Blog Cybersecurity Guest blog

Adaptive Authentication – How Data-Driven Security Improves the User Experience

By Michal Wawrzynski, Sales Manager at OneSpan

Financial institutions are walking a tightrope between a security experience that protects the customer and the FI, while at the same time providing a smooth customer experience. Banking fraud has surged, and hacking attempts have become more sophisticated than ever, potentially adding more friction to the customer experience. However, consumers have no patience for additional security hurdles. In fact, studies show that consumers don’t bother about security until it breaks. When that happens – whether it’s fraud or data breaches – consumers tend to blame the financial institution. Clearly, security has to be done well in order to create the best possible user experiences. 

How Adaptive Authentication Works: Experience a real-world scenario

Adaptive authentication works through an understanding of a consumer’s behavior, the integrity of their devices and mobile apps, and other contextual data points to establish a user identity. Software may not know the individual consumer’s current bank balance or the date of their last electricity bill payment, but the authentication process algorithm will recognize patterns. The data is based on a user’s activity, rather than static knowledge about their personal life and financial status.

Let’s take a closer look at a real-world example. A customer – let’s call him Leo – transfers 200 euro to the same account each month from the same mobile phone in Helsinki. Why is this information important? Because, if the geo-location component notices that Leo is trying to send 1,000 euro to a new account from a different device in another city, this falls outside his usual scope and contextual pattern. Consequently, this transaction is more likely to be an attempt at fraud. The adaptive authentication tool recognizes it as high-risk. 

Yet, people don’t live in boxes. It’s entirely possible that Leo traveled to another city or that he has to make a larger fund transfer. Therefore, instead of denying the transaction, the tool leverages adaptive authentication policies to challenge Leo according to the risk level. If Leo can pass the security hurdle, such as a one-time password or push notification, and authenticate, he can proceed with his transfer. As Leo’s particular contextual patterns and circumstances evolve, the solution is intelligent enough to recognize these changes and adapt their risk profile.

As part of the adaptive authentication process, the technology assembles a series of risk scores to evaluate these various situations as high-risk or low-risk based on user behavior. But unlike the older, linear scores, it can cover multiple dimensions and circumstances and change moment-to-moment. The adaptive security risk score can then become more accurate as it accepts various third-party inputs. It will become a more reliable indicator of account compromise and potential fraudulent access over time. And because it is based on each consumer’s unique usage patterns, it is very difficult to impersonate.

Balancing Digital Fraud and Customer Experience

Recognizing fraud and stepping in to stop it is only one half of the equation. Financial institutions must be able to fight fraud while still delivering an exceptional customer experience. That is truly what makes adaptive authentication so powerful. By leveraging this technology, financial institutions can generate faster, more accurate risk scores, and apply the precise level of security only on the risker transactions that warrant increased scrutiny. By doing so, banks can reduce the number of fraudulent transactions or level of false positives associated with risker transactions, while allowing customers to fulfill their banking needs with minimal friction. All of that can be achieved without the need to rip and replace the whole infrastructure, but rather by complementing it with additional intelligence. This scenario illustrates how convenient a customer experience can be, while ensuring security for each and every transaction in the digital customer journey.



Michal is OneSpan’s Sales Leader for Central Europe. He brings almost two decades of technology experience across authentication, fraud prevention and mobile security solutions. Michal has a proven track record of supporting European banks in their selection processes for the best technology and services. Connect via LinkedIn.


About OneSpan

OneSpan helps protect the world from digital fraud by establishing trust in people’s identities, the devices they use and the transactions they execute. OneSpan’s security solutions significantly reduce digital transaction fraud and enable regulatory compliance for more than half of the top 100 global banks and thousands of financial institutions around the world. Whether automating agreements with identity verification and e-signatures, reducing fraud using advanced analytics, or transparently securing financial transactions, OneSpan helps lower costs and accelerate customer acquisition while improving the user experience. Learn more at Follow us on Twitter, Facebook, and LinkedIn.