The Philippines’ Security Bank is implementing a customer identity and access management (CIAM) solution to transition from a traditional, server-centric security design to a holistic, journey-based approach.
Established in 1951, the bank serves retail, commercial, corporate and institutional clients.
Security Bank executive vice president, Lucose Eralil, told iTnews Asia that the bank, working with US software firm ForgeRock, has moved from traditional one-time password (OTP), SMS and login-based authentication to securing customer journeys during pre-transaction checks, multi-factor authentication during transactions, and post-transaction fraud management.
He added that after careful evaluation, the team decided to move forward with ForgeRock’s solution over the one offered by Okta.
It is not just about the suitability of the product and the features; aspects including cost, implementation effectiveness, post-implementation support, and scalability, made the team go with ForgeRock, said Eralil.
The bank’s decision to implement the CIAM solution is aimed at addressing authentication vulnerabilities and combatting fraud cases with multi-factor authentication to provide a better customer experience.
Offers omnichannel solution
ForgeRock's CIAM implementation at the bank, ensures a secure entry point for customers, fostering trust in digital transactions.
According to Eralil, features including single sign-on and passwordless authentication enhance user experience across multiple channels, while empowering the bank to offer an omnichannel solution.
Omnichannel refers to customer interaction points within the bank. These channels include physical branches, digital channels (mobile and web), ATMs, and the contact centre.
The solution's scalability aligns with the evolving ecosystem, accommodating increased volumes without extensive investments, he added.
Technology roadmap by 2025
Eralil said the bank has set out a digital transformation strategy till 2025, with a roadmap covering front-end to core banking systems, emphasising scalability, availability, agility, and time-to-market.
It involves channel architecture upgrades for a technology-aligned and scalable framework.
The bank aims to enable an integrated system by utilising application programming interfaces (APIs), to facilitate communication and data exchange between different elements of the banking infrastructure.
Eralil said the bank will adopt a "data mesh architecture for asynchronous-based processing" indicating a shift towards a data management approach where data processing occurs independently, without waiting for immediate responses.
He said this asynchronous processing enhances efficiency and responsiveness within the banking system.
The bank is executing 17 key strategic programmes to rearchitect consumer, corporate, and MSME banking channels, Eralil added.
