Have biometrics reached their tipping point?

Author: Tom Stinton

With an increasing number of passwords to memorise, and Apple’s Touch ID growing in popularity, can we expect an omni-channel banking future based on biometrics? 

A few years ago we only had a few passwords to remember: computer login, email, banking, eBay, PayPal, LinkedIn and maybe one or two websites. But today, almost every website and app we visit or buy something from offers up personalised content. They all need us to provide a password to identify ourselves so they can enhance their engagement with us.  

Last month I attended the presentation of Tinna Hung, Director of Marketing at EyeVerify, at Finovate Europe. She has 97 separate personal passwords to remember. And while you may not have quite as many, I can almost guarantee that the number you do have is growing.

And if you were to follow password security best practice, you’ll have a unique password for each of your accounts, which you change every 30 days to a password that you have not used before. You could be generating, and remembering, around 1000 new passwords every year!!

We’re clearly reaching the point where we’ve simply got too many passwords to manage. A password manager is one answer. Could biometrics be another?

Biometrics

I’m sure you’re familiar with the term biometrics but, if you’re not, Wikipedia defines them as:

“Metrics related to human characteristics. Biometrics authentication is used in computer science as a form of identification and access control.”

In other words, when it comes to information technology, biometrics is about using our unique individual characteristics to identify ourselves and gain access to apps and information. Examples include fingerprints, finger veins, face, DNA, palm veins, palm prints, hand geometry, iris, retina, voice and even odour.

Biometrics are not only a very secure way to identify you – they are our unique and inviolable signatures – but they are extremely convenient. After all, we carry them with us every day, wherever we go. We don’t have to worry about forgetting them or leaving them behind on the mantelpiece.

Biometrics in banking is not new…

Apple introduced biometrics to the general public in September 2013 with the launch of the iPhone 5S and its fingerprint sensor. Heavily integrated into the iPhone 5S and its successors, Touch ID allows users to unlock their device, make purchases in digital Apple stores and authenticate Apple Pay purchases by simply touching their screen.

Apple Pay arrived in the UK in July of last year. In the UK, the majority of banks have now adopted the technology, with Barclays about to launch the technology later this month. Banks’ adoption of Touch ID, however, is less wide spread. NatWest and Royal Bank of Scotland introduced Touch ID for log-in to their apps in February 2015. Since then only First Direct and HSBC have been the other major banking brands to support the technology to date.

If you’re wondering about security, fingerprint information is stored locally in a secure location on the device rather than in the cloud, making it very difficult for external access. Some claim that a fraudster could recreate your fingerprint, but doing that is complex and even if they did manage to, it can only be used with your specific smartphone. And if you ever injure your finger and are unable to use the biometric technology, you can fall back on a passcode.

… but has so much more to offer to omni-channel banking

Biometrics has a vast potential in finance beyond smartphone banking and payment apps. Imagine a solution that could automatically recognise the face of a blacklisted fraudster when they entered a branch and alerted staff to their presence. Imagine if a customer simply needed to place their finger on a vein reader to identify themselves at the counter. Or how about voice biometrics confirming that the person calling the call centre is who they say they are?

All the use cases I’ve talked about show how simple, accessible and convenient biometrics are. They ensure individuals with physical impairments have easy, yet secure, access to services.  They mean people who have difficulty remembering things, such as those who might be unwell or elderly, don’t come unstuck. They are simply quick and easy to use, and also offer an improved user experience.

Are you exploring how biometrics could reduce fraud while enhancing you customers’ experience? Are you preparing for a world no longer dependent on passwords?

You might also be interested in our opinion paper: The Financial Services industry must set a higher security standard in the fight against cybercrime [PDF]

Please also see Simon Cadbury’s blog: Biometrics: An essential tool in your armoury?

23 Mar 2016

Author: Tom Stinton

With an increasing number of passwords to memorise, and Apple’s Touch ID growing in popularity, can we expect an omni-channel banking future based on biometrics? 

A few years ago we only had a few passwords to remember: computer login, email, banking, eBay, PayPal, LinkedIn and maybe one or two websites. But today, almost every website and app we visit or buy something from offers up personalised content. They all need us to provide a password to identify ourselves so they can enhance their engagement with us.  

Last month I attended the presentation of Tinna Hung, Director of Marketing at EyeVerify, at Finovate Europe. She has 97 separate personal passwords to remember. And while you may not have quite as many, I can almost guarantee that the number you do have is growing.

And if you were to follow password security best practice, you’ll have a unique password for each of your accounts, which you change every 30 days to a password that you have not used before. You could be generating, and remembering, around 1000 new passwords every year!!

We’re clearly reaching the point where we’ve simply got too many passwords to manage. A password manager is one answer. Could biometrics be another?

Biometrics

I’m sure you’re familiar with the term biometrics but, if you’re not, Wikipedia defines them as:

“Metrics related to human characteristics. Biometrics authentication is used in computer science as a form of identification and access control.”

In other words, when it comes to information technology, biometrics is about using our unique individual characteristics to identify ourselves and gain access to apps and information. Examples include fingerprints, finger veins, face, DNA, palm veins, palm prints, hand geometry, iris, retina, voice and even odour.

Biometrics are not only a very secure way to identify you – they are our unique and inviolable signatures – but they are extremely convenient. After all, we carry them with us every day, wherever we go. We don’t have to worry about forgetting them or leaving them behind on the mantelpiece.

Biometrics in banking is not new…

Apple introduced biometrics to the general public in September 2013 with the launch of the iPhone 5S and its fingerprint sensor. Heavily integrated into the iPhone 5S and its successors, Touch ID allows users to unlock their device, make purchases in digital Apple stores and authenticate Apple Pay purchases by simply touching their screen.

Apple Pay arrived in the UK in July of last year. In the UK, the majority of banks have now adopted the technology, with Barclays about to launch the technology later this month. Banks’ adoption of Touch ID, however, is less wide spread. NatWest and Royal Bank of Scotland introduced Touch ID for log-in to their apps in February 2015. Since then only First Direct and HSBC have been the other major banking brands to support the technology to date.

If you’re wondering about security, fingerprint information is stored locally in a secure location on the device rather than in the cloud, making it very difficult for external access. Some claim that a fraudster could recreate your fingerprint, but doing that is complex and even if they did manage to, it can only be used with your specific smartphone. And if you ever injure your finger and are unable to use the biometric technology, you can fall back on a passcode.

… but has so much more to offer to omni-channel banking

Biometrics has a vast potential in finance beyond smartphone banking and payment apps. Imagine a solution that could automatically recognise the face of a blacklisted fraudster when they entered a branch and alerted staff to their presence. Imagine if a customer simply needed to place their finger on a vein reader to identify themselves at the counter. Or how about voice biometrics confirming that the person calling the call centre is who they say they are?

All the use cases I’ve talked about show how simple, accessible and convenient biometrics are. They ensure individuals with physical impairments have easy, yet secure, access to services.  They mean people who have difficulty remembering things, such as those who might be unwell or elderly, don’t come unstuck. They are simply quick and easy to use, and also offer an improved user experience.

Are you exploring how biometrics could reduce fraud while enhancing you customers’ experience? Are you preparing for a world no longer dependent on passwords?

You might also be interested in our opinion paper: The Financial Services industry must set a higher security standard in the fight against cybercrime [PDF]

Please also see Simon Cadbury’s blog: Biometrics: An essential tool in your armoury?