Don’t Hang Your Users out to Dry: Why 2FA is a MustEven in a pandemic, fraud is on the rise. Scamadviser.com reported that the volume of online scams and money lost in 2020 grew significantly over the preceding year to €36 […]
Even in a pandemic, fraud is on the rise.
Scamadviser.com reported that the volume of online scams and money lost in 2020 grew significantly over the preceding year to €36 billion. Statista reported that advertising fraud inflicted economic losses of $35 billion worldwide through 2020. Merchant Savvy revealed that losses from payment fraud had tripled from $9.84 Billion in 2011 to $32.39 in 2020, expected cost $40.62 billion in 2027 – 25% higher than in 2020. Not great!
Look at the news and it doesn’t take long before you come across an article about fraud or economic crime. Companies and individuals are being impacted in more diverse ways than ever before, unfortunately, a trend that is set to continue. The tangible element felt due to fraud-related activities (the financial losses) belies the real impact of bad actors though.
When the whole world is digital, fraud sores
Millions of people unfamiliar with the online digital world have been forced into it. Caught between a rock and a hard place due to the extensive closures inflicted on physical premises, online has proven to be the only option for so many to purchase and access even basic goods and services.
Customer loyalty and trust is something that can take an age for enterprises to build with clients but can be lost in an instant. And an incidence of fraud is enough to shake clients’ confidence to such a degree that even loyal clients can be pushed into the clutches of the waiting competition. Losing a loyal, free-spending client hurts your brand over the long term. So how does one go about countering the scourge?
One thing we’ve all got to wake up to is that fighting fraud is not the responsibility of governments or financial institutions or indeed any other type of stakeholder alone. All must work together in a concerted manner.
For everyday users, hearing about the frequency of data breaches should solidify the point given cybersecurity threats are not a far-off concern. If it can happen to huge corporations and government departments, it can most definitely happen to individuals too.
Fighting fraud with 2FA
We, humans, are predictable and all too often, so are our passwords, leaving so many vulnerable to a cyber-attack more than you may think. As a result, a layered approach to security is required – something which regulators tend to increasingly agree on as well. For example, businesses offering payment services within the European Economic Area (EEA) are now legally obliged to deploy additional security measures on electronic payments of more than €30. This is called Strong Customer Authentication (SCA) and came into force in January 2018 with the European Union’s Second Payments Services Directive, PSD2. Its key mechanism is the implementation of a standard level of security offered to financial services customers across all member states.
The requirement ensures that electronic payments are performed with multi-factor authentication (MFA), to increase the security of electronic payments. This means that in addition to standard password systems, you need a dual-factor authentication, like validating your identity with a one-time password (OTP) on your phone, push notification, security token, or biometric (inherence) factor. The most common, possession factor, is something the user has, such as an ID card, a security token, a cell, a mobile device, or a smartphone app, to approve authentication requests.
SMS is a frequently used channel for delivering 2FAs and the fact that it is enabled everywhere, has a mind-blowing open rate of 98%, and is cost-efficient makes it clear to see why. No mobile digital channel is perfect but doing nothing is not an option.
Regulation or not, leaving the security of clients to chance means competitors will use this weakness to their advantage, positioning themselves as being truly customer-centric.
Mitto is here to help you with all aspects of your 2FA journey. Add verification without sacrificing user experience through fast and reliable OTP delivery for two-factor authentication. While the actual means of enabling that second factor of authentication may change over time, the requirement won’t: 2FA is not going away. Without increasing user trust and protecting revenue, any business risks severe negative impact unnecessarily.