MFA good for more than just security

Issue 1 2022 Security Services & Risk Management

The insurance industry has always been quick to secure their customers’ assets – after all, their business depends on it. In today’s data-driven era, however, the world has come to realise that personal and financial information can be as valuable and therefore requires the same care when it comes to security.

Traditionally, banks have excelled at protecting their customers’ information and access to their funds. Many business leaders in other industries, however, insurance included, do not yet fully understand the value and extensive operational benefits that come with embracing multi-factor authentication (MFA), says global authentication expert, Entersekt.

“When compared to the bigger banks, many insurance companies tend to be in the earlier phases of their digital transformation journey. Until now, the key driver for insurers has been to enable self-service customer channels. But to achieve this, there must be layers of security installed on their digital platforms to ensure that customers accessing system information are who they say they are. More than just protecting transactions, such as claims payments, insurance leaders must also take a close look at how robust their security is when it comes to keeping fraudsters from accessing personal information,” explains Pieter de Swardt, senior vice president: Sales Operations at Entersekt.

De Swardt goes on to explain that the broader insurance industry has access to a large amount of personal information that, if in the wrong hands, can easily be used to defraud patients. In many cases this sensitive information is currently only secured by a username and password which is woefully inadequate.

Protecting the whole ecosystem

The insurance industry has a fairly large ecosystem and when it comes to protecting personal information, business and security leaders need to give thought to how they will ensure that all the necessary checks and balances are in place throughout that ecosystem.

“Not only are we getting more enquiries from insurance companies themselves, but also their service providers, including brokers, doctors, pathologists and others. By having access to patients’ personal information, the risk profiles of service providers are increased, causing them to seek stronger security measures to mitigate operational risks,” de Swardt shares.

De Swardt explains that this requirement is also driving the adoption of multi-factor authentication across the broader insurance ecosystem.

Focusing on security as a foundation and enabling strong authentication is the first step to securing data, according to De Swardt. Strong authentication to prove who is accessing the data is a must, as well as a system that is optimised to detect if an imposter is attempting to access user information.

Multi-factor authentication (MFA) is an effective way to control access to data by requiring a user to present credentials from at least two of the following categories: Something only they know, such as a PIN; something only they have, such as a smartcard or mobile phone; and something the user is, which includes biometric data. By requiring at least two, or a combination of these authentication factors, MFA makes it extremely difficult for a hacker to access the data.

De Swardt also points to the very large reputational risk that comes with a data breach, especially in healthcare, which can be exceptionally costly. In the US alone, more than 40 million patient records were compromised in 2021, with some hospitals facing damaging legal action as a result. This has placed a spotlight on the very urgent need for the entire healthcare sector, including the many health insurance companies working closely with the hospitals, to better protect user data.

“The sensitivity of medical information means a data leak can be catastrophic for a healthcare company, and rightly so. Our personal information is valuable and should be protected. While there is a need to ensure a low-friction environment for authorised professionals, it is vitally important that providers do everything possible to protect their customers’ data.”

So much more than just security

De Swardt goes on to explain that far more than just providing strong security, MFA can impact operational efficiencies as well.

“Call centres are very important channels in the insurance and healthcare space. Multi-factor authentication methods can be used effectively to drive down time spent verifying callers and establishing positive caller ID. Rather than clients having to go through a raft of knowledge-based questions, agents can quickly send a mobile identity request via a push notification, which the customer can accept and then the call can proceed. This streamlined process significantly reduces the time an agent has to spend verifying a caller and at the same time drastically improves the customer experience,” he explains.

What’s more, de Swardt adds that using MFA in call centre engagements also ticks a very big regulatory box since there is an auditable record of each customer interaction. These iron-clad records also cut down on the number of disputes where customers claim they didn’t authorise actions, when in fact, they did.

“It’s hard to deny the benefits of a security solution that can have such a positive effect on the user experience,” de Swardt concludes. “Some of our clients are saving countless operational hours and at the same time their end-customers benefit from stronger security with a better user experience. The right solution can truly be a win-win.”

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Natural catastrophes and fire risks top concerns
Security Services & Risk Management Asset Management Residential Estate (Industry)
Natural disasters are the highest risk in the real estate industry, followed by fire and explosions, and then business interruption. Estates must prioritise risk management and take proactive measures to safeguard their assets, employees, and reputation.

Building a solid foundation
Alwinco Security Services & Risk Management Asset Management Residential Estate (Industry)
Understanding the roles of a Risk Assessor and a Risk Manager is like building a solid and secure foundation in the security world. Andre Mundell makes it easy to understand.

Using KPIs to measure smart city progress
Axis Communications SA Residential Estate (Industry) Integrated Solutions Security Services & Risk Management
United 4 Smart Sustainable Cities is a United Nations Initiative that encourages the use of information and communication technology (including security technology) to support a smooth transition to smart cities.

Enhancing estate security, the five-layer approach
Fang Fences & Guards Residential Estate (Industry) Integrated Solutions Security Services & Risk Management
Residential estates are designed to provide a serene and secure living environment enclosed within gated communities, offering residents peace of mind and an elevated standard of living.

Local manufacturing is still on the rise
Hissco Editor's Choice News & Events Security Services & Risk Management
HISSCO International, Africa's largest manufacturer of security X-ray products, has recently secured a multi-continental contract to supply over 55 baggage X-ray screening systems in 10 countries.

Detecting humans within vehicles without opening the doors
Flow Systems News & Events Security Services & Risk Management
Flow Systems has introduced its new product, which detects humans trying to hide within a vehicle, truck, or container. Vehicles will be searched once they have stopped before one of Flow Systems' access control boom barriers.

A standards-based, app approach to risk assessments
Security Services & Risk Management News & Events
[Sponsored] Risk-IO is web-based and designed to consolidate and guide risk managers through the whole risk process. In this article, SMART Security Solutions asks Zulu Consulting to tell us more about Risk-IO and how it came to be.

Cybercriminals embracing AI
Information Security Security Services & Risk Management
Organisations of all sizes are exploring how artificial intelligence (AI) and generative AI, in particular, can benefit their businesses. While they are still figuring out how best to use AI, cybercriminals have fully embraced it.

Integrate digital solutions to reduce carbon footprint
Facilities & Building Management Security Services & Risk Management
As increasing emphasis is placed on the global drive towards net zero carbon emissions, virtually every industry is being challenged to lower its carbon footprint and adopt sustainable practices.

Visualise and mitigate cyber risks
Security Services & Risk Management
SecurityHQ announced its risk and incident management capabilities for the SHQ response platform. The SHQ Response Platform acts as the emergency room, and the risk centre provides the wellness hub for all cyber security monitoring and actions.