How does biometric security strengthen the security of the bank?

Why online shops should have relied on biometric authentication for a long time

In online trading, users fluctuate between two needs: security and convenience. Often enough, convenience then prevails, but shop operators also have to pick up the customer group with the greater need for security, but without severely restricting their convenience. If the statistics below are interpreted favorably, this group should make up around a quarter to a third of customers. Untapped revenue potential if security concerns are not addressed.

Passwords are a hurdle

An important and common key to more security in the network is authentication via user data and password. For a long time it was recommended to change the passwords regularly in order to reduce the risk of misuse should they get into the wrong hands. In the meantime, even the BSI has moved away from this recommendation, as it means that most people only. use very weak keywords that are easy to remember. The classic is still 123456, as a study by the Hasso Plattner Institute shows. To increase security, two-factor authentication is used in online banking or credit card payments in online retail.

However, this is too complex, especially for logging into a shop. A very strong password is recommended here. However, this is again often forgotten. This problem can actually be solved quite comfortably with a password manager. However, only 7% of users use it. In everyday life, all that remains is the forgotten password function and waiting for the confirmation email and re-entering a password. Especially on the go, in a mobile context there are a lot of steps and hurdles to quickly log into a shop and place an order.

One possible solution with which users can log in without a password is presented to you today ...

Richard Walsh, from NEVIS Security GmbH:

“Passwords are no longer up to date. Even in online banking, where security is paramount, biometric authentication using fingerprints or Face ID is increasingly being used. With good reason: This makes online access more user-friendly and more secure at the same time.

It is high time to use biometrics in e-commerce as well. It improves the customer experience and offers the potential for increased interaction with the customer.

Possible scenario for authentication at login

The principle works like this:

  • A smartphone app combined with a software service for connecting to the web shop results in a convenient login without a password.
  • The app opens up a new, convenient communication channel that simplifies the ordering process in the shop.

How about the app?

  • During registration in the shop, the customer has the option of installing a free Access app from the app store.
  • With the installed app, all you need to do is enter your email address or customer account when you log into the shop in the future. A password is no longer required.

What other advantages are there?

  • The Access app can be completely adapted to the corporate design of the respective shop and thus strengthens the shop identity.
  • With the help of the smartphone app and push notifications, messages can be sent directly to the smartphone display.
  • The customer can conveniently confirm the offered actions, e.g. fast checkout or abandoned shopping cart, with a fingerprint or the FaceID.

The new communication channel then actively supports various use cases in both B2C and B2B shops. This is how the conversion rate increases by:

  • One-click orders or fast checkout
  • Abandoned shopping cart reminder
  • Ordering information for regularly ordered products
  • additional confirmation of a change of address
  • Company bulk orders

How exactly do the use cases work?

It is well known that every additional step in the order process in the shop significantly reduces the conversion rate. An “order button” on the customer's smartphone shortens the ordering process.

In addition, with a push notification z. B. to be reminded of the order of products already in the shopping cart or - in the case of products purchased by the customer at regular intervals - a friendly order information sent.

For service reasons, most web shops offer their customers a subsequent change of the shipping address. However, there is a risk that fraudsters with stolen access data - without the knowledge of the customer - redirect the ordered goods to another address. Such attempts at fraud are effectively prevented by means of a separate confirmation of the desired change of address by fingerprint.

In B2B shops it is often desirable to optimize the process of bulk orders. At the end of an order period, the person responsible for approving orders at the respective company receives a push notification that an order needs to be placed.

These and other functions can be integrated into common shop systems and order workflows with little technical effort.

Where do you get such a solution?

Among other things, at Nevis. As a long-standing provider of CIAM solutions (CIAM = Customer Identity Access Management) for companies in the financial sector, Nevis Security AG, based in Switzerland, has successfully adapted its authentication solution to the requirements of e-commerce. So use z. For example, not only do the majority of PostFinance Ltd's 2.8 million customers in Switzerland regularly have password-free online access, but in future also customers of one of the largest Swiss online shops. "

We found the solution's use cases interesting and can only recommend shop owners to take a closer look at them.