Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Phone-centric identity for challenger banks: what changes for IAM?


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 11936
Topic starter  

TL;DR: Challenger banks improve onboarding, conversion, and fraud outcomes by using phone-centric identity, auto-fill from verified sources, and stronger mobile authentication, according to Prove Identity. The core lesson is that identity verification, application capture, and login assurance need to be designed as one governed flow, not separate point solutions.

NHIMG editorial — based on content published by Prove Identity: Improving Challenger Bank Metrics with Phone-Centric Identity™

By the numbers:

  • There are over 250 challenger banks globally, according to Exton Consulting.
  • It takes 24 to 45 clicks to open a challenger bank account in the UK, according to the Built For Mars study cited in the article.
  • Several studies show that the average cost of customer acquisition for challenger banks is in the range of $25 to $50, according to Prove Identity.

Questions worth separating out

Q: How should fintech teams reduce onboarding friction without weakening identity verification?

A: Start by separating the fields that support a real control objective from the fields that only add inconvenience.

Q: Why do phone-based identity signals matter in challenger bank onboarding?

A: Phone-based signals matter because they can connect to multiple authoritative data sources and improve match confidence where legacy identity databases are fragmented.

Q: What do teams get wrong about automated 2-factor authentication?

A: Teams often confuse automation with security improvement.

Practitioner guidance

  • Bind phone signals to identity governance decisions Map where the phone number is used in onboarding, account recovery, and transaction step-up.
  • Rationalise onboarding checks into one controlled flow Review where CIP, KYC, fraud, and pre-fill logic are split across tools.
  • Replace SMS dependence on high-risk journeys Identify login, password reset, and payment flows that still rely on SMS OTP.

What's in the full article

Prove Identity's full blog covers the operational detail this post intentionally leaves for the source:

  • Specific examples of how phone-centric identity improves straight-through processing in banking onboarding.
  • Details on how verified-source auto-fill is used to reduce abandonment while preserving data quality.
  • The mobile authentication and behavioral biometrics approach used to strengthen weaker SMS-based 2FA flows.
  • How Prove Identity positions the integration of CIP, fraud checks, and onboarding into one platform.

👉 Read Prove Identity's article on phone-centric identity for challenger bank onboarding →

Phone-centric identity for challenger banks: what changes for IAM?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 11491
 

Phone number trust has become a customer identity control, not just a contact field. The article shows that challenger banks are using the phone as a higher-confidence identity anchor because fragmented data sources make traditional CIP workflows slow and inconsistent. That shifts the governance question from whether a bank can verify a phone number to whether it can bind that signal to KYC, fraud, and authentication decisions in one controlled flow. Practitioners should treat phone trust as a governed identity input, not a convenience feature.

A few things that frame the scale:

  • 79% of organisations have experienced secrets leaks, with 77% of these incidents resulting in tangible damage, according to Ultimate Guide to NHIs.
  • 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools.

A question worth separating out:

Q: How should identity and fraud teams decide when to replace SMS OTP?

A: They should start with the journeys that create the highest loss exposure, especially login, password reset, and financial transaction approval. If those flows still depend on SMS, the control should be replaced or strengthened with mobile authentication, device intelligence, or behavioural signals. The decision should be based on risk and abuse data, not channel familiarity.

👉 Read our full editorial: Phone-centric identity changes challenger bank onboarding metrics



   
ReplyQuote
Share: