Article by Thomas Widmann, for the Finance Magazine, gi Geldinstitute Edition 02/2018

 

Wimsheim, May 2018                   Following the opening of the banks to third-party providers through the PSD2 standards, additional access channels are created for customers. Third parties must be able to access bank accounts and make payment transactions on behalf of the customer. The time is right to tackle customer identity management with a new approach.  

One account – many authentication channels. This is how customers identify themselves or authorize their transactions today. Looking at the authorization procedures, the list is much longer. These procedures are tedious for customers. True that the procedures have evolved over time. And many banks are struggling to move from account-based access to customer-focused access. If you think of the Master Card (EC card), it quickly becomes clear that basically it can only access one account and when the customer has several bank accounts he needs several cards to make transactions.

Digitalization is bringing about lots of changes

At some point, the anonymous money is replaced by digital money, that it is not so fast in Germany, is essentially because the initiatives were long lacking. Today, the EU is trying to do a lot with PSD2 and Instant Payments, as well as the fintechs and Internet giants – banks are not really the drivers of innovation here. Customers want to pay conveniently and securely, and anywhere. The Service and payment flows will in future occur in sync so that the payment link is not lost. In the meantime, aggregators analyze the financial situation of the customer and provide tips for saving, depositing, investing, or safeguarding. If the customers still have their accounts (wallets) with a bank, then the access path “Bank API” becomes a new one and at the same time one of the most important ones.

Opportunities for the finance industry

When so much is changing already, why not make the authentication procedures uniform, easier and at the same time secure? Though the authentications become overall more complex, but easier for the user. Biometric methods are becoming standard. An intelligent authentication requires a second identity check only if there are doubts about the identity, and secure processes require confirmation of the identity. Overall, today only a customer identity management, such as cidaas, should be sufficient to secure all channels: the online banking portal, the third party app after PSD2, which accesses a customer account on behalf of the user during the branch visit of the customer, to the ATM or statement printer. The transition from the anonymous user, to a prospect right up to becoming the customer is successively achieved with a modern Customer Identity Management through progressive profiling.