sCX: How user experience and security go hand in hand

 “Security is always excessive until it’s not enough.” This often-cited quote holds true for any industry, but even more so in the retail banking space.

A security problem can cause a lot of damage to a financial institution, especially if it’s a data breach that leads to nice headlines in the press. Trust in banks has gone south since the financial crisis and combining customer experience with airtight security is key in boosting banks’ reputations. Secure customer experience (sCX) will be the defining factor in deciding the winners and losers in retail banking.

Security has only grown in importance for those in financial services and will looks set to continue. According to market research studies, one out of four malware attacks in 2019 were directed at banks. No other industry suffers that same fate. It is obvious that cybercriminals will target businesses that are money-oriented, of course, and every player in the financial market is taking precautions against security breaches. Recent developments are ensuring that the IT security budgets at banks are growing in importance every year, further depleting the razor-thin margins banks are operating at.

PSD2 and other regulations

For starters, banks are being forced to open up. Regulations such as PSD2 are demanding banks give third-party access to their payment infrastructure and customer data. Doing this offers more choice to customers, opens up the financial market to non-financial players and increases competition. A positive evolution. Yet, the need for exchanging information between applications through Application Programming Interfaces (APIs) creates extra vulnerabilities that need addressing. According to recent research, the percentage of attacks that targeted APIs at financial institutions rose sharply between May and September 2019, at times reaching 75%.

Ecosystems flourish

Secondly, retail banks are building ecosystems with IT partners in order to offer customers more services, even non-finance related. Presenting a broad range of services helps drive loyalty in an era where switching from one bank to another is getting simpler by the day. APIs are key in setting up these ecosystems, demanding even more protective measures.

Customers going mobile

Thirdly, there’s the digitization of the way consumers interact with their banks. To a bank’s customer, the advent of smartphone apps that offer a wealth of services seems like the best invention since sliced bread. Digitization had completely changed the relationship between a bank and its customers. How often do you still visit your bank? And how often do you do banking business through your mobile? That ratio has completely flipped over the last decade. Mobile banking was a major step forward in offering a great user experience in the financial world. On the other hand: insecure connections, user sloppiness with credentials, the loss and theft of phones …. even more reasons to step up security.

Customers demanding consistent experiences

Last, and certainly not least, is the demand from customers for a seamless experience. Consumers want ease of use and consistency across different banking channels and across the different journeys they engage in with a bank: onboarding, performing transactions, resolving problems, etc. Consumers want to take the lead in deciding what they do, when and where to do it, and how to deal with data protection. Self-service is the order of the day, and consumers don’t want to conduct business only during opening hours.

Platform requirements

It’s clear that Identity and Access Management (IAM) plays a crucial role in marrying data security with user experience, thus allowing of a secure customer experience. Here are some of the capabilities and features to look for in an IAM that offers the best of both worlds, without making your development budget go through the roof:

  • Integration of business rules and business logic into the workflows;
  • Attribute-Based Access Control (ABAC) to support changing requirements, environment, partners, etc.;
  • Prebuilt connectors and templates for fast deployment and short development cycles
  • Open platform, easy to customize;
  • Centralized policy management;
  • Support for Bring your own Authentication (BYOA), single sign-on (SSO), Password-less authentication, Step-up authentication, Biometrics, Social login;
  • GDPR compliance, allowing users to give and revoke their own consent for sharing personal data towards applications.

Are these indeed some of the requirements you are looking for? Then let’s have a chat and see how we can work on improving your sCX.


Frank Hamerlinck

Frank Hamerlinck

As co-founder of global trade management leader Porthus, customer experience platform NGDATA, and strategic consulting services company innacco, Frank embodies the entrepreneurial mindset. His 20+ years of ICT experience is complemented by his position as ‘Entrepreneur in Residence’ at iMinds and coach at Netwerk Ondernemen.

Related articles

How personas take Single Sign-on to the next level
Ever more companies are catching on to single sign-on, to increase the productivity of their employees, or to reduce the hurdle for customers when they authenticate for various applications offered by the organization. By combining SSO with the notion of personas, organizations can now make SSO even more user-friendly and secure.
Behind the scenes: how a product comes to life at TrustBuilder
Markets evolve fast – products have to evolve even faster. Working in the product team at TrustBuilder is very much like playing in the Premier League: high intensity, high pressure, high quality. We took a tour of the grounds with Kurt Berghs, Product Manager at TrustBuilder, to understand how products are initiated and designed and how new features are prioritized. And how the customer is always front and center in all developments.
Want to build a digital ecosystem? Start with embedded finance.
If you are not building a digital ecosystem yet to supplement your own services, now is the time to start. Strategy consultants like McKinsey or Accenture are urging companies to become the leader in these ecosystems if they don’t want to be left behind. Don’t know where to start? Embedded finance is a good first building block when forging a more complete portfolio of services.

Book a meeting

Engage in a chat with our product people to discuss IAM trends and challenges, and our solutions.

Request a Maturity Assessment

Take our Maturity Assessment to find out how you can accelerate your digital transformation.

Schedule a demo

Experience the power of Suite through a demo, personalized to your challenges.

Contact us

Visit our offices, send us a mail, call us, or simply fill out a contact form.