{"id":4674,"date":"2025-09-04T14:01:17","date_gmt":"2025-09-04T14:01:17","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=4674"},"modified":"2025-09-04T14:01:17","modified_gmt":"2025-09-04T14:01:17","slug":"principal-financial-pioneers-biometric-authentication-to-beat-online-fraud-3","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=4674","title":{"rendered":"Principal Financial pioneers biometric authentication to beat online fraud"},"content":{"rendered":"
\n
\n
\n
\n

Principal Financial Group helps millions of people and businesses plan for the future through retirement services, insurance, and asset management. Customers trust Principal with their money, so it\u2019s essential to keep digital channels secure.<\/p>\n

But that trust was tested in 2023, when Principal saw a rise in fraudulent online registrations, particularly in its retirement business. Attackers had found a weak spot: unregistered customer accounts already tied to existing investments. Because those accounts didn\u2019t yet have usernames, passwords, or multi-factor authentication (MFA), they became easy targets for takeover.<\/p>\n

The culprit was knowledge-based authentication (KBA), a common method for proving identity that asks users to answer personal questions about former home addresses or car models. Unfortunately, that type of data is now easy for fraudsters to buy or steal from breaches, data brokers, and social media.<\/p>\n

\u201cWe asked ourselves: How can we reduce fraud by replacing KBA with a more secure identity-proofing solution while also maintaining a seamless customer experience?\u201d says Melanie Bergen, business information security officer at Principal Financial.<\/p>\n

The solution was digital ID verification authentication. This automated process combines government ID checks with biometrics such as facial, voice, fingerprint, and iris recognition to confirm that customers are who they claim to be.<\/p>\n

In late 2023, after evaluating potential vendors, Principal partnered with Onfido, an Entrust company<\/a>, to replace KBA with a digital ID verification authentication platform focusing on facial recognition. By the following May, the rollout was complete.<\/p>\n

<\/a>Challenges of replacing a flawed system under pressure<\/strong><\/h2>\n

The decision to switch to digital ID verification authentication was straightforward, but carrying it out was more complicated. Principal faced obstacles, including:<\/p>\n

Implementing quickly and decisively.<\/strong> Fraud was rising at an alarming pace, so speed mattered. Principal had to test, validate, and deploy a solution in months, not years.<\/p>\n

Balancing security with usability.<\/strong> Principal needed biometric authentication that was simple enough that customers wouldn\u2019t get frustrated and abandon the process.<\/p>\n

Navigating uncharted territory.<\/strong> Principal was shifting to digital ID verification authentication without a roadmap because biometrics have rarely been used specifically for retirement account registration.<\/p>\n

Evaluating vendors and compliance.<\/strong> Principal had to carefully assess vendors that could deliver both government ID verification and real-time biometric authentication. At the same time, they had to navigate strict privacy, risk, and legal standards.<\/p>\n

\u201cWe overcame challenges through rigorous vendor evaluations, proof-of-concept testing, and close collaboration between our security, legal, and customer experience teams,\u201d says Bergen. \u201cThat agility allowed us to go from vendor selection to full deployment in less than five months.\u201d<\/p>\n

<\/a>Results: Fraud eliminated, customer experience elevated<\/h2>\n

According to Bergen, the digital ID verification authentication program has delivered positive results, such as:<\/p>\n

Fraud prevention:<\/strong> Fraudulent account registrations\u2014previously driven 99% by KBA exploitation\u2014have been virtually eliminated.<\/p>\n

Customer success:<\/strong> User success rates improved significantly, rising from 38% to 48%.<\/p>\n

Lower user abandonment:<\/strong> The percentage of users who started authentication but failed to complete it dropped from 74% to 40%, reflecting a smoother process.<\/p>\n

\u201cThe impact has been substantial,\u201d says Bergen. \u201cThe new program has prevented fraudulent account takeovers while making verification faster and more intuitive.\u201d<\/p>\n

The timing of the transition to biometric authentication was also critical. According to LIMRA\u2019s 2024 Financial Crimes and Fraud Prevention Benchmarking Study<\/a>, 50% of respondents saw an increase in fraud targeting seniors and vulnerable adults<\/a>. In the same study, 61% of respondents reported more account takeover attempts.<\/p>\n

By staying ahead of the curve, Principal protected customers from escalating fraud while also positioning itself as an industry leader in secure digital access.<\/p>\n

\u201cWe\u2019re proud to be one of the first companies in the retirement sector to use biometric authentication for online registration,\u201d says Bergen. \u201cIt shows how we can counter security threats while still making the experience seamless for customers.\u201d<\/p>\n

For its biometric authentication project, Principal Financial earned a <\/em>2025 CSO Award<\/em><\/a>. The award honors security projects that <\/em>demonstrate outstanding thought leadership and business value<\/em><\/a>.<\/em><\/p>\n

<\/a>Lesson learned: Innovation starts with leadership<\/h2>\n

Bergen credits the success of digital ID verification authentication to a combination of strong leadership and clear communication.<\/p>\n

\u201cOne of the biggest lessons for us was how critical leadership is to driving innovation,\u201d she says. \u201cOur leaders embraced forward-thinking approaches and empowered teams to innovate, which gave them the confidence to move the biometric authentication program forward.\u201d<\/p>\n

That support was matched by early involvement from Principal\u2019s customer experience team, which designed the biometric authentication process to be intuitive and used journey mapping to flag and fix any issues before launch.<\/p>\n

Communication with customers also played a big role. As such, Principal employees were equipped with clear messaging to give guidance to customers not familiar with biometric facial recognition.<\/p>\n

\u201cBy explaining the new process to customers, why it mattered, and how it protected them, we were able to reduce confusion and build trust,\u201d says Bergen.<\/p>\n

<\/a>Advice to CISOs: Act fast, but keep customers first<\/h2>\n

For organizations wrestling with fraud fears, Bergen offers two pieces of advice:<\/p>\n

Adopt an agile mindset.<\/strong> Move quickly, but validate solutions with proof-of-concept testing and live demos before full rollout. To save time, Bergen suggests running compliance and risk reviews in parallel with technical testing. This approach helped Principal complete digital ID verification authentication in just five months.<\/p>\n

Balance security with customer expectations.<\/strong> During deployment, think about customer needs alongside technical requirements. Bergen emphasizes that gathering customer feedback during rollout allowed Principal\u2019s teams to spot issues early and make adjustments in real time.<\/p>\n

\u201cThe goal is always to strengthen security without sacrificing customer experience\u2014it\u2019s a balance every security leader must strike as threats evolve,\u201d says Bergen.<\/p>\n

With retirement savings and personal data under attack, Principal\u2019s biometric authentication project is a prime example of how financial institutions can move past outdated authentication to keep customers safe from fraud.<\/p>\n

Inspired by Principal Financial\u2019s award-winning approach to stopping online fraud with biometrics? Join fellow security leaders at the CSO Conference & Awards to explore cutting-edge strategies, tools, and innovations that protect organizations and customers alike. Register now.<\/a><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

Principal Financial Group helps millions of people and businesses plan for the future through retirement services, insurance, and asset management. Customers trust Principal with their money, so it\u2019s essential to keep digital channels secure. But that trust was tested in 2023, when Principal saw a rise in fraudulent online registrations, particularly in its retirement business. […]<\/p>\n","protected":false},"author":0,"featured_media":4671,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-4674","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/4674"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4674"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/4674\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/4671"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4674"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4674"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4674"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}