Blog article
See all stories »

Banking on biometrics

Security is one aspect in banking on which no customer would compromise upon. Banks too have been trying to incorporate the latest technological upgrades so that they do not become an easy target for hackers. The strength of any authentication mechanism is dependent upon the degree of its uniqueness. And what could be more unique than the person’s biometric impression itself

There can be lot of aspects which can be included under the jargon ‘biometrics’ such as DNA, blood features, hair structure etc. but convenience and speed of authentication cannot be ignored too. One cannot be expected to give a blood test for logging into internet banking. Currently, biometric authentication techniques are primarily being developed for voice, fingerprints, facial recognition, heart rate and iris. These biometrics have capability to be both secure and convenient.

Voice authentication means verifying the customer’s identity simply from the sound of their voice. During the normal conversation at the start of any call, advanced voice biometric technology, such as FreeSpeech from Nuance Communications, checks the client’s voice against their stored “voiceprints”, returning a verification result to the service executive and – assuming it’s positive – allowing them to provide information and complete transactions within seconds.

Barclays Wealth and Investment Management, for example, is recognised for being the first organisation in the world to deploy a passive voice security service with the primary aim of transforming the customer service experience. Using the system, its International Banking customers are automatically verified as they speak with a service centre executive.

Such an approach not only cuts the authentication time by about 20 seconds but critically enables service teams and relationship managers to focus on clients’ needs rather than the mechanics of authentication. In future, voice data would be analyzed to identify whether the caller is agitated, irate or in a hurry to avoid cross-sell pitches. This technology is gaining popularity and is being adopted by others including ICICI bank in India.

Cardiac rhythm is another authentication mode which is wide spreading. The technology, known as a Nymi Band, uses Bluetooth to pair with a companion app for Windows, Mac, iOS and Android. In order to work it first has to record a person’s ECG to the band and link itself to the app. ECG data is captured when the customer wears the band on one wrist and touches a sensor on the top of the band with their opposite finger. This technology has been already tested by Royal Bank of Scotland

One of the oldest verification mode i.e. fingerprint is also making footprints on the turf of online banking authentication. Apple’s touch ID interface provides a good platform for this purpose. Using that technology, the South African financial institution Standard Bank has launched a biometric mobile banking application, making it the first solution of its kind in the country. This gives the promise of ‘banking at your fingertips’ an added dimension.”

Facial recognitions also look promising. After all, if people identify each other by their faces, then technology should also do the same. USAA’s facial recognition requires users to look at the screen and, when prompted, blink their eyes. For voice recognition, users must read a short phrase. This makes USAA the first U.S. financial institution to offer facial and voice recognition on a mobile app

The research on authentication methods is happening at maximum momentum. Vein identification can be made by transmitting near-infrared light through finger. This works by the fact that the blood’s hemoglobin partially absorbs the light, which allows vein scanners to identify vein patterns. Other frightening methods involve implanting an RFID [radio-frequency identification] chip under the skin, or a decomposable tattoo which may hold up for one to two months. Friendly methods such as behavioral biometrics are also being studied which work by looking at the gestures and speed with which users key in their password.

While biometric methods promise a great deal of security, these methods should be utilized in conjunction with other forms of methods. Proper protection requires two-factor authentication, based on two completely independent components from one of three methods: knowledge – password; possession – smart card; and biometrics. Furthermore, user needs to know that the security mechanisms are there; voice recognition methods which follow behind the scene approach raises suspicion.

Biometrics provide one salient advantage over other conventional methods; the convenience to forget. Currently, users need to remember multiple passwords across many websites, which often creates confusion and annoyance. This freedom with biometrics allows both users and banks to focus on the sole objective of logging in – banking.


Comments: (1)

A Finextra member
A Finextra member 20 May, 2015, 00:03Be the first to give this comment the thumbs up 0 likes

I recently wrote about a the first cross platform mobile fingerprint payment authentication apps to released for Samsung and Apple.  Looks like mobile biomentric payment will be mainstream for 2015

Now hiring