Biometric security, banking, and why the password is passé

Biometric security, banking, and why the password is passé

Andrius Sutas

CEO and co-founder at AimBrain

Views 707

Biometric security, banking, and why the password is passé

16.11.2018 10:00 am

For banks, technological innovation brings freedom, flexibility, and seemingly inevitable security problems. The rise of mobile brought with it easy segmentation, remote onboarding, and convenience for customers. However, a recent report found that mobile logins saw a 200 percent increase in attack rates in Q2 of this year, compared to the previous quarter.

Safeguarding customer data has never been more important, nor more difficult – particularly since password security remains a default option, even as it proves increasingly outmoded. Banks must find ways to comply with the law and protect their target audience’s most sensitive information. To do so, they must look beyond old methods and towards rigorous, robust, and layered biometric security. 

Stronger security 

Even the strongest password can be stolen or cracked. It doesn’t matter if it’s the name of a childhood pet, a first school, or a string of random characters: the fact that it can be compromised means that it will be – if not often, then often enough to cause a problem. 

This is, in all fairness, true of most individual layers of security. The key is to layer security on top of security. Here, biometric verification can be more useful: focusing on a user, rather than their device, can be a more reliable way to prevent data theft. 

However, biometrics alone won’t work; a voice passphrase, for example, could theoretically be mimicked by a stolen recording. Multiple checks are therefore necessary: biometrics, passive bot detection, and other detection tools working in tandem can effectively stop sensitive information from being compromised in most instances. 

Multiple biometric layers 

Fingerprints, face identification, voice recognition, and retinal scans alone may all be individually hackable to some extent – but attackers will have a more difficult time hacking all of them. Using a mix of physical and behavioural layers can form a unique security matrix for each user. 

AimBrain’s AimFace//LipSyncsolution is an example of this in practice, as it combines facial recognition with voice challenges and lip synchronisation analysis. Customers simply take a photo of themselves and read a randomised number, which then becomes the authentication protocol for their account. This prevents cyber criminals from accessing their information without compromising usability.

It’s a simple approach, but one that makes life much harder for those with malicious intent. 

Smart detection tools

Better yet, these biometric checks can be bolstered with smart detection tools – particularly the latest anti-spoofing and liveliness detection devices. These tools combine straightforward user challenges, time-sensitivity, and artificial intelligence to boost security. For example, they make it easy to complement facial recognition with audio prompts – making it simple for users to access their account (it’s easy to lose a password, but somewhat harder to lose a face) and making it tough for cyber criminals to break into an account. 

Here, biometric data is safe precisely because it’s in plain sight. 

Passive bot detection 

It’s preferable to prevent attacks rather than stop them. Here, passive bot detection can be highly useful: it uses institutional and industry-specific fraud data in tandem with a passive anomaly detection module which is designed to identify signs of suspicious activity at the earliest opportunity. This catches bots, but it can also identify unusual behaviour from human users at the onboarding stage. It’s another layer of protection – one that might not address security challenges on its own but serves as a vital piece of a larger mosaic. 

In 2018, this is how banks should approach security - password protection alone simply won’t cut it. Fraudsters are too intelligent, new technologies are too vulnerable, and sensitive information is too valuable. Banks must focus on a multi-level, multi-layered approach to security because it is a multi-level, multi-layered problem. The aim should be to create a model where authentication checks are, if not impossible to beat, at least close to impossible. Working with a biometrics partner to create a truly complex security system – instead of one that relies on outdated tools and tactics – will help institutions to protect customer data today and in the future. 

AimBrainis a BIDaaS (Biometric Identity as-a-Service) platform for global B2C and B2B2C organisations that need to be sure their users are who they say they are.

 

Latest blogs

John Jannes IHS Markit

Best Execution in the US: Three Things Broker-Dealers Need to Think About​

As we head into 2020, US broker-dealers are preparing for new mandates on how they report transactions back to customers. The requirements – established by the Securities and Exchange Commission’s (SEC) updates to Rule 606 – aim to bring investors Read more »

Nish Kotecha Finboot

Blockchain’s role in energy supply chains and the fight against climate change

Two topics dominated September’s UN General Assembly, at times provoking fiery debate. World leaders gathered in New York amid simmering tensions in the Middle East. The recent attacks on key Saudi Arabian oil facilities prompted questions about how Read more »

Denis Novikov Qulix Systems

How Can Digital Customer Onboarding in Banks Increase Sales and Build Loyalty?

While banking product portfolios tend to become similar, banks must select between 2 most popular strategies (or combine them): to compete in pricing or to focus on customer experience improvement.  If you prefer the first strategy, you may skip Read more »

Nick Ogden Worldpay

Worldpay founder Nick Ogden tops Payments Power 10 and other highlights from PayExpo 2019

Last week, fintech, banking, retail and gaming professionals attended the UK’s largest payments event, PayExpo 2019. Event attendees visited a series of conference sessions, debates and networking opportunities – and start-ups had the chance to Read more »

Lina Andolf-Orup Fingerprints

Finger on the pulse! The Countdown to 2020 has Begun

With 2020 in sight, now is the perfect time to pause and reflect on the past three months and see how the world of biometrics has evolved since our last update. With everything from high profile announcements to some news you may not have heard, Q3 Read more »

Magazine
ALL
Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel