Corporate Overview
Founded in 1955, First Credit Union is a member-owned financial institution in New Zealand with over 60,000 members. The organization delivers secure and innovative digital banking experiences through its comprehensive online banking platform. Members access their accounts via mobile app and browser options to manage finances anytime, anywhere. The credit union has embraced cutting-edge authentication technology to enhance both security and user experience for its diverse membership base.
Executive Perspective
“Implementing FIDO authentication through Authsignal has been a game-changer for our members’ digital experience. It’s secure, seamless and sets a new standard for trust in online banking.” – Herb Wulff, Treasury and Agency Banking Manager, First Credit Union
The Business Challenge
As a progressive modern financial institution, First Credit Union has embraced a path toward digital transformation. As part of its journey, it identified several critical challenges impacting both security and user experience.
Those challenges include:
- Cybersecurity Risks. The organization wanted to reduce reliance on passwords, which is one of the most common attack vectors. First Credit Union sought phishing-resistant authentication methods to mitigate growing security threats.
- User Experience Friction. Traditional multi-factor authentication methods often create friction in the login process. The credit union aimed to make secure access feel seamless and intuitive for members with varying technical comfort levels.
- Cross-Platform Compatibility. Members access the platform across diverse devices and operating systems. First Credit Union needed a solution that worked consistently across mobile apps and web browsers.
- Integration Complexity. The new authentication solution had to integrate smoothly with existing infrastructure. This approach would minimize disruption to internal teams and members during deployment.
Why First Credit Union Chose Passkeys
First Credit Union conducted a thorough evaluation of several traditional and emerging authentication methods. The goal was to find the right balance between security, usability and accessibility for its diverse membership base.
Traditional Options Fell Short
The team explored multiple multi-factor authentication (MFA) methods but found significant drawbacks with each approach. Authenticator apps can enhance security but have vulnerabilities that can be exploited due to their reliance upon one-time codes. They also require members to install and manage a separate app, which added complexity and friction. Email magic links provided convenience but created usability challenges and vulnerability to phishing and email interception risks.
Device credentials delivered a more seamless experience but lacked the standards-based interoperability needed across platforms. The credit union also considered standalone biometric authentication, but these solutions lacked the robust security guarantees and cross-platform compatibility that FIDO standards provide.
A critical insight emerged: offering too many authentication options risked confusing members, especially given the wide range of technical comfort levels across their demographic. A fragmented experience could lead to frustration, support overhead and reduced adoption.
FIDO Delivered What Others Couldn’t
FIDO authentication stood apart from alternatives that still presented significant vulnerabilities to phishing and lacked seamless, standards-based interoperability. The technology offered compelling advantages:
Phishing resistance eliminates shared secrets like passwords or OTPs that attackers can intercept or steal. The passwordless experience reduces friction for members while making access to online banking quicker and more secure. FIDO2 specification ensures seamless authentication across a wide range of devices and platforms, supporting both their app and browser-based services.
The solution improved member trust and satisfaction through enhanced security and streamlined login processes. It also reduced support overhead from password resets and login issues, allowing the team to allocate resources more efficiently and improve overall service quality.
Implementation Overview
First Credit Union partnered with Authsignal to implement a FIDO Certified passkey infrastructure. The team followed a structured rollout approach:
Phase 1: Internal Testing and Validation
The organization conducted rigorous internal testing to validate passkey integration across mobile and browser platforms. This phase ensured technical stability and compatibility.
Phase 2: Member Education and Communication
First Credit Union launched a targeted communication campaign that included:
- Clear messaging about passkey benefits
- Step-by-step setup and usage guides
- Comprehensive support resources for onboarding
Phase 3: Gradual Branch Network Rollout
The team introduced passkeys in phases across the branch network. This approach allowed for performance monitoring, feedback collection and iterative improvements.
Phase 4: Monitoring and Optimization
Post-launch activities included tracking adoption metrics and authentication usage patterns. Member feedback drove user experience refinements.
Results and Impact
First Credit Union achieved impressive adoption and security outcomes since launching passkeys:
Adoption Metrics
- 58.4% of members adopted the new authentication experience
- 54.5% of all authentications now use passkeys
- Over 23,500 members enrolled in multi-factor authentication
Member Experience
Most members provided positive feedback citing ease of use and improved trust. Passkeys enabled simplified login through device-native biometrics like facial and fingerprint recognition. Members enjoy seamless experience across mobile and web platforms.
Operational Benefits
The organization reduced support overhead from password-related issues. First Credit Union enhanced its security posture with phishing-resistant authentication. The infrastructure now aligns with global standards for future readiness.
Future Vision
FIDO authentication serves as the cornerstone of First Credit Union’s long-term digital security strategy. The organization plans these expansions:
- Secure Transaction Authentication: Extending passkeys to high-risk actions like transaction approvals
- Internal Systems Access: Implementing FIDO-based authentication for staff systems
- Third-Party Integrations: Leveraging FIDO’s interoperability for future service integrations
Key Recommendations
First Credit Union offers these insights for organizations considering FIDO implementation:
1. Understand Your User Base: Assess members’ devices, digital habits and comfort levels to tailor the experience appropriately
2. Simplify the Experience: Avoid overwhelming users with too many authentication options
3. Choose the Right Partner: Work with trusted providers who offer expertise in passkey infrastructure
4. Communicate Clearly: Educate users early with clear messaging about benefits and simple setup guides
5. Test Thoroughly: Conduct comprehensive internal testing across platforms before member-facing deployment
