Step-up Layered Authentication to reduce impact of Banking Fraud
The article on "Fraud trends that banks need to be prepared for this year" needs reading again and again by end-users as well as bank users. The mobile phone usage lends itself to Identity Theft all the time. Unknowingly we are revealing different aspects of our Identity, Context, Location, Behaviour to fraudsters. There are trained hacker groups who can stitch them all together and prepare for a massive onslaught of financial attack on a pool of say 1 million bank accounts. Just like fishermen go out and cast their nets, surely more than 1000 people will fall prey in just the first scoop. So, Fraud cannot be easily prevented. It is going to increase and increase with each passing day.
So, how do we reduce the impact of Banking Fraud? One way is to have a Step-up and Layered Authentication depending on the amount of Transaction. Example
For $10 transaction, allow a TEXT Message with just Mobile Number as Identifier (1 parameter)
For $ 100 transaction, insist on User Name and Password (2 parameters)
For $ 1000 transaction, insist on User Name, Password followed by OTP ( 3 parameters)
For $ 10,000 transaction, insist on User Name, Password, special Transaction Password and OTP ( 4 parameters)
For $100,000 transaction, insist on an additional Biometric Authentication (Iris, Face, Fingerprint, Voice, Cardiac Pattern etc)
Banks and Solution Providers can innovate by changing the sequence and nature of Authentication but the philosophy of Staggered, Layered, Step-up Authentication will help reduce impact of Fraud.