PaymentsJournal
No Result
View All Result
SIGN UP
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
PaymentsJournal
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
No Result
View All Result
PaymentsJournal
No Result
View All Result

A Lack of Two-Factor Authentication Shows Your Disregard for Consumer Protection

By Tim Sloane
February 18, 2020
in Analysts Coverage, Artificial Intelligence, Emerging Payments, Fraud & Security, Fraud Risk and Analytics
0
1
SHARES
0
VIEWS
Share on LinkedIn
A Lack of Two Factor Authentication Shows Your Disregard for Consumer Protection

A Lack of Two Factor Authentication Shows Your Disregard for Consumer Protection

As digital banking and mobile commerce continue to grow, financial institutions face increasing pressure to strengthen customer authentication while maintaining a seamless user experience. Regulatory initiatives such as Europe’s Strong Customer Authentication (SCA) requirements under PSD2 highlighted the need for more secure methods of verifying user identities. Yet many organizations have been slow to move beyond outdated security tools like one-time passwords (OTPs), despite longstanding concerns about their effectiveness. Biometric authentication offers a more secure and convenient alternative, enabling financial institutions to protect customers across mobile, online, and other banking channels through a unified authentication strategy.

The above title is a modified quote attributed to Jason Tooley, chief revenue officer at Veridium. As a supplier, Veridium has a vested interest in Two-Factor Authentication (2FA) technology, but his quote is still accurate.

This article from Information Age is also spot on, indicating that the focus should be on smartphone biometrics. Mercator Advisory Group pointed this out twice in January 2017 (reports are available here and here) then again in May 2017 (available here), and yet most banks haven’t implemented biometrics across all of their channels. Even worse, many have only recently implemented One-Time Passwords which were identified as a failed security method back in 2016 and deprecated by the National Institute of Standards and Technology (NIST).

It is time to wake up and protect your customers using a consolidated 2FA biometric implementation. Here’s more from the Information Age article:

“Companies processing contactless payments will need to meet the conditions by the 14th March 2020. This would include ensuring that all appropriate systems and controls are in place.

Additionally, this date marks a six-month delay for the deadline in order to usher in an adjustment period for third-party providers (TPP) to begin only accessing Account Servicing Payment Service Providers (ASPSPs) via application providing interfaces (APIs).

However, until security of consumer data is tightened up as much as possible with the aid of the SCA initiative, it could still hang in the balance.

Jason Tooley, chief revenue officer at Veridium, shed some light on the importance of Strong Customer Authentication when it comes to the security of consumer data.

“A failure to implement Strong Customer Authentication demonstrates a disregard for consumer protection,” he said. “The ever-rising fraud levels are linked to the consumer preference of mobile e-commerce, and regulation must keep pace.

“Now that businesses have had an extended period of six months, in addition to the two years since the initial announcement, there is no excuse to not be compliant.“Strong Customer Authentication should have been prioritised long ago and viewed as a business differentiator.”

Yet in my experience talking to financial institutions in the US they are clueless about PSD2 and SCA. More importantly they don’t understand the importance of implementing a single authentication solution across all of its channels. 

The transition to stronger authentication methods is no longer optional for financial institutions seeking to reduce fraud and improve customer trust. While regulations such as PSD2 and SCA accelerated adoption in some markets, many organizations still rely on fragmented security approaches that create unnecessary risk and friction. Implementing a consolidated biometric authentication framework across all customer touchpoints can improve security, simplify the user experience, and better position financial institutions for the future of digital banking. As fraud threats continue to evolve, modern authentication strategies must evolve with them.

Overview by Tim Sloane, VP, Payments Innovation at Mercator Advisory Group

1
SHARES
0
VIEWS
Share on LinkedIn
Tags: AuthenticationBiometricsTwo-Factor Authentication

    Get the Latest News and Insights Delivered Daily

    Subscribe to the PaymentsJournal Newsletter for exclusive insight and data from Javelin Strategy & Research analysts and industry professionals.

    Must Reads

    credit union data, credit union technology

    Inside the Tech Shift Redefining How Credit Unions Operate

    July 9, 2026
    embedded payments

    What Embedded Payments Can Solve for Small Businesses

    July 8, 2026
    apple tap to pay

    Build Momentum Behind Zelle for Business

    July 7, 2026
    Accredited Payments Risk Professional

    The Growing Importance of Payments Risk Expertise

    July 6, 2026
    account aggregation

    The Dilemma Facing Financial Institutions: Aggregate or Be Aggregated

    July 2, 2026
    contactless payments

    Wherever There’s Friction, Contactless Payments Can Help

    July 1, 2026
    gift card strategy, gift card trends

    How Cautionary Spending Is Fueling Gift Card Purchases

    June 30, 2026
    Know Your Agent

    Trust but Verify: Security in the Age of Agentic AI

    June 29, 2026

    Linkedin-in X-twitter
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter

    ©2026 PaymentsJournal.com |  Terms of Use | Privacy Policy

    • Commercial Payments
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    No Result
    View All Result