Open banking gives third-party developers the opportunity to build applications and services around a financial institution, enabling greater transparency and options for account holders. It increases competition, makes it easier for non-banks to participate, and encourages greater product and service innovation, all in the interest of benefiting the end user.
None of these open banking activities would be possible without account security. To that end, Western Union Business Solutions, the largest non-bank payments provider in the world, utilizes the Twilio Authy and Verify APIs, to provide for two-factor authentication (2FA) for access to its customer portals.
“Open banking is forcing people to take a good hard look at authentication and raise their game in that area,” said director of product and strategy Gordon Janzen.
In addition to its well-known remittance services for consumers, Western Union also provides foreign exchange services and cross-border payments for more than 60,000 corporate clients, known as Western Union Business Solutions. It processes payments in 130 outgoing currencies in 200-plus countries and territories.
As providers of payment services in the EU, Western Union Business Solutions must comply with Europe’s Open Banking Regulations framework, PSD2. It requires providers to offer strong customer authentication at multiple points in the process of a payment, secure all communication, and provide third-party access to both payment rails and information.
Under the EU rules, strong customer authentication requires two out of the three forms of identification: knowledge, possession, or inherence, while also adhering to additional security measures collectively known as dynamic linking.
“We're looking at how we can turn an analog or a face-to-face customer experience element into a digital one. Authentication is obviously front and center with that. And on the whole, we look at it in the context of the overall digital customer experience,” explained Janzen.
To meet the EU’s 2FA requirements, Western Union Business Solutions chose the Twilio Authy API n for both its B2C and B2B solutions, Blue Edge and GlobalPay, respectively. Using Authy, Western Union Business Solutions can whitelabel the authentication process for customers to experience a cohesive brand experience.
“Having a recognizable logo and colors is really helpful for our customers. So, that is something that we really appreciate the opportunity to do,” explained global business analysis manager Teri Jossul.
Western Union Business Solutions uses Twilio APIs during user registration, log-ins, and authenticating transactions. To support customers' migration from their legacy authentication method to Authy, WUBS makes use of the Twilio Verify API to send one-time passcodes to validate phone numbers during the registration process. Once the phone number is confirmed, the customer can complete a one-time registration for Authy. The Twilio Authy API handles all future authentications.
Customers are given the choice to select how they’d like to conduct their 2FA. The same authentication method selected for log-in can also be used for scheduling outgoing payments and to initiate an electronic order or electronic payment through a supply or value chain.
“We have customers, who for security or privacy reasons, don't have access, or are not permitted to access a mobile device from their workstation. And so SMS and a mobile app are not viable options for them. We direct those customers to the desktop app, voice, or voice over internet protocol,” Jossul explained.
Using the Twilio Lookup API to pre-validate numbers, Western Union Business Solutions is able to ensure that one-time passcodes sent via SMS are going to the right number. To confirm that the person calling is actually in possession of the number they purport to be calling from, WUBS sends a push notification within their app.
This helps Western Union Business Solutions’ corporate customers avoid incurring the telco costs associated with delivering tens of thousands of one-time passcodes for each authenticated session.
Whether it’s a new user signing up, a returning customer logging in, or authorizing a payment in a PSD2-compliant manner, Twilio Verify and Authy helps Western Union Business Solutions ensure stronger security without the costs and complexities of building and maintaining our own global verification solution.
“Given the ease of use and the multiple options provided by Twilio, we made the decision to migrate all of our customers in all regions to Authy,” Jossul said.
We now have a single solution across all of our platforms and applications that provides options to meet all of our customer's needs and preferences.