Corporate Overview
Banesco Banco Universal is the leading private bank in Venezuela, with more than 2.4 million monthly active users across its mobile and web banking platforms. The bank provides digital services for peer-to-peer payments and high-value transfers. Banesco operates within a multinational banking group, and the group’s global security strategy directly informed the bank’s move toward phishing-resistant authentication.
The Business Challenge
Banesco identified four authentication challenges that affected both security and customer experience.
Phishing and social engineering exposure. Previous reliance on one-time passwords delivered via SMS and email left customers vulnerable. Attackers used phishing and vishing campaigns to manipulate customers into surrendering their temporary codes, bypassing OTP controls without breaking them.
Friction in high-stakes transactions. Credential-based authentication added unnecessary friction to the payment flows customers used most, including fast P2P payments and high-value transfers.
Fraud response overhead. When fraud monitoring systems flagged suspicious activity, resolving those alerts required manual support intervention. Customers had no path to self-remediation.
Cross-channel consistency. Customers access services across mobile and web. Banesco needed an authentication approach that worked consistently across both without channel-specific workarounds.
Why Banesco Chose Passkeys
Banesco evaluated its authentication options against two requirements: the solution had to be resistant to social engineering, and it had to work consistently across mobile and web without requiring separate implementations per channel.
Traditional Methods Left Core Vulnerabilities Open
OTP schemes delivered via SMS and email were Banesco’s primary authentication layer. Those schemes depend on a shared secret. An attacker does not need to break the mechanism; convincing the customer to hand over the code is enough. No OTP-based approach could close that gap.
Passkeys Delivered What Other Methods Couldn’t
Passkeys use asymmetric cryptography to ensure private keys never leave a user’s device. This removes shared secrets from the authentication flow entirely, eliminating the risk of man-in-the-middle attacks that OTP schemes cannot prevent. The move also aligned with the multinational banking group strategy to standardize on passkeys across the organization.
Implementation Overview
Banesco followed a phased rollout across three stages completed in seven months.
Phase 1: Technical Evaluation. The team integrated FIDO servers with core banking infrastructure and validated compatibility across mobile and web platforms before any customer-facing deployment.
Phase 2: Pilot in Low-Risk Flows. Banesco introduced passkeys in lower-risk use cases first, establishing adoption baselines and identifying friction points before broader rollout.
Phase 3: Mass Deployment. With the pilot complete, Banesco activated passkeys for 2.2 million users across high-value transactions and fast P2P payments. The bank also integrated passkeys as the verification mechanism for transactions flagged by its fraud monitoring systems, enabling customers to self-resolve fraud alerts without contacting support.
Results and Impact
Banesco has tracked outcomes across adoption, customer experience and fraud operations since completing mass deployment.
Adoption and Transaction Volume
- 2.2 million users actively authenticate with passkeys on a regular basis, representing about 92% of the active users
- 12 million passwordless transactions processed in the current year
- 8.3 million high-value transactions completed using passkeys
Customer Experience
Passkey authentication reduced friction where customers felt it most: completing high-value payments and resolving fraud alerts. Customers whose activity triggers a fraud alert can now verify their identity and restore access on their own, without a support call. As a result, the latest customer satisfaction survey data show that the main drivers of satisfaction are online banking security (73%) and ease of use (72%), highlighting the positive impact that passkeys create on the customer experience.
Operational Benefits
Shifting fraud alert resolution to customer self-service reduced manual intervention in the contact center. Identity-theft-related fraud reports have declined by 65% since deployment.
Future Vision
Following the success of its mass rollout, Banesco has established clear metrics demonstrating the scalability of passkey-based authentication. To enhance the protection and digital experience of its customer base, the organization intends to broaden the use of passkeys, extending passkeys as the primary out-of-band authentication method across all channels, including phone banking and in-person branch visits
Furthermore, Banesco is moving toward a comprehensive passwordless framework, aiming to eliminate the storage and use of traditional credentials within its core transactional ecosystem.
Key Recommendations
Banesco offers these insights for organizations planning a passkeys deployment:
- Prioritize user education. Customers need to understand that biometric data is stored locally on their device and is never shared with the bank. Addressing this early reduces resistance during rollout.
- Start where friction is highest. Beginning with use cases that cause the most customer friction, such as fraud alert resolution, makes the value of passkeys immediately apparent.
- Use a phased approach. Piloting in low-risk flows before full deployment gives teams time to surface edge cases without exposing the full user base.
Executive Perspective
The deployment resolved what had been a longstanding tradeoff between stronger authentication and a simpler customer experience.
“The implementation of FIDO2 and passkeys has been a turning point in our cybersecurity strategy. We have achieved the ideal balance: elevating technical protection to the highest level while empowering our customers to manage their own security safely and simply.” – Jesús Irausquín CISO Banesco Venezuela
