The future is biometric, but privacy fears must be confronted

  • Sirpa Nordlund, Executive Director at Mobey Forum

  • 07.10.2015 01:00 am
  • undisclosed , Ms Nordlund currently serves as Executive Director of Mobey Forum. Previously a guest speaker at Mobey Forum events, Ms Nordlund is now responsible for the direction of Mobey Forum initiatives and for overseeing the operational management of the group.Prior to joining Mobey Forum, Ms Nordlund served ten years at Nokia, where she held several management positions. She was especially involved with the business development of NFC. More recently, Ms Nordlund was responsible for the sales in selected European markets at Venyon, which provided trusted NFC services as a subsidiary of Giesecke & Devrient.

Over the summer, Mobey Forum’s Biometrics and Security Workgroup, set up to explore opportunities and use cases for biometric authentication in mobile money, met with The Biometrics Institute and the Natural Security Alliance, in a bid to exchange knowledge and expertise.

Biometrics adoption is gathering pace, particularly in mobile financial services (MFS). Acuity Market Intelligence estimates that by 2020, mobile biometrics will be used to authenticate almost 65% of all mCommerce transactions, creating a market worth in the region of $34.6bn annually.

But how mobile biometric solutions are going to evolve and be deployed to enable this level of market adoption remains far from clear. It’s already a complicated market, with stakeholders vying for dominance in biometrically-enabled smart mobile devices, biometric sensors, mobile app development, payment authentication and biometric systems security.

Two key themes emerged from the talks. Firstly, that biometrics have the power to help banks and other financial institutions vastly improve the user experience for their mobile money services. Banks clearly agree with this sentiment. A recent Mobey Forum survey of its global membership, revealed that 22% of banks already offer some form of biometric services to customers, with a further 65% planning to introduce these types of services in the near future. More than half of these plan to launch fingerprint biometrics for their end users, with an additional 21% citing voice recognition as a key focus of development. This is great to see; finally banks are working hard to enhance their mobile user experience, something that will strengthen their defences against the influx of powerful new players in mobile money, all of whom are rightly fixated by the user experience they deliver. For these players, unlike traditional banks, it’s woven into their DNA.

Fears relating to privacy, the second key takeaway from the talks, remain a real sticking point for the industry. This is no surprise. After all, what is more repellent in the world of mobile money than the idea of your unique biological identifiers being passed around between service providers, or worse, available to the highest bidder? Mobile app usage data is one thing. A thumbprint is quite another. Fortunately, banks agree on this point too; in the same Mobey Forum survey, biometric security, together with their reluctance to depend on biometrics vendors, featured prominently on the list of barriers that could impede adoption.

Collaboration between key stakeholder groups is the key to making progress, not least because the issues relating to biometric privacy are both significant and complex. Where should a user’s biometric data be stored? How will it be protected? Who will be able to access it and under what circumstances? What ethical responsibilities should stakeholders bear? Equally, what factors should the user be accountable for?

As with most technologies that promise revolution, the likelihood is that there will be no one-size-fits-all approach. So, how can best practice be defined? A good first start it to identify the ‘killer’ use cases that are likely to drive commercial development, like mobile payment authentication, for example, and focus attention on the issues raised by these deployments.

Caution is appropriate, particularly where financial services are concerned. But in this discussion, there are wider issues at play; the biometric identifier itself has huge value, far more so than a PIN, or a password that can be changed at will. But when founded on clear lines of responsibility and directed by universally accepted ethics, biometrics has the potential to provide a secure and convenient solution for both identification and fraud prevention in mobile services.

What’s your opinion on the development of biometrics in mobile services? Join the debate on Twitter: @mobeyforum

Other Blogs