Two factor authentication, biometrics or user identification are fundamental concepts in the world of payments but, what do they exactly mean? What kind of benefits can they bring?
The new European Payments Regulation (PSD2) will enter into force on 14 September, and it is giving so much to talk about among the players in the payment ecosystem. It introduces important changes that will undoubtedly affect the authentication of the user when making a payment in order to increase the security of transactions. To achieve this, the regulations make it compulsory to require the user a Strong Customer Authentication (SCA), based on the use of two or more factors for identification. These factors may be based on knowledge (something the user knows, such as a PIN or password), possession (something the user has, such as a card or mobile device) or inherence (something the user is, such as a fingerprint or iris).
At this last point is where biometrics comes into play. This concept is already known, but it is still new and has the necessary characteristics to evolve and become, in the near future, the most used way of authentication. The impulse of biometrics is determined by two fundamental reasons: security and user experience. Biometrics are difficult to copy, as it is not a card that can be stolen or a password that can be easily found. It is an inherent element to the person that is generally non-transferable.
As far as the user experience is concerned, biometrics enables customer loyalty through faster authentication, making softer the negative effect that the mandatory double authentication established by PSD2 might have. When payment is practically invisible, customers are more likely to complete their purchases (specially in e-commerce) and even repeat them thanks to the memory of a good experience. Therefore, biometrics is a fundamental technology, to which merchants will have to gradually adapt by integrating biometric readers that meet all security requirements.
On the other hand, and beyond this general authentication, we find the KYC (Know Your Customer), which allows customer identification according to their personal and financial data. This tool offers to merchants the possibility of compiling and analyzing identity documents, verifying the data against third-party databases, creating a prediction on the pattern of user behavior and monitoring those behaviors to verify whether they are consistent. All of this minimizes the risk of fraud and, therefore, increases security for both end customers and entities.
As we can see, security and user experience drive the fast-moving forms of identification and authentication, driven by legislation that seeks to protect the consumer and promote innovation. For this reason, José Luis Nevado, CEO and Founder of Sipay Plus, a payment gateway specialized in solutions for a secure and invisible payment, points out the importance of «always being alert to detect future changes demanded by the market, regulation and also customers, be prepared to face them and turn their challenges into opportunities to grow and innovate».