Biometrics is a form of measuring physical characteristics to verify one’s identity with options including voice, fingerprints, face, retina, or iris of the eye, vein infrared thermogram, or a combination of these identifiers. It was once a form of cutting-edge technology only seen in science fiction movies; however, the security biometric authentication offers is one of the most relevant topics and top priorities moving into 2019. With the increasing rates of reported fraud, many financial institutions are being pressured to implement stronger security solutions and biometrics seems to be the most viable option.
Many FinTech analysts predict the PIN number will be obsolete within the next few years, while others disagree. Whether the PIN is here to stay or not, biometric authentication is quickly advancing as many banking institutions are adopting this new form of digital security. Money and security have always gone hand-in-hand: the more money you have, the more security you need. The topic of biometric authentication has risen to the top of the financial technology landscape in recent years because there's a greater demand for security than ever before. Alongside the rise of fraud is the growth of biometric authentication in mobile app development as banks are rethinking mobile security. This post will provide an overview of biometric modalities, the current security landscape for biometric authentication, and how financial institutions can embrace this technology moving forward.
Biometric identification methods can be achieved on mobile devices either through its built-in biometric sensors, attaching portable biometric hardware to it via a USB cable, or through a Wi-Fi connection. Here are a few biometric authentication methods that banks are already taking advantage of:
Iris Scan:
This mode contains more than 200 unique points of data that are stored in the institution’s database. Many biometric experts believe that the iris scan is the most reliable way of authenticating a user’s identity.
Voice Recognition:
This option is said to work best when paired with another authentication mode. At the beginning of the year, HSBC announced an introduction to voice recognition mobile apps and ATMs to allow customers to complete transactions without requiring passwords or card swipes.
Facial Recognition:
Facial recognition can authenticate users at ATMs, as well as online and mobile banking. This type of authentication is dependent on the user’s environment such as the lighting or positioning of the face, making it a less effective security option.
Fingerprint Scans:
Fingerprint scans are currently the most popular form of biometric authentication used on many mobile devices worldwide.
Vein Pattern Authentication:
Vein pattern authentication relies on the unique pattern of veins in the palm, finger, or eye to identify a user. The vein patterns of the user are as unique as their fingerprints, but not as easy to replicate.
These modes of biometric authentication can be used in a variety of banking scenarios, including withdrawing and depositing cash from ATMs, proving identity when contacting their bank, and most commonly authenticating mobile banking apps. With the advancement of biometric technology, passwords, PINs, and security questions are becoming a less secure option for mobile banking. Financial institutions are aware that security is never guaranteed with any method, but should be choosing the best solutions available to protect their customers as well as themselves.
Billions of customers are shifting onto digital platforms for their banking needs, and it’s becoming more important than ever for financial institutions to offer a mobile platform optimized for providing safe authentication for logging into accounts and making mobile payments. At the moment, attitudes towards biometric authentication are positive with 56 percent of consumers saying they trust biometric methods to authenticate accounts and make mobile payments more than a traditional PIN. However, in the next six years, the biometric market size is anticipated to reach $24.59 billion, and by 2023, there will be roughly 2.6 billion biometric payment users, so despite being favored for convenience, the growing popularity of biometric authentication puts the technology at risk for becoming a target.
The scope of data breaches in 2018 was startling. The number of records compromised in the first half of the year surpassed the total number of breached records in all of 2017 according to Experian’s Data Breach Industry Forecast 2019. Cybercriminals are becoming more sophisticated and new technology presents a broader, more severe attack surface. Biometric authentication is not exempt from cyber attacks; data can be altered when it’s first recorded, and sensors can be manipulated or deteriorate with overuse.
Here are a few major market trends we can expect to see during this growth period that will impact the adoption of biometric technology in the banking industry from a security perspective.
While many banks ensure that their customer data is safe and secure with passwords and PINS, customers are still at risk of fraud. Companies such as Microsoft and Intel are beginning to recognize the pressing need for powerful security and are building biometric authentication systems into their future products. Biometric single sign-on (SSO) is a password management technology that protects data from unauthorized users. These forward-thinking companies are paving the way for banks to enter the biometric space for mobile banking.
There are different modes of biometric authentication that institutions can adopt such as fingerprint, voice, retina, heartbeat, facial recognition, etc. HSBC recently introduced fingerprint and Touch ID sign-in to its mobile banking app with many other banks to follow. This eliminates the pains of remembering passwords and suffering the dreaded account lock after too many password attempts. With this new technology, users are provided with enhanced user experience (UX) and security.
Using PINs and Passwords as the sole security option positions consumers as easy targets for fraud. Many organizations are now considering multi-factor authentication (MFA) by combining a fingerprint with either retina, voice, or facial recognition, for example. MFA makes it extremely difficult for a hacker to infiltrate customer accounts. This security method combines something a user is and something a user knows. Mobile banking users will likely see biometric recognition paired with PINs and passwords for two-factored authentication before manual logins are obsolete.
Ever since Apple launched its Touch ID and Samsung introduced its fingerprint scanner, using physical characteristics as a form of authentication to access user data has proven to be very successful. Biometrics has proven to be extremely valuable in the government and business sectors, but financial services have been particularly slow to adopt. Incorporating biometric authentication into a mobile banking strategy not only addresses security concerns for users, but it also serves as a jumping point for enhanced UX. Even in 2019, banking institutions are lagging behind in the race to deliver frictionless mobile experiences focused on adding value to the customer experience.
Convenience has been a defining factor in the development of FinTech biometrics. If you're wondering whether biometric authentication is right for your mobile app, read our next blog: Biometric Authentication for Convenience in Mobile Banking: What Banks Need to Know.
Image source: ePayments Blog.
Voila Hub partners with forward-thinking banks and finserve companies to create and implement mobile strategies, deliver products to market faster, and drive agile transformation. Start a conversation, today.