Blog Customer Experiences
online banking hero

Online banking - SMS OTP, Voice OTP, or both?

Why Plain Old Passwords Are Outdated, Weak, and Flimsy

Banks of a bygone era used to be sealed behind physical iron bars and wire cages. Compare that to today, where people are now able to shift large swathes of money online through smart devices that are accessible from virtually anywhere in the world. While online and mobile banking have no doubt made banking more convenient, the inconvenient truth is that they’ve also made banking less secure.

The act of accessing and infiltrating bank accounts has become much easier now that the points of access are literally right at our fingertips. Unfortunately, banks that only use the thin veneer of password protection are becoming more vulnerable than ever.

According to Panda Security: 80% of hacking-related breaches in 2020 were linked to passwords. According to IBM: in 2020 alone, data breaches cost companies an average of $3.86 million.

Simply put, passwords are flimsy because they are outdated.

Sure, passwords served us well in the past, but that was during a time when we could not even fathom the concept of conducting business and managing our personal lives online. With more data and assets stored online than ever before, passwords can no longer protect us. Continuing to padlock sensitive databases and bank accounts with only a password is akin to securing gold vaults with cable ties.

The evidence is clear: passwords need a system upgrade

One of the reasons why passwords are so weak is because there are simply too many of them to remember.

Research has shown that users go through approximately ten passwords a day, and forget about three per month.

This leads to password fatigue—a phenomenon where users store their passwords in careless ways that make it easy for people with malicious intent to fish for them. Poor password storage practices include recycling of passwords across various platforms, or recording them on sticky notes or unsecured files on personal devices.

Barring a complete overhaul of the digital ecosystem, there is little that we can do to relieve users of password fatigue since online banking websites will continue to request passwords for the sake of security. What we can do to circumvent weak passwords is to create an additional layer of security that blocks unauthorized users—regardless of whether or not they have access to a user’s password.

The day to implement SMS OTP was yesterday

Enter SMS One Time Password (or SMS OTP), also known as two-factor authentication (2FA). It provides additional security safeguards by randomly generating single-use passwords that are sent to a user’s phone. Users need to enter these additional passwords within a certain amount of time in order to access their online banking account.

SMS OTPs typically have a short lifespan that lasts anywhere from 120 to 360 seconds. The time sensitivity of SMS OTPs protects users by making the password invalid after the OTP expires. This means that users remain protected even if their OTPs leak out through neglect or infiltration.

Sounds great—but why does online banking require OTP?

While physical banks still exist, online banking has been growing in popularity. In McKinsey’s Asia Personal Financial Services (PFS) survey 2018, it was revealed that since the previous survey in 2014, digital banking penetration has grown 1.5 to 3 times in emerging Asia with a median of 52%. The median for developed Asian markets is a staggering ~97%.

Since 2018, however, the proliferation of online banking has only been accelerated by the COVID-19 pandemic, which made electronic payments a necessity in order to ensure that people remain socially distanced.

The problem is: it’s very common for online banking users to utilise unsecured networks to make one-off online payments. This is more likely to happen when personal networks are down, or when users are in areas where they have no access to verified networks. Hackers and infiltrators prey on such moments of negligence, and that’s where SMS OTPs come in handy.

As these OTPs are delivered through SMS using telco systems rather than the internet, OTPs remain outside of the realm of unsecured networks, keeping the final key to online bank accounts out of the reach of hackers.

Introducing 8×8’s SMS OTP solution

 

Written with just a few lines of code, 8×8’s SMS OTP solution can be easily integrated into most online banking systems. It has been optimized to match Asia’s complex network environment, allowing it to perform at high speeds from almost anywhere in the world. This means that users will experience minimal delays and lag times between the moment they enter their password and when they receive the OTP.

Our banking clients utilize SMS OTP to:

  • Validate account creation
  • Secure important transactions
  • Curb promotion abuse

With global banking and cross-border transaction volumes at an all-time high, 8×8 also values the importance of keeping systems running around the clock. Not only does our solution have high-quality routing, automated fallbacks, redundancy assurance (thanks to a strong network of telco partnerships), and prioritization of time-sensitive traffic, we also provide round-the-clock email support, so that system errors can be remedied within the shortest time possible.

Security and efficiency aside, 8×8’s SMS solutions can elevate your customers’ online banking experience at multiple points within their banking journey. Find out more about the benefits of 8×8’s SMS solution.

Voice OTPs: the inclusive online bank security solution

 

8×8’s SMS OTP solution also goes above the basic 2FA structure to enable OTPs to be read out loud to listeners. Aside from helping people on-the-go, voice OTP ensures tech inclusivity as it extends the benefits of enhanced 2FA security to visually impaired users, and to those with low literacy levels, including individuals with dyslexia. Read more about the importance of tech inclusion.

A major advantage of voice OTP is that it leaves no paper trail for hackers to copy, meaning that the 120 to 360 second window period for hackers to intercept SMS OTPs is effectively taken away.

Security aside, businesses can also utilize 8×8’s Voice API to deliver highly personalized marketing offers, alerts, reminders, and notifications via voice messages. This helps companies expand their reach, as not only does voice help the visually impaired, but it’s the only channel that can reach landline phone customers. Read more about the power of voice in an online world.

Online banking security: more options than ever are available

With online banking numbers expected to grow in the future, it’s more important than ever for the banking industry to reassess their security protocols. Adding a second method of confirming user identity is the obvious first step, but the benefits of voice OTPs should not be overlooked.

There’s also a host of other benefits with deploying SMS and Voice OTPs. SMS has proven to have the highest open rates at 98%, and therefore it can, and should, be utilised across your users’ entire banking journey to enhance their experience.

In what’s been dubbed “the new normal,” banks are racing to launch new initiatives, attract new audiences, and most importantly, retain existing customers. Therefore, mitigating mobile banking app security and boosting customer satisfaction should be at the top of your boardroom agenda. To find out more about how 8×8’s solutions can help you achieve that, contact us at hello-cpaas@8×8.com.

Explore Related

Woman smiling while watching a video on her mobile phone
November 15, 2024

5 Game-Changing Mobile Marketing Campaigns to Captivate Customers

Choon Khee Koh

Effective brand communication is key to staying ahead of competition. Here are five key best practices for mastering branded communication in the modern era.

hassan ouajbir IYU YmMRm7s unsplash scaled
November 5, 2024

Voice bot vs. Chatbot: Which One Is Right for Your Business?

Choon Khee Koh

Discover the key differences between voice bots vs chatbots, their ideal use cases, and how to choose the right one for your business.

Man in bank using mobile phone
October 28, 2024

Reinforcing Trust: Tackling Fraud with Stronger Authentication in Finance

Choon Khee Koh

Learn how strong, multi-layered authentication is crucial for preventing unauthorized access and fraudulent activities in the finance industry.

Talk to an Expert

Complete this form and an 8x8 sales specialist will reach out to you shortly.

1. Contact details
2. Primary interest
A custom multi-channel solution based on your specific requirements.
3. Personal particulars
8x8 is trusted by businesses worldwide, such as Lazada, Tokopedia, and more. 8x8 is used by CX, marketing, operations, support, and many other functions alike.
4. Message

Thank you for your interest!

An 8x8 sales specialist will reach out to you shortly.

Any urgent enquiries and help needed?

Email [email protected]

Support Visit support site

Try 8x8 Connect today

Manage SMS, messaging apps and voice campaigns from our omnichannel communication platform.

Get support

Check out the support articles and FAQs on our CPaaS Help Center or submit a request

8x8 is trusted by over 3 million business users worldwide

lazada logo
Tokopedia logo
aCommerce Logo
King Power Logo
Coda Payment Logo
Traveloka Logo
To top
This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.