The Biometrics Revolution

  • Posted by: Dan Becker, SVP, Corporate Development

In the modern marketplace,  high consumer satisfaction means less churn, longer lifetime, lower acquisition costs, and higher growth of related services. But in 2019, community-based FIs (especially credit unions) lost their lead advantage in consumer satisfaction. According to a 2019 ACSI report, the single most contributing factor in the decline is contact center satisfaction, which slumped 5% from the previous year in 2018. ACSI notes "Members feel contact centers are much less efficient.”

Inefficiency in the contact center begins at consumer authentication and flows downstream. The root cause of the inefficiency is continued use of a legacy caller authentication method, followed by add-on solutions to address its shortcomings.  

Mobile device biometrics is a superior solution that offers instantaneous efficiency, the latest security, and a vastly improved consumer experience.

The Legacy of KBA ‣‣‣‣‣‣‣‣

1. Consumer Experience

In the context of contact centers, Knowledge-Based Authentication (KBA) is euphemistic for what many call agents classically refer to as "Inbound Challenge & Response." To consumers, KBA is at best a moment of frustration or, more likely, a cumulative broken cross-channel experience. 

Consider one consumer’s journey to the contact center:

        • Determined. Excited to move ahead on a first-time home purchase, a consumer ventures online to shop for rates and discovers competitive terms from a local FI.
        • Eager. He visits a branch the next day, opens a deposit account, and departs with directions for the online lending application.
        • Excited. The consumer returns home, registers online and looks over the nifty account management features, but steps away for a minute.
        • Irritated. He returns to resume the loan application but, forgetting his recent password change, fails his login.
        • Frustrated. After three failed login attempts, this prospective loanee is locked out before completing the application.
        • Resigned. The consumer searches through paperwork and dials the support number.
        • Impatient. He is greeted by an IVR system. Working his way through multiple routing menus, he waits as the call sits in a holding queue.
        • Confronted. The consumer connects to an agent at last. Before offering a reason for the call, he is immediately deposed with a series of challenge questions.
        • Upset. He cannot recall a required answer and is placed on hold while the agent looks up fallback procedures.
        • Hostile. The agent returns with a new set of questions, but the consumer fails to confirm exact address details to one of many former rented residences.
        • Despairing. Application abandoned.

An average of 10-15% (and up to 30%) of legitimate consumers fail in their reply to KBA security questions and must end the call or endure an alternative fallback verification method.

2. Security

As a security method for fraud prevention, most KBA used in contact centers is antiquated by 50 years. KBA works on the premise of private information or private access to it. The problem is little to no information is truly private in the modern and connected world. Significant data breaches and freely provided personal data on social and commercial platforms are commonplace.

Distil Networks, a fraud detection firm, estimates that 3-5% of user credentials at every FI are compromised. As of 2019, Neustar estimated 51% of all FI fraud starts at the contact center; in 2020, Contact Center Weekly placed it at 60%.

Any KBA method is ineffective against today's fraud.

3. Operating Costs

KBA imposes even higher costs directly on an FI and its contact center operations. As call volumes increase, the inefficiency introduced by KBA cascades throughout the contact center operation.

Caller authentication is the governor of FI contact center operations. Since the first step of inbound calls is authentication, it determines the potential throughput rates for the linear process downstream, the buildup rates for call queues upstream, and it impacts available resources throughout the center. Simply put, call authentication efficiency sets max efficiency for the entire contact center system.

The legacy of KBA has left FI contact centers with skyrocketing costs, ineffective security, and a poor consumer experience. It is taking a toll on community-based FIs at a time when consumer satisfaction could not be more critical.  


Calling all Industry ‣‣‣‣‣‣‣‣

FIs are undertaking several initiatives to manage the growing contact center issues. However, their limited success underscores the requirement for a KBA alternative in the contact center and across all touchpoints. FIs must treat the root cause, not the symptoms. The outcome of any initiative to improve consumer experience in the contact center and across all touchpoints depends on a consistent and unified alternative to the continued use of KBA.

Consumer Contact Week conducted a 2020 market study that surveyed the leadership and IT teams across contact centers. It identified the industry's top two priorities over the next five years as #1: Reduce the consumer effort, and #2: Achieve consistency across all consumer touchpoints.

Fortunately, there is an easy solution.


Mobile Device Biometrics ‣‣‣‣‣‣‣‣

Mobile device biometrics (MDB) is the fingerprint, retinal, and facial read technology built into nearly all consumer mobile phones. It provides the basis for a far superior solution to authenticate calls and all touchpoints.

MDB improves the contact center and consumer experience:

        • An agent receives a call.
        • A verification request pops up on the caller’s device.
        • The caller is authenticated using the biometric read.

It is simple, near instantaneous, and it bypasses KBA. More importantly, it is the only authentication method that is consumer available, consumer familiar, and consumer useable across all service environments. There is no laborious enrollment, opt in, or training required to make MDB authentication available to consumers. It is already standard on any modern smartphone.

U.S. consumers already accept and trust MDB for authentication. As the smartphone is one of our most personal possessions, MDB authentication is already used by consumers tens of times each day, from physical phone access to sensitive payments, and authentication across digital services.

More importantly, for contact centers, branches, or any touchpoint that requires authentication, MDB is perfectly suited to quickly sidestep the personal and awkward confrontation of KBA. One quick and simple device read and people can carry on a natural and trusted human conversation.

Multifactor authentication is often cited as the gold standard in security. While most contact centers do not apply it, some use a technology vendor to provide two factors. MDB device authentications provides three factors:

        • Something you are: Biometric signature
        • Something you have: Mobile device
        • Something you know: Populated password

It also provides other equally best-in-class security attributes:

    1. Out-of-band verification
    2. A secure encrypted protocol
    3. A real-time ephemeral process
    4. Layered authentication.

MDB technology evolves in quick generational cycles relative to mobile devices. The sensor quality used to create and read the biometric signature, the mathematical hashes of the signatures, and the secure encrypted methods employed all evolve with each generation of MDB components. Hence, while the consumer-facing brand name Apple FaceID or Samsung Pass may stay the same, the biometric technology behind it is constantly improving to stay on the frontlines of security.

Finally, MDB authentication provides unparalleled cost savings for an FI. Reduced authentication time, from 55 to 5 seconds roundtrip, returns 91% of the average lost productivity due to KBA. For a smaller scaled FI contact center, that alone adds back an estimated average of $22,500 per month or $272,000 annually. Additionally, other costs are spared including unnecessary call technology, capacity expansion, training, and reduced costs of fraud.

MDB authentication requires no investment in client-side technology. As it comes pre-built into consumer devices, there is little cost or time for implementation, whether at remote call centers, work from home locations, or at in-branch teller and service desks. Additionally, when MDB is built into employees’ existing admin systems, there are no additional screens or windows to navigate.


“Reduced authentication time, from 55 to 5 seconds roundtrip, returns 91% of the average lost productivity due to KBA. For a smaller scaled FI contact center, that alone adds back an estimated average of $22,500 per month or $272,000 annually.”


MDB is simply an elegant authentication solution that follows the maxim "less is more”: less consumer effort and pain, more FI security and efficiency.

Community-based FIs have the unique opportunity to cut out the chase imposed by the legacy of KBA, and beyond the big banking processes and costs invested in it.

They now also have the most to re-gain: consumer satisfaction.

Dan Becker, SVP, Corporate Development
Author: Dan Becker, SVP, Corporate Development
Dan is a strategy and corporate development leader with 17 years of experience in new ventures and corporate incumbents in enterprise and consumer technology, with 13 investment and control transactions completed with an aggregate $1.5B+ value. A 2016 Kauffman Fellow in Private Equity/Venture Capital, Dan graduated from the Kellogg School of Management at Northwestern University with an MBA in Strategy, Finance & Innovation. His interests include decentralized data ownership and monetization.