Visa looks to kill passwords with multiple biometric authentication options

Visa looks to kill passwords with multiple biometric authentication options

Visa is stepping up its efforts to kill off the password, teaming up with BioConnect to bring multiple biometric authentication options to a single app.

The emergence of mobile phones with fingerprint sensors and high-quality cameras has ushered in a new era of biometrics, enabling millions of people to make payments and access their bank accounts with the press of a button or scan of their iris.

But, Visa SVP of risk and authentication products, Mark Nelsen, notes users still have the option to bypass biometrics with a password or PIN, which results in a weak link the security chain.

"Today, the “password bypass” is a necessary design feature. A fingerprint sensor might not work when your finger is wet; facial recognition may fail in extreme lighting; and voice detection is difficult on a noisy subway platform. In those scenarios, there must be an alternative method for users to access their account," writes Nelson.

To remove the weak password link, Visa is working with vendor BioConnect on an app that uses multiple biometric technologies so that when the default option fails, a user can just switch to another.

The app also works across multiple devices, says Nelson: "Getting a new gadget is fun. But manually reloading your payment information and login credentials so you can use your new gadget? Not fun. Our collaboration introduces an elegant alternative, one that, for example, enables your newly downloaded mobile banking application to identify and authenticate you by using one of your previously enrolled biometrics.

"Because the technology can work across multiple devices, you would simply sign in using the biometric to gain access to your data, without need for a keyboard, password, or setup—all possible in the first few moments of unwrapping your new device."

Comments: (2)

João Bohner
João Bohner - Independent Consultant - Carapicuiba 15 November, 2016, 11:42Be the first to give this comment the thumbs up 0 likes

 

 

That's it!

A Finextra member
A Finextra member 22 November, 2016, 21:36Be the first to give this comment the thumbs up 0 likes

The author makes a case for the unreliability of biometric authentication. Many times my fingerprint doesn't function in the heat or cold, but normally it is quick and useful.  I have re-recorded my fingerprint when this happens, and that helps.  It would not be prudent to only depend on biometrics.

I would like to see more people investigate the SQRL protocol.  It gives companies access to robust cryptographic-based authentication, and the potential use of biometrics to unlock the local key-store. (https://en.wikipedia.org/wiki/SQRL)

Comparing biometrics, crypto, and violence, this is a useful cartoon. https://xkcd.com/538/

 

Featured Job
All Jobs »