Are We Safe to Bank on Biometrics?

Paul Dignan

Global Technical Account Manager at F5 Networks

Views 212

Are We Safe to Bank on Biometrics?

05.10.2017 07:45 am

For financial institutions, the primary goal of digitisation is making banking simpler and more intuitive for customers. Biometric identification has huge potential, offering convenience, simplifying password management and providing a frictionless authentication process. However, combining the desire for ease of use with the need to improve security is a difficult balancing act. With biometrics in banking rapidly gaining momentum, it is equally becoming an area of great interest for cybercriminals, meaning the security of the apps and systems that support these mechanisms is more critical than ever.

Biometrics offer an exciting new frontier in security, with the global biometric system market expected to reach an estimated$32.4 billion by 2022. From TouchID to iris scanning, and facial to voice recognition technology, consumer demand for biometric authentication is increasing, with research from Mastercard and Oxford University showing banks and their customers favour the use of biometrics in consumer financial services.

Many financial institutions have already put the technology to use. Wells Fargo began offering revolutionary eye-recognition technology as a security measure for corporate customers in 2016, and financial services company USAA has been offering users the option to log in using face and voice recognition technology since the beginning of 2015. Voice recognition technology has also been employed by CitiBarclays and HSBC to verify customer identity when phoning a customer service line and Santander has started trialling a voice-based chat in their standalone app, SmartBank.

Is biometrics a fool proof way to keep hackers at bay?

Despite their potential, biometric-based authentication is not failsafe and poses its own security challenges. The unique nature of biometric verification, and the fact that the digitised record is stored and encrypted locally in a secure portion of your device, does make the data better protected than traditional verification methods. However, the risks surrounding this type of data are greater. Unique, permanent biological identifiers can’t be changed or replaced in the event of a breach, so they are very dangerous if they end up in the wrong hands. 

The risk of a criminal stealing your eyeball (à la Tom Cruise in Minority Report) is mere science fiction fantasy; the real risk is the chance that a hacker could gain access to the digitised record of biometric data. The National Fraud Authority estimates that £3.3 billion is currently lost through identity crimes each year. Imagine how this could increase if hackers could access biometric data.

What’s the key to protecting biometric credentials?

Although biometrics offer an extremely strong alternative to traditional authentication methods, such as passwords and PINs, there is no such thing as 100 percent security, but having multiple gatekeepers in place can fortify the security of apps and systems. The more different proofs of identity required through separate routes, the more difficult it becomes for a cybercriminal to steal a consumer’s identity or to impersonate them.

As technologies progress, machine learning offers the potential to help banks authenticate users based on multiple assessments, including behaviour, appearance, voice and even the speed at which they type. With such capabilities, a user’s device can constantly calculate a trust score that the user is who they claim to be. According to Deloitte, together these factors are 10 times safer than fingerprints and 100 times safer than four-digit PINs.

Furthermore, solutions are being developed to solve the issue of biometric records being re-used when stolen. For example, a new approach is to split the biometric information between the user’s device and the data centre storage, meaning that if one is compromised, the hacker will not have all the information needed to gain verification.

How will biometric security continue to evolve?

New techniques are emerging that remedy some of the typical challenges associated with biometric solutions, including a lack of capability on the user device and verification failure (facial recognition is prone to problems with lighting conditions). Regardless of the challenges, biometric technology provides organisations with another layer of defence against cyber criminals while simultaneously streamlining the customer experience. This has been successfully adopted by many financial institutions, with great promise to further transform digital banking. 

As our lives move progressively online, the level of personal data stored by organisations, the stakes are becoming higher for businesses to ensure consumers’ data is fully protected. At the same time, lucrative areas, such as digital banking, are at the top of cybercriminals target lists. Even with the higher level of security that biometrics promise, having multiple gatekeepers in place is the only way to guarantee the highest level of security.

Latest blogs

Judith Thrane Nets

Q&A: Nets Interviews the Finnish National Bureau of Investigation on Subscription Traps

Fraud is on the rise. This is due, in part, to consumers' growing preference for shopping and managing finances online, where the opportunities for committed fraudsters are numerous. One of the most high-growth instances of online fraud is Read more »

Payments nexo standards

Can You Accept Global Payment Standards?

I hadn’t expected the sport of fencing to feature at the recent nexo standards annual conference in Berlin. When François Mezzina of nexo member, Total, however, used the sport to explain to the international audience of schemes, merchants, Read more »

James Stickland Veridium

Biometrics for the Unbanked

The number of mobile phone users in the world is likely to surpass 5 billion within the next year. As this number grows, it’s no wonder why most banks have their own mobile app or at least a way for their customers to access finances on-the-go. Yet Read more »

Karen Wheeler Affinion

How Banks Can Build Better Engagement with Business Customers

With a new year just around the corner, December is typically a month in which people take the time to reflect and remember upon the year gone by. Dealt its fair share of political and economic twists and turns, it’s not surprising uncertainty has Read more »

Ray Brash PrePay Solutions

Mobile Wallets set for big growth in 2018

With 2017 almost behind us, it is the ideal time to look back on another prosperous year for electronic payments, and to consider how last year’s developments will impact on 2018. Read more »

Magazine
ALL
Free Newsletter Sign-up
+44 (0) 208 819 32 53, +44 (0) 173 261 71 47 Download Our Mobile App