Digital identity in banking

With EIDAS 2 now in force and digital banking adoption at an all-time high, financial institutions must rethink their approach to customer identity and access management (CIAM).

In banking, digital identity has evolved from a security feature to critical business infrastructure. Every interaction – from account opening to payment authorization – depends on robust identity verification and authentication.

Modern banking identity systems must support multiple use cases:

• onboarding new customers remotely
• authenticating high-value transactions
• enabling cross-border services
• providing seamless omnichannel experiences

Each requires different levels of identity assurance while maintaining consistent user experience.

The European Union's EIDAS 2 regulation, effective since May 2024, fundamentally changes how banks approach digital identity. Built on open standards like OpenID Connect, it creates an interoperable framework for secure digital identities across EU member states.

For banks, EIDAS 2 enables transformative capabilities:

• Cross-border account opening: Customers can open accounts in any participating country using their home country's digital identity, eliminating complex verification processes.
• Authenticated payment flows: Secure payment authorization works seamlessly across different national systems, supporting instant payments and reducing fraud.
• Digital onboarding at scale: Banks can accept verified identities from other trusted providers, dramatically reducing onboarding costs while maintaining compliance.

Traditional username-password combinations no longer meet banking security requirements. Modern CIAM solutions for banks have evolved to support passwordless authentication using WebAuthn and FIDO standards, enabling biometric authentication through devices customers already own. These systems implement adaptive multi-factor authentication that responds to transaction risk, intelligently combining possession factors like mobile devices, inherence factors such as biometrics, and knowledge factors when needed.

Single sign-on capabilities across all banking channels – mobile apps, web portals, and call centers – reduce friction while maintaining security. All of this must operate within the framework of Strong Customer Authentication (SCA) compliance for PSD2, ensuring regulatory requirements are met without compromising the seamless experiences customers expect.

Modern customer-centric CIAM enables seamless onboarding with video identification, document verification, and liveness checks that allow remote account opening in minutes rather than days. Equally important is channel consistency. Customers expect the same experience whether using mobile apps, web banking, or visiting branches.  

Identity systems must support these omnichannel journeys while optimizing call center operations, enabling customer service representatives to assist efficiently without compromising security. Progressive banks also support "bring-your-own-identity" approaches, accepting social logins for low-risk interactions while maintaining bank-grade authentication for sensitive operations. 

For banks evaluating identity solutions, the benefits extend beyond compliance. Modern CIAM delivers reduced operational costs through automated onboarding and fewer password reset requests, which represent a significant portion of help desk costs in financial services.

Streamlined onboarding increases conversion rates by reducing abandonment, and passwordless authentication improves completion rates. Enhanced fraud prevention through real-time risk assessment and behavioral analytics reduces losses while minimizing false positives that frustrate legitimate customers.

Perhaps most importantly, a single platform can ensure regulatory compliance across multiple jurisdictions. This dramatically simplifies audit and reporting requirements while reducing the risk of non-compliance penalties.

While EIDAS 2 represents a significant step forward, the evolution of banking identity continues to accelerate.

Perhaps most intriguingly, several major banks are piloting decentralized identity systems that give customers control over their personal data. These self-sovereign identity (SSI) approaches could fundamentally reshape the bank-customer relationship, transforming banks from data controllers to trusted verifiers. Combined with AI-powered identity orchestration that dynamically adjusts authentication based on real-time risk assessment, these technologies promise to deliver the holy grail of digital banking: maximum security with minimal friction.

The convergence of EIDAS 2, instant payments, open banking, and evolving customer expectations creates an inflection point for financial services. Banks that invest in modern, flexible CIAM solutions position themselves not just to meet current demands, but to lead the next generation of financial innovation. In an era where digital relationships define competitive advantage, identity has become the foundation upon which all future banking services will be built.