Road2BUP Commerce – Feature Two: Banking With Biometrics

Leading up to this year’s Biometrics UnPlugged event in Tampa, Florida, we are taking the time to explore popular topics in biometrics. Throughout July, we will be taking a look at how biometrics and identity management are affecting commerce.

Last week, we kicked things off with a primer, this week we’re going to take a look at what biometric banking can mean to the end user.

The Biometric Banking Promise

Banking is inconvenient. The truth to that statement may be subjective, but it feels accurate. Bank hours are not synced with a person’s free time, necessitating online and phone banking options which, unfortunately, don’t really inspire peace of mind for the average user.

A recent survey from Deloitte shows that security concerns are hindering the adoption of mobile banking particularly. Of the 2,193 respondents, over a third stated that a distrust of WiFi and mobile network security is their number one deterrent, while 28 percent are most afraid of a mobile device becoming physically compromised by theft or misplacement.

A lot can be learned from these statistics, namely that there needs to be a line of trust established between a bank and its customers. Increasingly, that trust is surfacing as biometric security, providing assurance, convenience and security to the personal banking experience.

Accessibility

Among the more common biometric security factors making banking easier on time and stress is the fingerprint. Replacing PINs, fingerprint biometrics are used in ATM technology and in some cases, a direct payment situation.

In the case of ATM banking, fingerprint recognition offers accessibility. It is an easy aspect of banking to take for granted, but there are barriers if access when it comes to banking, and one of them is language.

A current pilot project in Nigeria is an excellent example of this. A biometric system featuring DEMALOG fingerprint recognition does prevent fraud, but just as importantly it allows a language and literacy agnostic solution for financial access. A PIN based ATM transaction takes for granted the assumption that the user speaks a language supported by the ATM and has a high enough education that a “what you know” style of security will be effective rather than deterring.

Of course, the fraud prevention can’t be overstated in this regard either, particularly in Nigeria. On the launch of the pilot, DERMALOG CEO Günther Mull commented, “Fraud is one of the biggest challenges in the Nigerian banking sector. Thanks to secure and convenient fingerprint identification, in future it will no longer be possible to fake and misuse identities. This will solve one of the most pressing problems for the Central Bank of Nigeria.”

This brings us to another end user benefit, one that has real applications all over the world while being practically invisible.

Assurance

At non-biometric ATMs there are two factors at work: the presence of a card and the entry of a four digit code. Unfortunately, one of those factors is reduced to an account number in the case of phone banking. In order to compensate for this a series of security questions are added to the process (usually involving a biographical detail and a query into a recent purchase).

Biometrics are streamlining this by hiding the assurance that security questions so obviously are there for. Both active and passive voice recognition are to thank for this.

With voice biometric software in place, the shields are lowered for users with the right voice, while they are strengthened if the person speaking on behalf of the account holder doesn’t match the user’s vocal template.

In May, Nuance Communications deployed an active voice biometrics solution just like this in Mexico. When Banco Santander México customers call in to the IVR system in order to manage their finances over the phone, they are prompted to say the phrase, “At Banco Santander, my voice is my password.” This provides enough biometric data for Nuance’s Vocal Password software to authenticate the caller, saving time on both ends of the call, eliminating the need to use easily compromised PINs or inconvenient security questions.

Convenience

The trust provided by biometrics in banking carries into the mobile world too, but it brings with it a very encouraging amount of convenience.

There is a general design problem with the smartphone interface, and that’s the QWERTY keyboard that has been transplanted from the home computer experience. An eight to sixteen digit password featuring upper and lower case characters, symbols and numbers is no great feet when ten fingers and a keyboard team up to type it out, but one or two thumbs on a tiny touch screen? That is enough of a deterrent to convince a user that her banking isn’t worth the time it takes to log in until she gets home to her computer and its trusty keyboard.

As has been explored here before, the smartphone can be home to a wide range of biometric factors. Each type of authentication can be applied to a banking app to circumvent the QWERTY obstacle.

Eyeprints, voiceprints, facial recognition and fingerprints each have applications in mobile banking, and all of them are easier to use and more secure than a web banking password. Even the notoriously closed off Apple has offered its Touch ID sensor up for the cause.

At the most recent WWDC, the company announced that with the release of iOS 8 the fingerprint sensor would be open for third party developers to work into their apps. To illustrate the implications of this move, Apple demonstrated Touch ID on the mobile banking app from Mint.com.

*

Have something to add in the discussion of how biometrics are changing banking? Follow us on Twitter and get the conversation started in preparation for September by using the hashtag #Road2BUP.

Stick with findBIOMETRICS all summer as we, along with our sister site Mobile ID World, get ready to take the next big step in these discussions.

July 9, 2014 – by Peter B. Counter