Take a look at the most successful companies in the UK and you will notice a striking pattern: regardless of industry, companies that provide customers with premier digital experiences that are easy to use, secure, and privacy-enhancing dominate the competition, while companies that fail to pivot to digital-first strategies fall farther and farther behind. 

Today, it’s more obvious than ever that customers are sick and tired of fraud and friction and are eager for better options. That’s why a growing number of leading UK banks, financial institutions, and companies are leveraging the latest in digital identity technology to reduce consumer friction, enhance verification technology, and lower fraud rates. 

‍

So what are the top three digital identity trends leaders in the Uk should be aware of?

1. The Future is Here: Why Passwordless Technology is the New Standard
2. Protect Yourself: How to Prevent APP Fraud and Safeguard Your Customer’s Finances
3. Enhancing Customer Experience: The Importance of Streamlining Account Access and Password Resets

#1: The Future is Here: Why Passwordless Technology is the New Standard

For years, the primary way of authentication has been through passwords, which are cumbersome and can be easily hacked. Passwordless technology, on the other hand, has been a long-awaited solution that promises to provide a more secure and convenient way of logging in. While the concept of passwordless technology has been around for some time, recent advancements in technology have finally made it a practical reality. 

Here’s what you need to know about phasing out passwords in the UK…

‍

What are the Downsides of Passwords?

If you feel as if the promise of the internet is just one forgotten password away, you are far from alone. Today, password fatigue is “experienced by many people who are required to remember an excessive number of passwords as part of their daily routine.” This hardly comes as a surprise given that the average internet user has to remember a password and username for a staggering 90 accounts and is encouraged never to write them down. To make matters worse, not only are all of these password requirements annoying, but they’re also increasingly ineffective at protecting users and preventing fraud. As password requirements become longer and more stringent, poor password hygiene becomes more common (especially sharing passwords across accounts resulting in “the domino effect”) and fraud rates continue to rise.

Additional Resource: How to Go Passwordless with Prove Auth™

For years, banks, financial institutions, and companies have added new security measures like one-time passcodes (OTPs) on top of the unstable foundation which is passwords. Unfortunately, even these additional security measures are vulnerable to attack. Fraudsters, for instance, already have a tried-and-true playbook for intercepting one-time passwords via fraudulent SIM swaps. Again and again, we watch as fraud, security measures, and friction rise in lockstep. The result? Rising fraud and increased friction. 

Additional Resource: How to Fight the Menace of Rising SIM Swap Fraud in the UK

Today, companies in almost every sector are racing to up-level their user’s digital experience from beginning to end to stay competitive. Unfortunately, requiring the user to log in via passwords makes a terrible first impression and can even hurt the bottom line. 

‍

How Does Passwordless Technology Work?

Passwordless technology leverages multi-factor authentication (MFA) to confirm the identity of a user. Here’s a handy explainer of MFA: 

Multi-factor authentication: using two or more factors to achieve authentication. Factors include (i) something you know (e.g. password/personal identification number (PIN)); (ii) something you have (e.g., cryptographic identification device, token); or (iii) something you are (e.g., biometric). See authenticator.

Passwordless technology leverages “something you have” and “something you are” instead of “something you know.” This approach provides a more secure and user-friendly experience by reducing the risk of account takeover due to compromised or stolen passwords.

‍

What are the Benefits of Passwordless Technology?

Passwordless technology offers numerous advantages to consumers and businesses alike. With passwordless technology, customers no longer need to create, remember, or frequently update their passwords for online accounts. Consequently, they are less likely to switch to other companies due to forgotten passwords. This small change can enhance customer loyalty and improve a company's profits.

‍

How Can Passwordless Technology Save Your Company Money?

First things first, passwords are likely costing you much more than you think. Let’s tackle both the visible and often-hidden costs of passwords. 

• Pay-As-You-Go OTP model adds up quickly: Sure, sending a single OTP may cost less than a pence but it adds up quickly when you consider just how frequently customers need to request one to log in or change their password. Because Prove Auth uses a predictable, annual subscription model, you never have to be surprised by higher-than-expected OTP bills again and you may even save money. Many of Prove’s customers report annual savings of up to 50% when they switch from OTPs to passwordless. 
• The cost of resetting passwords is astronomical: with the cost of a single password reset sometimes reaching as much as £150, it’s no wonder why UK companies are shelling out millions for password resets every year. When you go passwordless, these costs disappear. 
• Vendor consolidation saves time and money: the current system of authentication and verification relies on a hodgepodge of vendors, including the username and password management system, OTP vendors from multiple countries, and other cybersecurity vendors. By streamlining and improving your security flow with Prove Auth, you can shorten the list of vendors you pay every month, saving you time and money.

‍

How Will Passwordless Technology Help Increase Revenue?

Reducing Abandonment rates: when customers struggle to log in because they forgot their password, they will often just create a whole new account with a competitor. One survey found that 62% of consumers said they’d abandon trying to log into an account after just three failed password attempts, 51% would switch brands as a result of slow identity verification, and 34% would switch providers completely if they’re unable to log into their account easily. By going passwordless and making it easy for customers to access their accounts, you can increase your revenue. 

‍

Is Prove Auth™ FIDO and GDPR compliant?

Yes, Prove’s privacy-enhancing FIDO authentication supports compliance with GDPR, PSD2 SCA, and eIDAS.

‍

‍

How Do You Go Passwordless?

To stop the vicious fraud-friction cycle, it’s time to phase out legacy technologies like passwords and OTPs and finally go passwordless. With Prove Auth™, Prove’s unified authentication solution, UK-based companies can enjoy a host of benefits like minimizing customer friction for both low and high-risk transactions while still keeping fraud at bay. 

With Prove Auth™, United Kingdom companies can…

• Reduce reliance on OTPs and passwords by enabling passwordless login or step-up auth
• Authenticate any device anywhere via app push notification or biometrics
• Reduce authentication costs by cutting out OTP and Password Reset charges

‍

#2: Protect Yourself: How to Prevent APP Fraud and Safeguard Your Customer’s Finances

‍

What is APP Fraud?

APP is an abbreviation for an Authorized Push Payment. 

When you picture the typical fraud scenario, you’re probably picturing fraud via unauthorized payments. Unauthorized payments or charges occur when a bad actor steals a victim’s credit card credentials, for instance, to make purchases without the victim’s knowledge or consent.

Fraudulent authorized transactions, on the other hand, are a bit more complicated because they involve the knowledge of the victims. In these scenarios, a fraudster will “socially engineer” or fool a victim into transferring (or “pushing”) funds to the fraudster’s account. 

Because the victim is implicit in the fraud to a degree, it can be really difficult for banks, companies, and even law enforcement to flag. Because it’s so difficult to prevent,  losses from APP fraud totaled a staggering £583 million last year. 

Additional Resource: What is APP Fraud and How Can UK Companies Combat It?

Today, APP fraud has become a national crisis in the United Kingdom. Last year, losses from APP fraud totaled a staggering £583 million. With fraud increasing 39% from the previous year, APP scams are “now the biggest fraud threat to British businesses and consumers, having made up over half of all scams that took place through 2021.” Fortunately, new technology exists to prevent APP fraud.

‍

What are the Telltale Signs of APP Fraud?

Although APP fraud is notoriously difficult to spot, there are telltale signs of this crime. Various risk indicators can show whether a consumer is being manipulated into fraudulent activities in real time. For example, fraudsters will often coach their victims on how to transfer large amounts of funds from their bank accounts over the phone, even going so far as instructing them on what to say to bank staff to avoid a freeze on their accounts. By tracking whether a customer is speaking with both the bank and a third party simultaneously, it’s possible to identify APP fraud. Other indicators include network usage and call patterns that match typical fraudulent activity, and device usage patterns that differ from the user's typical behavior.

‍

How Can UK-based Institutions Prevent APP Fraud?

Trust Score+™ with Scam Signal is a real-time measure of phone number reputation and behavioral risk and can determine if a phone line is in session at the moment of transaction, mitigating APP fraud and other consumer scams. This is a powerful tool that prevents fraudsters from coaching victims to fall for APP fraud over the phone. 

Additional Resource: Prove Identity Steps Up Fight Against Authorized Push Payment Fraud in the UK

‍

#3: Enhancing Customer Experience: The Importance of Streamlining Account Access and Password Resets

Not ready to go passwordless yet? That’s okay, you can still make major improvements to customer experience and security by making it easier for legitimate customers to access their accounts. 

‍

What Difficulties Do Consumers Face When Accessing Their Accounts?

Forgetting passwords is a major barrier for consumers today.  In fact, according to one study, 78% of the 500 respondents accepted that they had to reset the passwords for one personal account in the last 90 days,

If a consumer finds the password reset experience overly complicated, they may abandon the process altogether and start up a new account at a competitor instead. According to the 2022 Passwords & Authentication Consumer Trends Report:

• 62% of U.S. consumers said they’d abandon trying to log into an account after just three failed password attempts
• 51% would switch brands as a result of slow identity verification
• 34% would switch providers completely if they’re unable to log into their account easily

The last thing you want is for a consumer to feel like accessing their account is a friction-filled consumer journey. Unfortunately, the rise in fraud has made the proliferation of passcodes, OTPs, PINs, and other frustrating security measures a necessary evil. Fortunately, there’s a phone-centric technology called Mobile Auth that secures account access and password resets that works totally in the background, adding no friction to the consumer experience. 

Mobile Auth: Prove’s Mobile Auth solution connects with mobile networks to verify that any activity is coming from an expected device, authenticating customers without easily compromised passwords or PINs. Because it is built on core network infrastructure, it is a secure and frictionless method to strengthen a customer’s authentication flow.

Additional Resource: Prove announces UK launch of Mobile Authentication, reducing reliance on SMS one-time passcodes to mobile devices

‍

Conclusion

The UK tech industry is rapidly evolving, but it is not without its challenges. Fraud and poor user experience are some of the downsides of this current digital revolution. However, companies that provide customers with premier digital experiences that are easy, secure, and privacy-enhancing are enjoying a competitive advantage. Companies that phase out passwords, tackle APP fraud head-on, and enhance customer experience by streamlining the password reset process will be ahead of the curve in the years to come.