensitive financial information. Intuit decided to roll out FIDO authentication standards on its major mobile apps. Thus, connecting it to TurboTax, QuickBooks, QuickBooks Self Employed, and Mint, among others. 

It aims to add layers of security. However, that is not the only benefit. Another major advantage it offers is more convenience to the user experience.

What the Results Say

Now, Intuit takes the Identiverse 2021 audience on a journey. It showed how FIDO Authentication impacted the company’s user experience.

The use of passwords can turn into a pain point for businesses. It affects the customer experience. There are countless instances when users decide to abandon their transactions because they forgot their passwords. Then, resetting their passwords add another step to their sign-in process. However, companies must offer security. That is where passwordless authentication can help. 

According to Intuit, the registration rate on their mobile app increased by 80% when FIDO was connected. The convenience of not having to think and memorize a password to sign in to a platform makes it more appealing to users.

The sign-up journey also improved. Since onboarding is password free, more users signed up. Intuit saw a 10% improvement in sign-up conversion. Additionally, the time a user spends to sign up was reduced by 50%. 

FIDO Authentication Standards

FIDO (fast identity online) standards refer to the authentication protocols developed by the FIDO Alliance. The goal is to ensure security and improve user experience by implementing passwordless authentication. These include biometrics scan, face recognition, voice recognition, and the likes.

The goal is to reduce the reliance of businesses and customers on passwords. Thus, decreasing friction while making the onboarding time more convenient. Companies like Intuit are a testament to this. 

If you want to learn more about FIDO authentication and passwordless authentication, check out Nok Nok Products. Nok Nok Products, a member of the FIDO Alliance, offers password free customer authentication that is frictionless and is available in multiple channels. 

Rolling out FIDO Authentication comes with many advantages. Not only does it offer customer data protection, but it can also make the user experience more seamless.

At the forefront of the pursuit of reducing password reliance is FIDO Alliance. Its members, including Nok Nok Products, promote the use of multi factor authentication. 

What FIDO Offers

There are many advantages to using FIDO Authentication. Generally, it balances security and usability. It can lower operational costs. It is scalable. At the same time, it is future-proof.

Users can also expect a better experience. No need to think of and memorize passwords. At a single touch of their fingers or a shot of their face, they can sign in. 

The Log In Process

User experience is of utmost importance for companies. It helps increase lead conversion, generate revenue, and promote brand loyalty. That is especially true for businesses and platforms that handle financial transactions.

Passwords can be a pain at the entry point. Users can forget them. Then, they would have to reset the password, which is another step to complete. In some instances, the reset password may not work. Thus, they will have to contact customer support.

The adoption of multi factor authentication offers better sign-in processes. For instance, the implementation of FIDO Authentication can lead to a 6% increase in login success rates across different apps. That is an impressive feat as moving even 1% is difficult. 

Compared to legacy methods or traditional ways of signing in, FIDO Authentication offers a 78% reduction in sign-in times. When using passwords, users can forget the right codes. Passwordless authentication can address that.

The success rate of authentication is at 99.9%, as seen in Intuit’s case. In comparison, using OTP for SMS may result in an 80% to 85% success rate. 

On the security side, FIDO Authentication is not lacking. Using it reduces session times. Thus, decreasing opportunities for potential attacks. 

Nok Nok Products 

In this day and age, identity has become crucial for businesses. Instead of a one-size-fits-all sign-up and sign-in screen, identity authenticators are more relevant. 

Since many consumers are moving to mobile, companies need to find a more convenient way for users to access their services. Having multiple fields to fill in, including usernames and passwords, can cause issues. It is prone to errors and can also be considered as cumbersome.

Multi factor authentication is a great option to build a convenient user experience. It protects accounts and prevents takeovers while ensuring easy access for the account holders.

Whether you are in the financial sector or are running a company in a different industry, you may be facing many responsibilities and challenges. With the development of technology, many transactions have become easier. However, people with bad intentions have also utilized these innovations to their advantage. That is why cyber security has become a priority for most, if not all, organizations. To address this, authentication systems were created. One of these is biometric authentication.

What Is Biometric Authentication?

Generally, biometric authentication refers to the use of certain human features for the management of access control to certain areas or information. These should be unique to individuals. Among the features used are fingerprints, facial characteristics, retinas, irises, and voices. These will be used for comparison against a database. The information will be entered into the service. Thus, ensuring that only authorized people can access certain physical or digital resources.

How It Works

As stated earlier, a comparison is a part of the system. Two sets of data are necessary for authentication. First is the present by the device owner. The user will register the information in the system that will be connected to their profile. The second is the one from the device visitor. The information will be used for matching your input when you try to access a device. 

These two should match and be nearly identical so that the device will consider the visitor and the owner to be the same person. Thus, giving access to the visitor.

Three technologies are used for the system. These are:

• Sensor or Scanner – a device that accurately captures the biometric information
• Computer System – where the biometric information is stored and can be retrieved for comparison with live data in the future
• Software or Application – the program managing the interface between the scanner or sensor and the computer system while comparing data

Advantages It Offers

Data security poses many challenges not only for organizations but also for individuals. That is where authentication solutions and systems come in.

Here are some of the advantages you can expect:

• Better security
• Higher authentication accuracy
• Faster access to device or area
• Convenience

Getting Started

Biometric authentication is a game-changer in terms of security. With this technology, organizations can better ensure safer management of data and limit access to specific people. At the same time, individuals can prevent others from accessing their devices and data.

If you want to get started with authentication systems but do not know where to go, consider working with an experienced third-party service provider like Nok Nok Products. Nok Nok Products offers solutions to help companies from various industries have more secure data management and user experience.

Industry leaders, innovators, and new challengers will once again gather to tackle the changes in, the challenges faced by, and the future of the financial industry.

Money 20/20 in Las Vegas 

After a challenging year, it is important to review the industry and figure out what the future holds. That is what Money 20/20 aims to do.

The event, which will be conducted from October 24 to 27, 2021 in Las Vegas, will provide a way for industry players in the world of financial technology to find contacts, reconnect with networks, and learn from experts and their peers.

Thousands are expected to join the event — from renowned speakers, innovators, C-level executives, and representatives from the financial technology and financial services industries. Through this event, attendees will get to learn more about shaping the future of money, cyber security, and various solutions like multifactor authentication.

What It is

Money 20/20 started in 2012. Payment and Fintech veterans from different companies, including Google, Citi, and TSYS, created it to have a unique learning experience far from the typical business conferences. Through this, members of the Payments, Banking, Financial Technology, and Financial Services community work hand-in-hand in creating solutions for safe management, spending, movement, and borrowing of money.

Nok Nok Products

Nok Nok Products is among the thousands of participants who aim to provide solutions to issues in financial transactions. It offers services to various business entities and financial companies, such as multifactor authentication.

To share its knowledge and experience in the field, as well as showcase its innovative solutions to security needs, Nok Nok Products will join Money 20/20 as an exhibitor. A visit to Nok Nok’s booth will help attendees have a better understanding of modern authentication systems, how they work, and how businesses and organizations can benefit from them.

If you want to get a glimpse of Nok Nok Products, see us at the Money 20/20 in Las Vegas. You can also learn more about multifactor authentication systems, other authentication solutions for users, and cyber security by visiting www.staging.noknok.com.

Technological advancements help make transactions easier and quicker. However, it also poses many challenges. That is especially true when it comes to cyber security.

Protecting Data

There are many ways for business entities and financial organizations to protect data. Perhaps one of the well-known ways is by applying passwords.

However, times have changed. With more developments come new systems. Now, the use of passwords may become a thing of the past.

Industry leaders and innovators have created various modern authentication systems and standards to enhance efficiency while strengthening cyber security.

Authenticate 2021

All of these can be seen and heard in Authenticate 2021 hosted by the FIDO Alliance. Nok Nok Products, together with other players in the financial technology industry, will provide excellent content to educate attendees on best practices in user authentication. 

From FIDO standards-based approach to technical considerations, attendees can expect to bring home new knowledge on the who, what, why, and how of authentication systems. So, whether you are a security strategist, enterprise architect, or business leader, attending this event will surely be fruitful.

What to Expect from Nok Nok

Nok Nok Products will not only showcase its solutions in this three-day event. The audience can also expect to learn from a presentation, as the company also has a speaking slot along with a booth.

Nok Nok offers innovative solutions for various business entities and the financial services sectors to help ensure data security. It is a part of the FIDO Alliance, which stands for Fast Identity Online Alliance. 

The FIDO Alliance aims to address interoperability issues among authentication devices and the problems users face. The conduct of this event is among its efforts to help people from various backgrounds and industries better understand modern authentication.

What Sets It Apart

Authenticate 2021 opens a lot of doors. It is an opportunity for attendees to know the state of authentication. It will also help leaders and companies create a strategy for authentication using best practices. 

Participants can get to know those who have already implemented modern authentication systems and succeeded in enhancing their cyber security. Additionally, you can learn more about the various needs and requirements of different industries when it comes to authentication.

Authenticate 2021 will be on October 18 to 20, 2021 in Seattle, Washington.

Technology continuously evolves to help make day-to-day life easier. In the payment and financial services sector, further innovations are conducted to offer faster and more convenient transactions. However, as services become more advanced, so do fraudsters. It is the responsibility of organizations and service providers to prevent or fight these frauds. Ensuring strong cyber security will help ensure that the trust of customers will not be jeopardized. 

Types of Authentication Fraud

You may have heard of malware, data breaches, and social engineering. All of these may happen to companies. That is why you may have put into place cyber security.

Despite this, vulnerabilities to other fraud attacks may still be present. Awareness and preparation are keys to better protection.

Generally, there are two types of authentication. These are the New Account Fraud (NAF) and Account Takeover(ATO).

New Account Fraud (NAF)

As the name suggests, NAF happens when fraudsters open new individual accounts. In some cases, they may also use automated scripts to open hundreds of accounts to attack multiple institutions at the same time. It refers to transactions targeting multiple payment accounts through either mobile or digital channels.

While some may use a stolen identity for fraud, many also use a synthetic identity. That is when fraudsters fabricate a person or an entity. It can be accomplished in three ways. First, they create a completely fictitious identity. Second, they manipulate an identity by modifying real personally identifiable information (PII). This includes email address, name, and date of birth. Third, they combine real and fabricated PII to create the identity.

Once they established an identity, they will start building credit by applying for a bank account or credit card. Due to a supposed existence of an identity, they will be able to bypass the identity and verification process.s They will then use the credit card or bank account for fraudulent payments. 

Account Takeover (ATO)

The second type of authentication fraud is ATO. It occurs when fraudsters use existing credentials, usernames, passwords, or PII to access a legitimate financial service or institution. 

There are many ways ATO attacks can happen. In some cases, the fraudsters harvest personal data to prepare for fraudulent transactions. They use these for targeted phishing campaigns. Some use automated attacks or combinations of different credentials to gain unauthorized access to their target accounts. 

Cyber security has become an important aspect of protecting financial institutions, service providers, and clients. However, some may have weak measures like static passwords or relying too much on PII. Using multifactor authentication, including device recognition and other behavioral tools can help block malicious activities.

Fraud is a problem that many financial institutions and organizations. While having cyber security may help, some attacks can bypass these like New Account Fraud (NAF) and Account Takeover (ATO).

What makes it harder for companies is that the start of the attack may start at the customer’s digital journey. That is where multifactor authentication can help. Requiring authentication at every step may be the best solution to fight fraudulent transactions.

The Customer Journey

It starts with the creation, verification, and authentication of a new credit card account or Demand Deposit Account (DDA). These can be used to enroll financial accounts with online merchants, open digital or mobile wallets, purchase goods or services, or transfer funds. 

Because of this, the fraudsters can attack at different points. Thus, the need for multifactor authentication.

Here are some points that fraudsters may target:

Account Opening and Onboarding – This refers to the opening of a demand deposit bank account remotely, including an associated debit or credit card. In this process, the customer accesses a website or downloads the mobile application of the financial institution to apply for a new account.

Payment Authentication – Another possible vulnerable point is the person-to-person (P2P) payment authentication that is done during the enrollment or when completing a transaction. It allows digital fund transfer between the accounts of individuals. Financial details of the recipient need not be revealed as the transaction is done using a mobile app, online banking, or an online digital solution.

Contactless Mobile and Digital Wallets – These store payment tokens that are associated with a debit or credit card and related PII data. These offer convenient payment channels. 

Payment Service Providers or Propriety Merchant Wallet – These are similar to mobile and digital wallets. However, they cover enrollment and payment remotely using third-party mobile applications, online wallets, or merchant sites accepting third-party wallets.

To prevent fraud, the institution has to require multifactor authentication. Ask for certain identifying information before approving the opening of the account. These should include name, address, date of birth, ID number, documentary evidence of residence and nationality, fraud protection information like a mobile phone number. 

Validation of identity is also a must. It can be through vendor identity verification, credit bureau, or point solutions like device verification, document verification, email address, mobile number, and biometric capture. You can support device biometrics, facial recognition, iris scan, or passcode in authenticating purchases. To add another security feature, you can ask clients to add information during enrollment that will enable them to receive an OTP for every access or transaction. 

Nok Nok Products joins thousands of companies in Money 20/20 in Amsterdam. Conducted on September 21 to 23, 2021, the event aims to tackle financial technology, its role in various industries, and what to expect moving forward like passwordless authentication.

The Return of Real-Life Interactions 

The past year has been a challenging time for most, if not all, industries all over the world. With the need for social distancing measures, safety has been the main priority.

Because of this, live events were put on hold. Conferences, talks, exhibits, and other similar activities were postponed. 

But as we welcome the vaccine development and rollout, the world is slowly welcoming the return of real-life interactions. While the need for ensuring safety is still a must, organizations and companies can once again come together to tackle important industry developments.

Money 20/20 in Europe

The financial technology community is among those adapting to the new normal through innovation. Money 20/20 is proof of that. 

The three-day event aims to showcase how the industry will move forward and adopt changes to face risks and prepare for the arrival of new technologies. From passwordless authentication to various payment solutions, participants can learn what is new and what to expect in cyber security and the financial market.

More than being the biggest financial technology event, one can expect to see global leaders, tech giants, startups, and new industry challenges. Find renowned speakers, innovators, and C-level executives. Money 20/20 helps business entities expand their network while learning from one another.

Learn from the experience of others. Find out more about various products. Gain knowledge on how to facilitate data and ensure security. See how you can remain relevant as the competitive landscape changes. All of these opportunities are to be seen in one grand event.

Nok Nok Products And Passwordless Authentication

So, where does Nok Nok Products come in?

Nok Nok Products is among the thousands of companies joining the biggest event about the financial landscape and ecosystem in Europe. Through this, the company gets to showcase its part in the innovative industry.

Nok Nok Products is among the innovators in the field of cyber security. With its services, such as passwordless authentication, the company has helped various business entities and financial companies have better security not only for themselves but also for their clients.

 To know more about Nok Nok Products or Money 20/20 Europe, visit www.staging.noknok.com.

Fraudsters constantly find ways to overcome security measures taken by companies. Among the most targeted are financial institutions. 

Detecting fraud can be hard, especially if you are not aware of them. The best protection is to strengthen security through authentication. Aside from traditional verification processes, adding passwordless authentication can help.

New Account Fraud (NAF)

One type of fraud that you should be aware of is New Account Fraud (NAF). It targets different payment accounts using mobile and/or digital channels. These include debit or credit cards, demand deposit accounts (DDAs), online merchants, and card not present (CDP) accounts.  

Fraudulent activities have increased through the years. In 2018, new accounts with credit card fraud were up 4%. New fraudulent mobile accounts increased by 28%. New fraudulent bank accounts had a 12% rise.

Use of Identity

There are two ways of using identity for NAF attacks. First, the fraudsters steal legitimate identities. Second, they create synthetic identities.

What is the difference?

Legitimate identities include data sourced from data breaches, phishing, and/or hacking. These will be used to open accounts. Thus, using the name of the victim. The fraudsters will pretend to be the person whose identity they have stolen. They often do this to bypass authentication, intercept communications from financial institutions, or conduct deposits and withdrawals to establish a pattern that will convince the financial institution that they are the owners of the account.

After gaining the trust of the financial institution, they will conduct other activities. They may apply for loans, request credit limit increases, make purchases, withdraw funds, transfer money, or generate fraudulent checks. All of these will be done without the knowledge of the legitimate account holder.

Meanwhile, synthetic identity is a made-up identity. Fraudsters can fabricate an identity using completely fictitious information. They can opt to manipulate an identity using modified real personally identifiable information (PII). Another way is identity compilation, wherein fraudsters combine real and fabricated PII. 

The synthetic identity will be used to build credit. They will apply for a bank account or credit card. This way, they can bypass the identification and verification process. They will create a username and password for online transactions. Then, they can start committing payment fraud. 

While fraudsters use technology to conduct NAF attacks, financial institutions can also use it to their advantage. Improve cyber security to prevent being a victim of fraud. What you can do is by including multiple layers of security. Doing this makes it more difficult for fraudsters to bypass. Include different technologies, such as passwordless authentication, biometrics authentication, and even OTP.

Phishing and data breaches are not new. Many attacks have resulted in stolen customer account information. Various businesses are targeted. But perhaps among the most targeted victims of fraud are financial institutions. News of attacks has prompted different institutions to strengthen their cyber security. Some have included multifactor authentication, adding passwordless and biometric authentication along with other security measures like OTP. In doing so, they have reduced the risks of falling victims to different fraudulent activities.

Account Takeover

One type of fraud that financial institutions should be wary of is Account Takeover (AT)). It happens when fraudsters use the credentials of the account holder to access legitimate banks, payment service providers (PSP), or merchant customer account. Commonly taken information includes bank and card account credentials, username and passwords, and personally identifiable information (PII).

In 2020, the number of successful monthly fraud attempts to financial services firms grew by 42%. Between the second quarter of 2019 to the second quarter of 2020, there was a 282% increase in ATO fraud attempts to steal from e-commerce merchants, as well as consumers.  

How It Happens

There are many ways ATO attacks happen. Some fraudsters start by harvesting personal information. Using the data, they will conduct targeted phishing campaigns and gain unauthorized access to accounts. 

Another way is credential stuffing, fraudsters use bots to compare lists of stolen credentials with different websites to find matches. Once they gain access to an account, they will be able to alter the details. Other possible activities they can do are add another name or redirect notifications and communications from financial institutions. 

The Impact

ATO attacks do not only affect financial institutions, merchants, and payment channels. The most affected may be the customers as it is their identity being stolen and used. 

The affected customer may find themselves locked out of their account. They may even be unaware of the attack until they are informed of the unauthorized transactions through their bank or card statement. Additionally, their personal information is compromised.

The business itself will also suffer from the impact of ATO attacks. They can suffer financial losses. There may be chargebacks. Customers may demand refunds. The business may also spend money and time in disputing and/or processing said chargebacks.

At the same time, they will experience a hit on their reputation. Clients may lose trust and decide to leave the company. Thus, reducing future revenues. 

The best protection against account takeover is security. Consider adding more authentication at different steps in the customer journey. Aside from asking for passwords and PII, add biometric authentication and passwordless authentication.