A Finextra member 17 May, 2015, 08:31 0 likes

Very interesting post Tolga. I agree that in all the payment services I launched over the past 15 years getting the balance right between security and consumer experience was the hardest thing.

It has therefore been interesting to hear from FIDO about the many implementations of a Passwordless Experience https://www.finextra.com/blogs/fullblog.aspx?blogid=10476 .

Is this somthing your bank and others in Europe are considering?

A Finextra member 17 May, 2015, 10:50 0 likes

Thanks a lot Charmaine. I heard about FIDO, you also wrote an excellent article about it - that I enjoyed a lot. Currently, we work intensively on Biometric (not necessarily only Apple fingerprint) solutions and EBA guideline's compliance - that would be started to be enforced starting from August 2015.

In my opinion FIDO still needs some time, the main challenge is device dependency (either in the form of biometric reader featured smart phone or another stand alone device) - plus some demographic issues too. In Europe, not all countries and not all customers have the same level of access to the prequisites of FIDO. Even so, it is where we should go as I mentioned in my blog -our devices will be our IDs.

Also please note that sophisticated attacks start with getting control of clients' PC - that may mean that regardless of security tool used in the PC, they are vulnerable. As you know, EBA (European Banking Authority) Guidelines on internet payments security - would not like browser related security tools.