SCA secure authentication silent authentication smsotp passwordless

Gaining that competitive edge through exceptional user experience during customer authentication

Clare Messenger
Clare Messenger

In today's digitally driven landscape, user experience (UX) has emerged as a critical differentiator for businesses seeking to gain a competitive edge. Nowhere is this more evident than in the realm of secure authentication. A seamless and user-friendly authentication process not only ensures data security but also elevates customer satisfaction and trust. 

Silent Authentication+, a unique collaboration between fraud and credit risk experts Honey Badger and JT hits the sweet spot that organisations have been searching for in terms of balancing cutting-edge fraud and security with exceptional customer experiences that instil trust and loyalty.

The balance between security and user experience has always been a difficult challenge to meet, but as pressure increases from regulators on the banking industry, fintech’s and the tech sector at large to take greater steps to counter the increasing volumes of fraud it’s crucial that organisations find a way to turn up the dial against the bad guys while providing legitimate customers with an experience that’ll keep them coming back.

User experience reigns supreme

It might seem strange to bang on about the importance of user experience, but as we lose the generations who have been used to a slightly more sedate pace when it comes to the executing of financial services, to Millennials and Gen-Zedders where instant gratification and seamless experiences are expected, then user experience becomes top of mind for those seeking that all important competitive edge.

Added friction in user journeys isn’t welcomed, and while consumers appreciate brands that can demonstrate they’re protecting them, they are fickle in terms of how it affects their experience. Create too many steps and hoops to jump through and consumers will quickly look for more convenient and simpler alternatives. Customer services specialist Zendesk reports that 50% of customers will switch to a competitor following a bad experience, and in the case of more than one bad experience this snowballs to 80%.


A tidal wave of fraud piles pressure on cybersecurity provision

In recent years the volume of financial fraud has exploded, heaping pressure on regulators, and in turn onto financial services and the tech sector. While biometrics has helped to cut off a number of avenues for cybercriminals, traditional authentication methods like passwords, SMS OTP and email verification links continue to be all-to-easily exploited by fraudsters and hackers.

So how can organisations meet the demands of regulators and protect themselves and their customers from financial fraud?

Silent Authentication+ is where cybersecurity perfectly meets user experience, an infinitely more secure authentication method compared to passwords, SMS OTP and email verification links all of which can be copied, intercepted, spoofed and hacked. By leveraging the same cryptographic technology mobile networks use to secure calls and data sessions, Silent Authentication+ deploys robust and proven possession-based user authentication.

Using the mobile network to authenticate customers

Silent Authentication+ starts with the humble SIM or your Subscriber Identity Module. Your SIM and mobile network combine three important elements that come together to create a ‘digital handshake’ that authenticates you silently in the background.

  1. The IMSI or your International Mobile Subscriber Identity - As the name suggests, this is the unique identifier for each SIM used primarily to identify you as the subscriber to the mobile network.
  2. The Authentication Key (Ki) - This is a secret key buried deep inside your SIM used for authentication with the mobile network. This is the part most relevant for authentication purposes.
  3. The mobile networks Authentication Centre or AuC. This holds a copy of the secret Authentication Key (Ki).

The authentication process works on the same principle of when a service provider asks you your secret question, such as your mother's maiden name, or your first pet's name - except here the answer will be different every time it's asked. It works like this:

  1. As you attempt to connect to your network provider its Authentication Centre will issue a random number to your device.
  2. Your device processes this number using your Authentication Key, producing a response number which it promptly returns.
  3. At the same time the Authentication Centre uses its copy of the Authentication Key to generate an expected response.
  4. If the two response numbers match your provider authenticates your device. 

All this is done in the blink of an eye, silently and seamlessly in the background with the enhanced security of cryptography. By leveraging this same technology and doing away with the need for anything that can be copied, shared, and pasted, like passwords, SMS One-Time-Passcodes, and email verification links Silent Authentication+ instantly reduces the possibility of fraud from bad actors intercepting, spoofing, hacking or phishing for authentication credentials.

While mobile networks have been largely using this technology, Silent Authentication+ is deploying it to authenticate users across a broader set of use cases from onboarding new customers, user logins, payments, live chat and much more, where all you need is your mobile phone number to authenticate your identity.

Find out more about Silent Authentication+

Stay up to date on how to combat financial fraud

JT's Mobile Intelligence division works with banks and financial services across the world to increase the awareness of how fraud is perpetrated and to deploy innovative fraud prevention solutions to combat todays most pervasive types of frauds.

For more information on JT’s Mobile Intelligence solutions contact our team of experts today.