MFA good for more than just security

Issue 1 2022 Security Services & Risk Management

The insurance industry has always been quick to secure their customers’ assets – after all, their business depends on it. In today’s data-driven era, however, the world has come to realise that personal and financial information can be as valuable and therefore requires the same care when it comes to security.

Traditionally, banks have excelled at protecting their customers’ information and access to their funds. Many business leaders in other industries, however, insurance included, do not yet fully understand the value and extensive operational benefits that come with embracing multi-factor authentication (MFA), says global authentication expert, Entersekt.

“When compared to the bigger banks, many insurance companies tend to be in the earlier phases of their digital transformation journey. Until now, the key driver for insurers has been to enable self-service customer channels. But to achieve this, there must be layers of security installed on their digital platforms to ensure that customers accessing system information are who they say they are. More than just protecting transactions, such as claims payments, insurance leaders must also take a close look at how robust their security is when it comes to keeping fraudsters from accessing personal information,” explains Pieter de Swardt, senior vice president: Sales Operations at Entersekt.

De Swardt goes on to explain that the broader insurance industry has access to a large amount of personal information that, if in the wrong hands, can easily be used to defraud patients. In many cases this sensitive information is currently only secured by a username and password which is woefully inadequate.

Protecting the whole ecosystem

The insurance industry has a fairly large ecosystem and when it comes to protecting personal information, business and security leaders need to give thought to how they will ensure that all the necessary checks and balances are in place throughout that ecosystem.

“Not only are we getting more enquiries from insurance companies themselves, but also their service providers, including brokers, doctors, pathologists and others. By having access to patients’ personal information, the risk profiles of service providers are increased, causing them to seek stronger security measures to mitigate operational risks,” de Swardt shares.

De Swardt explains that this requirement is also driving the adoption of multi-factor authentication across the broader insurance ecosystem.

Focusing on security as a foundation and enabling strong authentication is the first step to securing data, according to De Swardt. Strong authentication to prove who is accessing the data is a must, as well as a system that is optimised to detect if an imposter is attempting to access user information.

Multi-factor authentication (MFA) is an effective way to control access to data by requiring a user to present credentials from at least two of the following categories: Something only they know, such as a PIN; something only they have, such as a smartcard or mobile phone; and something the user is, which includes biometric data. By requiring at least two, or a combination of these authentication factors, MFA makes it extremely difficult for a hacker to access the data.

De Swardt also points to the very large reputational risk that comes with a data breach, especially in healthcare, which can be exceptionally costly. In the US alone, more than 40 million patient records were compromised in 2021, with some hospitals facing damaging legal action as a result. This has placed a spotlight on the very urgent need for the entire healthcare sector, including the many health insurance companies working closely with the hospitals, to better protect user data.

“The sensitivity of medical information means a data leak can be catastrophic for a healthcare company, and rightly so. Our personal information is valuable and should be protected. While there is a need to ensure a low-friction environment for authorised professionals, it is vitally important that providers do everything possible to protect their customers’ data.”

So much more than just security

De Swardt goes on to explain that far more than just providing strong security, MFA can impact operational efficiencies as well.

“Call centres are very important channels in the insurance and healthcare space. Multi-factor authentication methods can be used effectively to drive down time spent verifying callers and establishing positive caller ID. Rather than clients having to go through a raft of knowledge-based questions, agents can quickly send a mobile identity request via a push notification, which the customer can accept and then the call can proceed. This streamlined process significantly reduces the time an agent has to spend verifying a caller and at the same time drastically improves the customer experience,” he explains.

What’s more, de Swardt adds that using MFA in call centre engagements also ticks a very big regulatory box since there is an auditable record of each customer interaction. These iron-clad records also cut down on the number of disputes where customers claim they didn’t authorise actions, when in fact, they did.

“It’s hard to deny the benefits of a security solution that can have such a positive effect on the user experience,” de Swardt concludes. “Some of our clients are saving countless operational hours and at the same time their end-customers benefit from stronger security with a better user experience. The right solution can truly be a win-win.”

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Employee screening trends
iFacts Security Services & Risk Management
Criminal record checks still the most popular background check conducted around the world, but global employee screening trends are changing according to iFacts.

South African business readies for a journey to the cloud
Security Services & Risk Management
There is an increasing demand for cloud services in the country, driven by the need to use advanced technologies such as AI while also providing hybrid workers access to data, regardless of their location.

What to do in the face of growing ransomware attacks
Technews Publishing Cyber Security Security Services & Risk Management
Ransomware attacks are proliferating, with attackers becoming more sophisticated and aggressive, and often hitting the same victims more than once, in more than one way.

South Africa can accelerate its move to smart cities
Security Services & Risk Management
What global smart city leaders have in common is that they have built on, and developed existing infrastructure, transforming it iteratively; South Africa is well positioned to adopt this approach.

Where does SA logistics stand as far as cybersecurity is concerned?
Logistics (Industry) Security Services & Risk Management
Lesiba Sebola, director of information technology at Bidvest International Logistics, says it is paramount to safeguard IT infrastructure given how central it has become to operations.

The Deposita Protector 3000 d-s1
Deposita Security Services & Risk Management
The Protector 3000 d-s1, designed for medium-sized enterprises, improves the level of security at the business and helps optimise resources by streamlining cash-handling processes.

Top fraud trends to watch in 2023
News Security Services & Risk Management
Even though financial concerns remain a significant obstacle for companies in implementing new anti-fraud technologies, 60% of businesses expect an increase in their anti-fraud technology budgets in the next two years.

Be cautious when receiving deliveries at home
News Perimeter Security, Alarms & Intruder Detection Security Services & Risk Management
Community reports of residents being held up at their gate when collecting fast food deliveries at home are once again surfacing.

Sasol ensures Zero Trust for SAP financials with bioLock
Technews Publishing Editor's Choice Cyber Security Security Services & Risk Management
Multi-factor authentication, including biometrics, for SAP Financials from realtime North America prevents financial compliance avoidance for Sasol.

Protecting yourself from DDoS attacks
Cyber Security Security Services & Risk Management
A DDoS attack, when an attacker floods a server or network with Internet traffic to prevent users from accessing connected online services, can be costly in both earnings and reputation.