By replacing hardware tokens with MIRACL multi-factor authentication, Crédit Agricole Romania eliminates downtime and maintenance issues while delivering superior CX for 10,000+ customers.
Crédit Agricole is one of the ten biggest banks in the world. For a quarter of a century, its Romanian subsidiary has delivered the group’s signature retail banking services to clients across the country, an EU member noted for its rigorous enforcement of financial compliance. So in 2017, when Crédit Agricole Romania looked to upgrade its internet and mobile banking platforms, security was a key concern.
“The biggest challenges that we had to solve related to the authentication of users,” says Florin Dimitru, IT Director at Crédit Agricole Romania. “Security only works if people are happy to use it, so we both had to secure access to our electronic channels, and make it easy for customers to embrace that security.”
That meant improving CX while ensuring customers stayed ahead of evolving security requirements. Following the introduction of PSD2 regulation in 2015, many of the bank’s competitors relied on challenge-response solutions to confirm customer identities, such as OTPs (one-time passwords). But these solutions depended on all-band communication, such as access to a phone network as well as the internet, and they often required reauthentications during a session – to approve a payment, for example.
In MIRACL, Crédit Agricole Romania found a solution that meets its strict retail banking criteria, without tying customers up in complex security protocols. For Florin, that level of usability should be part of the core mission for any service supplier.
“Too often service suppliers offload responsibility for security onto consumers,” he says. “I don’t believe in that. We and the customers are in this together, which means it’s our responsibility to look beyond the basics to find a solution that makes life easier for our customers.”
The best security is easy to use
Online banking services need to offer customers the security they can trust to keep their assets safe alongside the simple CX they expect from mobile applications. In fact, the two go hand in glove: ease-of-use is essential to strong security, as clunky access solutions encourage workarounds and other liabilities.
Previously, Crédit Agricole Romania deployed hardware tokens for second-factor authentication to 10,000 of its customers. Every month, the IT team found itself solving issues related to the maintenance of the tokens. In addition, it was impossible to send replacements for damaged keys to customers outside the country. At the same time, the team harboured concerns about software tokens: both the need to maintain a software token solution, and the security it would be able to guarantee for users.
The team set up a benchmark of alternative authentication solutions, including those from Vasco and Gemalto (now OneSpan and Thales Group, respectively). “We chose MIRACL,” remembers Florin.
“With MIRACL, the solution does not keep all its eggs in one basket. There’s no one single point of failure. Instead, there are multiple components involved in the authentication process, each holding only a part of the key.”
The level of data encryption in MIRACL services was another factor in their decision, as were the solution’s detailed audit trails. “We work constantly to improve and maintain security,” says Florin. “But should things go wrong, we need to have very good audit trails in place so that we can fully understand incidents.”
The team at Crédit Agricole Romania also appreciated MIRACL’s focus on authentications, leaving authorisations to the bank itself. “We were used to a more classical approach where one system takes care of both parts,” says Florin. “But it actually proved a lot more manageable to have a separation between authentication and authorization.”
No friction, no downtime, no complaints
Crédit Agricole Romania has received zero complaints since going live with MIRACL in 2019, compared to monthly issues with hardware tokens. And, thanks to dispersed architecture, the company has experienced zero downtime on its authentication solutions.
Now the team is able to spend more time on value-added tasks, instead of maintenance and support, with identity authentication outsourced to MIRACL. “We’re able to think more about what our customers want and how they want to use the platform,” says Florin. “That focus on functionality means security measures are less able to overwhelm other aspects of our services, so that we don’t end up spending so much time on security that we forget to make a profit.”
For Florin, all this is in harmony with the industry’s direction of travel, as current and future customers become more connected, demand less friction, and expect fewer interactions in every session.
“Every time we ask a customer to carry out an action while they’re online, we need to be sure it is truly necessary, because users hate unnecessary steps,” says Florin. “Security challenges have to be faced by a bank and its customers together. That’s why, if you want to secure access to your services, MIRACL makes it easy.”
To receive more information about MIRACL solutions, case studies and single-step MFA, subscribe to our newsletter.
To see how MIRACL can improve your company’s security while creating a painless login process for your customers or employees, schedule a demo here or reach out to via email to Kate Ellerton on email@example.com