A lesson in smartphone identity verification from HSBC
HSBC has always been among the most stringent of the Big Four Banks when it comes to security.
While TSB only ask for two typed passwords and a user name on the desktop, HSBC require a customer ID number, password and a passcode generated by a secure keypad. Where Natwest requires only a PIN to log into their app, HSBC maintained the same level of security as on desktop (it’s worth noting right here that Natwest also tops the list of worst banks for dealing with fraud – with a 62% rise in complaints over the past year).
So it’s of little surprise that HSBC customers have been among the first to experience SCA. Switching from keypads to smartphones, customers now create a Digital Secure Key on their phone. From there on in, they either tap in their password or use their fingerprint to verify their identity. This multi-layered approach is one of the most secure ways to harness smartphone ID verification. But that’s not to say that mobiles are without their problems…
The (multiple) problems with smartphones…
47% of consumers (or an estimated 100.6 million mobile phone owners) experienced at least one ‘mobile change event’ in the last year (e.g. changing their number).
Account takeovers have increased by 31% in the past year (a figure that continues to rise)
Despite the issues with mobile, the risks are easily outweighed by the benefits in boosted security, especially when used to provide biometric information such as facial recognition or fingerprint ID. And a good thing, too, as consumers now have a clear preference for mobile…
89% of consumers use mobile banking (this rises to a huge 97% when we’re talking about millennials)
This brings us to a final point about mobile identity verification – using it shouldn’t feel painful. If it’s to serve as the business asset it should, customers should expend only minimal effort to enjoy the boosted security that smartphone ID verification provides.