Context Aware™ Authentication, also known as context-based authentication, is a secure form of customer authentication that adapts security requirements in real-time based on a user’s contextual information, such as their location, device, and user behavior. This type of authentication determines the level of risk of each customer transaction and determines the best authentication solution in that moment, based on the risk level.
In other words, if a banking transaction is deemed high risk, perhaps because the customer is transacting from a continent that is not their usual location, the solution will step up the authentication and request a biometric verification from the customer to prove it is them and not a fraudster initiating the transaction.
How does Context Aware Authentication benefit banks?
In banking, siloed customer data can prevent security solutions from differentiating customers from fraudsters. In this case, data about the customer's preferences and typical behavior may not even be shared across a financial institution’s various customer engagement channels. This can lead to a disjointed user experience and inadequate protection against today’s complex fraud attacks.
A context-based authentication approach provides additional protection against digital banking fraud, without introducing unnecessary friction to the authentication experience. This is thanks to the use of both silent authentication measures (like risk-based authentication) and active measures (like biometrics) to assess the risk of each customer transaction in real-time and provide the most suitable authentication based on the data or context it gathers.
Example:
A customer wants to make a peer-to-peer (P2P) payment for the first time to a relative. Since it’s the first time they are using this feature, their bank uses silent authentication measures to check whether they’re using their usual device and their current location. Since the customer also chooses to make a large payment, the bank requests active authentication measures too, in the form of biometrics. The customer scans their fingerprint, their identity and choices are verified, and the payment goes through. If the customer made a small payment only, the silent authentication measures would likely be enough to match the risk level and context of the transaction.