With the evolution of e-commerce/Q-commerce/digital eco system, trust emerges as one of the factors that customers look for in the digital business especially in the BFSI system.
Sankaranarayanan Raghavan, Chief Technology and Digital Officer, IndiaFirst Life Insurance
It is no secret that “Trust” has been the factor that has led to brand building and many industrial/corporate houses to thrive. With the evolution of e-commerce/Q-commerce/digital eco system, trust emerges as one of the factors that customers look for in the digital business especially in the BFSI system. This has further been established by a recent survey in Banking segment (Credit – Digital Banking maturity in India – Deloitte Study 2025)
It is widely recognised that life insurance is an intangible product and involves a long-term commitment. The rise of e-commerce and Q-commerce has led to more self-service options in insurance, such as buying online, using mobile apps, and accessing portals or chatbots. As numbers grow, it's essential to build and maintain trust continuously. Here are some of the measures that insurance companies take to protect the safeguard data and increase customer trust.
ZERO Trust is a security concept that requires verification at every step; each access request must be fully authenticated and authorised. This approach ensures that users are properly identified before gaining access, preventing unauthorised individuals from impersonating others.
Data Loss Prevention - Customer and insurer data require significant safeguards due to their sensitivity. These measures are designed to help prevent data leaks and protect information from unauthorized access.
Endpoint Encryption - The devices used by the users either directly or indirectly working for an insurance needs to be encrypted. This will enable that the data is protected even in case of loss of the device to theft etc.
Encryption of Data in Motion and Data at Rest - Customer Personally Identifiable Information (PII), along with other data exchanged between applications, should be encrypted. Additionally, PII stored within various applications must be encrypted while at rest.
Regular Security Testing - Changes to applications and data exchange across applications are imminent. Other than the functional, regression, user experience testing, security testing should be done. Vulnerability assessment and Penetration testing (VAPT) and Web application penetration testing (WAPT) should be carried out every time a change is made. In addition to this, regular testing should be conducted to ensure maximum coverage of testing.
Patch Updates – Due to the extensive use of various applications, it is essential to regularly update both software and hardware patches. This process addresses security vulnerabilities and enhances the protection of the applications and infrastructure in use.
AI Observability - With chatbots in use, it is essential to monitor their performance and responses in real time to maintain customer reliability.
OAuth 2.0 - The customers access portals in addition to the chatbot, implementing OAuth 2.0 will help in providing the access to the customers without the risk of their credentials being compromised.
Data Architecture and Integrity Checks - Although an old approach, it remains fundamental to maintaining accuracy, consistency, and reliability within system design.
Brute Force Attack Test - This process, when conducted as part of ethical hacking, can identify hidden vulnerabilities, but should be carried out only when necessary and with appropriate safeguards in place.
Regular communication to customers - Each time a customer logs in or updates their contact information, notifications should be sent to both their email address and mobile number on record. This approach ensures that customers are kept informed of every digital activity related to their account.
Although insurance companies actively engage in measures to build customer trust, it is equally essential for customers to monitor communications such as emails and WhatsApp messages by refraining from blocking these channels. By doing so, customers can independently track their transactions and account activity.
Each of us serves as a customer to one another. We must prioritise robust data protection measures and recognise that empathetic safeguarding fosters greater trust. As insurance providers, our commitment must extend beyond securing lives and savings. We must also ensure the privacy of customer data, thereby strengthening relationships and building confidence over the long term.
Empower your business. Get practical tips, market insights, and growth strategies delivered to your inbox
By continuing you agree to our Privacy Policy & Terms & Conditions
