MFA good for more than just security

Issue 1 2022 Security Services & Risk Management

The insurance industry has always been quick to secure their customers’ assets – after all, their business depends on it. In today’s data-driven era, however, the world has come to realise that personal and financial information can be as valuable and therefore requires the same care when it comes to security.

Traditionally, banks have excelled at protecting their customers’ information and access to their funds. Many business leaders in other industries, however, insurance included, do not yet fully understand the value and extensive operational benefits that come with embracing multi-factor authentication (MFA), says global authentication expert, Entersekt.

“When compared to the bigger banks, many insurance companies tend to be in the earlier phases of their digital transformation journey. Until now, the key driver for insurers has been to enable self-service customer channels. But to achieve this, there must be layers of security installed on their digital platforms to ensure that customers accessing system information are who they say they are. More than just protecting transactions, such as claims payments, insurance leaders must also take a close look at how robust their security is when it comes to keeping fraudsters from accessing personal information,” explains Pieter de Swardt, senior vice president: Sales Operations at Entersekt.

De Swardt goes on to explain that the broader insurance industry has access to a large amount of personal information that, if in the wrong hands, can easily be used to defraud patients. In many cases this sensitive information is currently only secured by a username and password which is woefully inadequate.

Protecting the whole ecosystem

The insurance industry has a fairly large ecosystem and when it comes to protecting personal information, business and security leaders need to give thought to how they will ensure that all the necessary checks and balances are in place throughout that ecosystem.

“Not only are we getting more enquiries from insurance companies themselves, but also their service providers, including brokers, doctors, pathologists and others. By having access to patients’ personal information, the risk profiles of service providers are increased, causing them to seek stronger security measures to mitigate operational risks,” de Swardt shares.

De Swardt explains that this requirement is also driving the adoption of multi-factor authentication across the broader insurance ecosystem.

Focusing on security as a foundation and enabling strong authentication is the first step to securing data, according to De Swardt. Strong authentication to prove who is accessing the data is a must, as well as a system that is optimised to detect if an imposter is attempting to access user information.

Multi-factor authentication (MFA) is an effective way to control access to data by requiring a user to present credentials from at least two of the following categories: Something only they know, such as a PIN; something only they have, such as a smartcard or mobile phone; and something the user is, which includes biometric data. By requiring at least two, or a combination of these authentication factors, MFA makes it extremely difficult for a hacker to access the data.

De Swardt also points to the very large reputational risk that comes with a data breach, especially in healthcare, which can be exceptionally costly. In the US alone, more than 40 million patient records were compromised in 2021, with some hospitals facing damaging legal action as a result. This has placed a spotlight on the very urgent need for the entire healthcare sector, including the many health insurance companies working closely with the hospitals, to better protect user data.

“The sensitivity of medical information means a data leak can be catastrophic for a healthcare company, and rightly so. Our personal information is valuable and should be protected. While there is a need to ensure a low-friction environment for authorised professionals, it is vitally important that providers do everything possible to protect their customers’ data.”

So much more than just security

De Swardt goes on to explain that far more than just providing strong security, MFA can impact operational efficiencies as well.

“Call centres are very important channels in the insurance and healthcare space. Multi-factor authentication methods can be used effectively to drive down time spent verifying callers and establishing positive caller ID. Rather than clients having to go through a raft of knowledge-based questions, agents can quickly send a mobile identity request via a push notification, which the customer can accept and then the call can proceed. This streamlined process significantly reduces the time an agent has to spend verifying a caller and at the same time drastically improves the customer experience,” he explains.

What’s more, de Swardt adds that using MFA in call centre engagements also ticks a very big regulatory box since there is an auditable record of each customer interaction. These iron-clad records also cut down on the number of disputes where customers claim they didn’t authorise actions, when in fact, they did.

“It’s hard to deny the benefits of a security solution that can have such a positive effect on the user experience,” de Swardt concludes. “Some of our clients are saving countless operational hours and at the same time their end-customers benefit from stronger security with a better user experience. The right solution can truly be a win-win.”




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Risk management and compliance enforcement
Security Services & Risk Management
Having a risk management and compliance programme (RMCP) is not just a procedural formality; it is a legal requirement under Section 42 of the Financial Intelligence Centre Act (FICA).

Read more...
The dangers of poor-quality solar cables
Security Services & Risk Management Smart Home Automation
Reports indicate that one in six fires attended by South African firefighters is linked to substandard solar installations, often due to faulty wiring or incompatible components.

Read more...
Growing risks for employers
Security Services & Risk Management
With South Africa’s unemployment rate exceeding 32% and expected to rise beyond 33% this year, desperation is fuelling deception in the job market. Trust is no longer a given, it is a gamble.

Read more...
Chubbsafes celebrates 190 years
Gunnebo Safe Storage Africa News & Events Security Services & Risk Management
Chubbsafes marks its 190th anniversary in 2025 and as a highlight of the anniversary celebrations it is launching the Chubbsafes 1835, a limited edition 190th-anniversary collector’s safe.

Read more...
New law enforcement request portal
News & Events Security Services & Risk Management
inDrive launches law enforcement request portal in South Africa to support safety investigations. New portal allows authorised South African law enforcement officials to securely request user data related to safety incidents.

Read more...
Continuous AML risk monitoring
Access Control & Identity Management Security Services & Risk Management Financial (Industry)
AU10TIX, launched continuous risk monitoring as part of its advanced anti-money laundering (AML) solution, empowering businesses to detect behavioural anomalies and emerging threats as they arise.

Read more...
Growing risks for employers
Security Services & Risk Management
With South Africa’s unemployment rate exceeding 32% and expected to rise beyond 33% this year, desperation is fuelling deception in the job market. Trust is no longer a given, it’s a gamble.

Read more...
Managing mining physical security risks
Zulu Consulting Security Services & Risk Management Mining (Industry) Facilities & Building Management
[Sponsored] Risk-IO, a web app from Zulu Consulting, is designed to assist risk managers in automating and streamlining enterprise risk management processes, ensuring no steps are skipped and everything is securely documented.

Read more...
SAFPS issues SAPS impersonation scam warning
News & Events Security Services & Risk Management
The Southern African Fraud Prevention Service (SAFPS) is warning the public against a scam in which scammers pose as members of the South African Police Service (SAPS) and trick and intimidate individuals into handing over personal and financial information.

Read more...
Rewriting the rules of reputation
Technews Publishing Editor's Choice Security Services & Risk Management
Public Relations is more crucial than ever in the generative AI and LLMs age. AI-driven search engines no longer just scan social media or reviews, they prioritise authoritative, editorial content.

Read more...