Smartphones have become one of the most trusted tools for identity verification today, used instinctively and seamlessly to confirm purchases, access medical records, even unlock homes with just a fingerprint or a glance. Yet when it comes to accessing financial services, phones are rarely included. Banks commonly rely instead on outdated authentication methods like PINs, passwords, and repetitive verification steps, for even the simplest transactions.
The disconnect between everyday smartphone verification and banking authentication is becoming harder to justify as payment technology and regulation advance. Evolving rules like the EU’s Instant Payment Regulation and the emergence of agentic AI-driven payments are pushing banks to modernize. But current authentication systems are not designed for these new demands, leading to experiences that feel out of step with users’ everyday interactions.
“Banks have an opportunity to adopt the mobile device as the main anchor of trust, rather than insisting on duplicate checks that frustrate customers,” says Marius Galdikas, CEO of ConnectPay, an all-in-one financial platform for online businesses. “But until that happens, many are left wondering: why is it so easy to pay with my phone, but still so complex to deal with my bank?”
Authentication’s identity crisis: the old and the new
Despite consumers’ growing confidence in using smartphones for personal identification, many banks still require PINs, passwords, and manual checks, even for low-value transactions.
“Banking systems were never designed for real-time, device-based authentication,” Galdikas explains. “They still rely on decades-old models, and changing this is a massive task. However, it’s becoming necessary as new technologies and expectations leave traditional models behind.”
Part of the inertia is technical, but culture and regulation also play a role. Familiar methods like PINs, passwords, and two-factor authentication are seen as safe by the regulation, but they clash with the seamless experiences delivered by today’s tech platforms. “You can unlock your phone and approve purchases instantly, yet your bank might ask for a PIN for a €12 payment,” Galdikas notes. “This is a situation that highlights the urgency for a unified, mobile-first approach to digital identity in banking.”
The path forward: seamless identity and consent
Efforts are underway to address these mismatches. The EU Digital Identity Framework aims to give every citizen access to a secure digital identity wallet by 2030, allowing them to verify their identity across borders and services with a simple tap on their device.
“Imagine being able to open a bank account, sign a lease, or set up mobile services in a new EU country, all remotely, simply by sharing approved credentials from your digital wallet,” Galdikas says. “That’s the direction we’re moving in—where users control what’s shared, and institutions trust the credentials, eliminating the need for physical documents, face-to-face checks, or redundant authentication.”
This new approach to identity and consent also addresses the rise of agentic AI systems capable of making decisions or payments on a user’s behalf. Consumers are curious but still cautious: only 34% are willing to let AI assistants make purchases without manual approval. However, dynamic consent models promise to change this, allowing users to set rules (for example, “auto-approve payments below €100”) and receive notifications instead of approval prompts, further reducing friction.
“It’s not about micromanaging every action,” Galdikas explains, “but about setting clear boundaries and staying in control, with the ability to review or revoke access when needed.”
A key to this evolution is shared accountability: clear rules for when devices, users, or institutions are liable in case of mistakes or fraud, and robust technical standards to keep everything secure. As Galdikas concludes, “Regulation isn’t an obstacle to innovation, it’s one of the critical mechanisms that will make this shift possible and keep the balance between user empowerment and security.”
Bridging trust and experience in banking authentication
As digital transactions speed up and user expectations rise, the pressure to modernize financial authentication only grows. “The next phase is to build infrastructure and regulatory standards that allow users to move seamlessly across services, with clear boundaries and strong assurance,” says Galdikas. “Legacy methods won’t disappear overnight, but the trajectory is clear: seamless, device-based authentication is becoming the norm.
