Why Digital Trust Should Be a Top Priority for Banks

What is Digital Trust?

In financial services, digital trust is a principle when a bank or financial institution is highly confident in two key factors. First, that the person with whom they are dealing through digital banking channels really is the person they are claiming to be; and, second, that the person is authorized to perform the financial transaction or task they want to perform. In practical terms, it’s a digital handshake between a bank and a customer where both parties meet and transact together with confidence.

But it’s important to note that digital trust also applies to customers, not just banks. As fraudsters get inventive with their tactics, bank customers want assurance that their financial institutions can keep them secure. Just as banks want to have confidence that they are dealing with the people who they claim to be, bank customers expect their banks to know who they are and how they normally transact. If something about their behavior seems suspicious, customers expect their banks to be able to keep them secure.

Banks can build an understanding of how their customers normally behave by building a digital profile based on their behaviors. This begins with the information the customer provides during the onboarding process and continues to refine over time. Each translation, mobile device, and new address adds to the profile and helps banks understand who their customers are and how they normally transact.

Digital trust is a two-way street in this respect. Both banks and customers expect to be able to engage and interact with each party with confidence and security.

Why is Digital Trust Important?

Digital trust is essential for both banks and their customers. There are three key reasons why banks should increase their focus on developing digital trust.

• Fraudsters target customers: Banks have invested in a wide range of fraud detection solutions that have made it much harder for criminals to breach a bank’s system to commit fraud. As a result, fraudsters are focusing their attention on the next most vulnerable cog in the transaction: customers themselves. After all, customers are people and are easier to coerce or manipulate into taking action on a fraudster’s behalf. Fraudsters might prey upon potential victims during a moment of weakness like a medical situation or by taking advantage of world events like the pandemic to push a scam. 
• Banks intervene in customer transactions too often: Digital trust is essential for banks to allow customers to transact as they want and without a significant level of intervention. If the bank can’t trust the customer is who they claim to be or that they can perform the transaction they wanted to perform, they will have to take measures to authenticate the customer at multiple steps of their journey. Too much intervention leaves customers feeling irritated and annoyed at their bank.
• Bank customers expect to be trusted: Customers also believe that their banks should know who they are based on their provided data. In their opinion, their bank should know that if their home address is in London, but they are suddenly making a high-value transaction in Brazil, something may be suspicious. But if they’re carrying on with their daily routines and have to authenticate themselves repeatedly, they’ll think their bank doesn’t trust them.

The 3 Core Components of Digital Trust

So what goes into building strong Digital Trust between banks and customers? The key principles of digital trust are a combination of three key components. 

• Can the device be trusted? In an age where almost all interactions happen digitally, it’s essential for banks to be able to trust the devices involved in an interaction. Banks should develop an understanding of the mobile devices, laptops, and other electronic devices that a customer uses to log into their account. New devices should be flagged at first but banks should watch how the user utilizes them to ensure they are being controlled by the customer.  
• Is there malware at play? Trusting the device and the user’s behavior is the first step. But banks should also be on the lookout for suspicious programming like malware that may infiltrate a device without the owner’s knowledge. By relying on the user’s digital profile banks can assess whether it’s the user or a bad actor compromising their account using malicious software like malware.
• Can the person and network be trusted? Finally, banks must be able to trust the users behind the devices. This means trusting that the user is behaving normally based on the digital profile the bank has built up over time. Is the customer logging in from a geographical location that makes sense or that raises suspicion? Are they using a network they normally use? And are their interactions with their device, including the motions they normally use to touch their screen, their language setting, and even the angle at which they hold it familiar? These are all questions banks must address to determine if they can trust the user behind the device.

For a Digital Trust strategy to be effective, all three components must be in place. If one or more of these three components is not addressed sufficiently, banks’ Digital Trust capabilities could fall short. As banks face the new realities of their digitally-oriented customer base, establishing and continuously building strong Digital Trust will ensure they are only dealing with trustworthy customers – even if they never meet them face-to-face.

Watch our on-demand webinar Reinventing Digital Trust Across the Customer Journey to learn how to proactively stop ATO attacks to prevent transaction fraud.