Presented by Envestnet | Yodlee
Financial fraud is growing as data sharing becomes more complex. Stream this VB On-Demand event to learn how payment processors can step in and take a stand against data breaches and bad actors, with highly secure ways to retrieve, verify, and share data.
Digital financial applications and services, which offer convenient ways for consumers to pay for products and services, send and receive money and manage investments, have become the norm. But as digital interactions proliferate across the financial ecosystem, regulatory compliance becomes more crucial as the risk of fraud grows exponentially.
Account verification is the critical first step. Before any transaction, a financial services company must verify that the funding source is valid, that the account has enough funds, and that those funds belong to that customer. Account verification, in many cases, exposes ownership and bank details to the financial services company. Given the required infrastructure and compliance needed to manage and maintain bank data, account tokens serve as a highly secure way to retrieve, verify and share verified account data.
“We have an obligation to protect customer data at all times,” says Lloyd Fernandes, VP, product management at Envestnet | Yodlee. “That is why the industry and companies must consider adopting the most secure account verification standards.”
Why account tokens are critical now
When a customer logs into a site or an app, they’re handing over incredibly sensitive data to the fintech or the organization that’s running the workflow, whether they’re opening an account or making a payment. The financial services company gets access to ownership information, balance information and bank account data like routing and account numbers.
“Verification is enhanced holder profile information,” Fernandes says. “AI- and ML-powered transactional analytics can additionally provide derived information about a bank account that opens up better methods of account verifications and thereby newer revenue opportunities. All of that means account tokens are critical, because now that serves as a starting point for a number of different capabilities that account verifications can be the appropriate solution.”
The consumer gives up that information in exchange for ease and convenience, like speedy log-ins and quick transactions — but in return, also expects that data will be saved, used and transmitted securely and safely.
“That’s where account tokens also play a big role,” Fernandes says. “When sensitive data is always tokenized, from the time it’s sourced to the time it’s used, that token becomes the secure go-between from account verification to transaction. Only the data needed to verify the funding source is transmitted, the data is encrypted and the user’s credentials are securely managed throughout the entire process.”
The token-based authentication protocol eliminates friction, because once it verifies a user’s identity and issues a unique access token, customers easily access that service without having to re-enter credentials every time. But tokens also offer a second layer of security, and give administrators more visibility into the user’s actions across the site, while still protecting the user’s sensitive data.
Tokenization ensures that a customer’s banking account and routing numbers are never transmitted along with a payment. It reduces the likelihood that a customer’s account information will be stored with third parties, like retailers, fintech apps and more. And when a system is compromised, the token can be deactivated, making it useless.
Account tokens and the shift toward open banking
Today, consumers are used to using account tokens for their credit and debit cards — for instance, the tokenization framework that Apple Pay and Google Pay use, which makes paying a seamless tap of the phone.
The banking sector has never really embraced the idea of tokenization for real-time payments, but fintechs are embracing the solution, making authentication tokens more common than ever before. And now we’re also seeing the FedNow and THC real-time payment services promoting these secure tokens to keep customers’ bank account numbers hidden from third parties. This is steering the industry toward a standardized tokenization protocol, and is a huge boon for a successful open banking solution.
In the open banking framework, the token represents a consumer’s credential at a financial institution. A consumer can have any number of tokens associated with them, across multiple financial institutions. With tokenization, open banking — which grants third-party access to financial data through the use of application programming interfaces (APIs) — becomes far more secure.
“Very soon consumers will have secure, fully tokenized wallets that prevent fraud,” Fernandes says. “Open banking protocols will be more secure and easier to implement than ever, making customers even more likely to embrace these solutions.”
To learn more about how authentication tokens are improving the ways financial services companies serve their customers, how they’re combating fraud and what tokenization means or the future of the industry, access this VB On-Demand event.
- Learn how account tokens work to reduce the risk of data theft
- Protect sensitive financial data from hackers and bad actors
- Simplify complex account verification processes
- Eliminate the need to store sensitive financial account information
- Prepare for open banking and open finance opportunities
- Jeff Williams, SVP of Product Development, The Clearing House (TCH)
- Ginny Chappell, EVP, Product & Marketing, Moov Financial
- Lloyd Fernandes, VP, Product Management, Envestnet | Yodlee
- Chris J. Preimesberger, Moderator, VentureBeat