Banking Security Solutions
At Keyless, we empower traditional and challenger banks to reduce account takeovers and cut account recovery costs without needing a separate enrollment.
Banking Security Solutions
At Keyless, we empower traditional and challenger banks to reduce account takeovers and cut account recovery costs without needing a separate enrollment.
The Importance of Identity Assurance in Secure Banking Systems
Not all authentication methods are created equal. Each has its advantages and disadvantages but the combination of inherence (something you are) and possession (something you have) avoids many of the pitfalls associated with knowledge factors (something you know).
But the market has not followed as swiftly as some would like. As recently as 2022, 85% of US banks relied on username-password as the primary way to authenticate returning customers.
While passwords, PINs, email, and SMS OTPs are well known, they lack identity assurance—a key component of any strong authentication system.
Authentication as a Cost-Savings Strategy
The cost of authentication methods vary significantly.
- Passwords and PINs: Low issuance costs but high recovery and support expenses.
- Email OTPs: Free to send if users have internet access.
- SMS OTPs: Expensive, with costs varying by provider and region.
- Hard Tokens: Costly due to frequent replacement and reissuance.
- Call Centers: High costs, varying by location.
- Biometrics: Cost-effective, with pricing depending on the provider.
Dynamic Linking for PSD2 SCA Compliance
In the EU, PSD2 SCA mandates payment institutions use at least two authentication factors and dynamically link transaction amount and account number.
Keyless ensures compliance by generating a unique one-time code before each transaction, securely linking transaction amount and account number.
Key Use Cases for Biometrics in Banking
IDV providers use biometrics to match a user’s face with a government ID for KYC checks, but users dislike repeated re-enrollments. Few IDVs offer biometric authentication, and fewer still support privacy-preserving decentralized models. Many IDVs partner with authentication providers to offer combined solutions.
Biometric logins replace traditional methods such as hard tokens and SMS OTPs. By using biometrics, fintechs can effectively prevent account takeovers and greatly enhance the user experience by verifying the genuine identity of the person logging in.
Many banks still rely on SMS OTPs for authentication, but these are vulnerable to fraud. The frequent warning, “DO NOT SHARE THIS NUMBER,” highlights the risks of interception and phishing. Switching to secure methods like biometrics is essential for safeguarding customer accounts and strengthening security.
This is used for actions that carry higher risk, such as changing personal details like passwords or addresses. Biometrics can effectively secure these areas by proving identity in a way that SMS OTPs cannot.
Account recovery fraud, a key enabler of account takeovers, often goes unnoticed but has high success rates and significant costs. Forrester estimates password-related support expenses can reach millions annually, split between SMS OTPs and call centers. Biometrics offer a cost-effective solution by enabling self-service account recovery, reducing reliance on manual password resets and enhancing security.
The Keyless Advantage
Related Resources
Passwordless is Just the Beginning.
The Future is Keyless.
Consumer Solutions
Workforce Solutions
PSD2/SCA Compliant
GDPR Compliant
CCPA Compliant
FIDO2 Certified
FIDO Biometrics Certified
ISO 27001 Certified
ISO 9001 Certified
ISO/IEC 30107-3 Certified