An Assessment of Financial Services Firms’ Account Security Practices

The Challenge

A leading financial services firm engaged Corporate Insight to assess how its competitors authenticate customers through various service channels (e.g., website and IVR systems) and to benchmark its current and future security features against competitors’. The client was also interested in having us identify security best practices encountered over the course of the research.

The Solution

Corporate Insight leveraged its live accounts to assess security features offered by over a dozen financial services firms from a customer-facing perspective. We documented the initial authentication process and reviewed the security procedures associated with a host of account management and self-service tasks, including moving money, changing an address, placing a trade and changing a user ID. Our analysis covered all major means of interaction, including online, mobile apps, automated phone systems, and customer service representatives over the phone and in-branch.

After documenting competitor security practices, we devised a grading framework to rate the effectiveness of each firm’s tactics based on the best practices we identified. Included in our output were weighted numeric scores for all firms across dozens of attributes, which provided our client with a clear understanding of their relative strengths and weaknesses on the security front.

The Impact

Our client used our research to identify key gaps and set development priorities accordingly. The firm repeated the engagement after 12 months to measure the effectiveness of several new security practices and to assess how competitor practices had evolved over the same period.