Educating the supply side and the demand side of voter fraud in the Solomon Islands (Solomon Star News) — What gets through enrollment will most likely get caught in de-duplication.

Going up? The overall smart elevators market is expected to reach $16.45 billion by 2018 — It’s about time elevators got biometrified.

Security has layers. Top Security Techniques That Work For The Masters (Blog Her) — “Every layer of protection the bank adds is designed to make it harder for a criminal to ge paid. Consider a layered approach for your small-business security plan.”

US: Iowa bank adds biometrics into customer ID mix

Bridge Community Bank introduces in-branch biometric security (Finextra)

…[C]ustomers submit fingerprint and facial biometric data as well as their name, address, date and country of birth and gender. Tascet uses this data to generate a 16-digit ‘financial security number’ which is linked to the customer account. To identify themselves in a branch and carry out transactions, customers then provide their name and fingerprint.

This is exactly the kind of thing we predicted in the wake of Patco Construction v People’s United Bank.

[B]anks [now] have more responsibility to shield their business customers from fraud. That responsibility, however, will entail a cost that will ultimately be borne by customers in higher fees — applied directly to this this case, wiring fees. But if not appealed and/or upheld, it means banks will be offering customers more security and charging higher prices, part of which will flow to security providers including biometric ID management providers.

Bridge Community Bank is in Iowa.

India: Finance Ministry urges banks to adopt biometric ATM’s

Finger print based ATMs coming soon (Hindustan Times)

Your finger print or eye scan may soon be enough to withdraw cash from ATMs. For that, you will require a biometric based Aadhaar number. In a bid to encourage higher enrollment for unique identification or Aadhaar number, the finance ministry has asked all public sector and rural banks to speed up setting up biometric cash dispensers.

Hardware & ID Security: PC vs Mobile

Mobile banking to hit 1 billion users by 2017

Fortunately for the consumer, mobile devices often contain technologies such as GPS that track the user’s location, front-facing cameras that can be used for face-recognition, and other biometric tools such as voice recognition technology and in some cases fingerprint technology. In December, Ben Knieff, head of fraud at financial crime and technology specialist NICE Actimize told Banking Technology that mobile banking could eventually become safer than online banking.

“While consumers didn’t like biometrics ten or even five years ago, rising usage of the technology on sites like Facebook has made it more acceptable,” he said. “Consumer sentiment is changing, and I believe there could actually be an opportunity to use some of these technologies to make mobile banking even safer than internet banking is today.”

The whole article is worth reading but two points in the second paragraph quoted above are especially thought-provoking.

That’s the first time I’ve seen the Facebook face recognition issue turned on its head like that. Stories of outrage at the Facebook facial recognition app are easy to find. Whether this has more to do with Facebook’s User Agreement policies or biometric technology is a subject for another day, but is it possible that as suggested above, by putting people into contact with the technology the Facebook face rec kerfuffle has made biometrics more acceptable to the networked public?

Another fascinating item in the second paragraph is the notion that mobile banking can be inherently safer than online banking conducted through desktop or laptop computers. We discussed some of the reasons for this in Mobile Devices and Biometric Modalities, but the reasons why authentication via mobile devices may be more rigorous than that using other hardware go beyond biometrics. Mobile devices are quite simply capable of covering all of the factors listed below. In a multifactor authentication model, the more factors that can be determined simultaneously, the higher the confidence in the authentication transaction.
Here they are.

Something you have (tokens: key, prox card, mobile phone, etc.)
Something you know (passwords, PINS, codes, high school mascot, etc.)
Something you are (biometrics: eye, voice, face, fingerprint)
Where you are (location: IP address, cellular signal, GPS, in the bank branch)
When you are (time)

Mobile hardware supports all the factors above and, in the factors with bold face, mobile platform security exceeds the security attributes of PC hardware. Mobiles make better tokens because they aren’t often shared, they have blue tooth, near filed communication (NFC), wi-fi capabilities for external signaling and, of course, they’re mobile. They support passwords (OK, maybe not quite as conveniently as PC’s). Two biometric sensors, the camera and microphone, come stock on all mobiles. They know where you are at all times.

The what time it is question is a draw in the current discussion. Both technologies in question (mobile vs. PC) are equally ignored here because the question of time is answered on the server side; i.e. you can’t avoid late fees by setting the clock back on your PC when you make last month’s payment online. Payees have their own clocks. I just included it because it’s a real factor and there are ID/security applications where an individual is treated differently at different times of the day. Time also comes up in combination with location. Credit cards run fifteen minutes apart in gas stations separated by 1,000 miles raise suspicion.

That’s the theory anyway. In theory, mobile hardware can facilitate higher confidence ID authentication. In practice the security vulnerabilities of the PC world are better understood. There are several household names offering services that maintain PC hardware as a virus/trojan/worm free environment. Uptake of similar technologies has yet to take off with mobile hardware. That will change, though, if more people use mobile hardware to handle their finances.

Ghana banking sector embraces private sector biometrics, too

A lot of international attention has been focused on Ghana’s use of biometrics for voter ID management, but Ghanaian banks have been enthusiastic adopters of the technology, as well.

Ghana Automated Clearing House transaction volumes hit almost 200% (Ghana Business News)

GhIPSS was set up by the Bank of Ghana some five years ago to lead the migration of the country into an electronic payment society. Since its establishment, the wholly owned Bank of Ghana subsidiary has introduced a biometric card called the e-zwich, an electronic clearing of cheques with express clearing session, and Payment Distribution System. Its recent addition is the gh-link Interbank ATM Transaction Switching that allows bank to share ATMs.

ATM’s to go Cardless as Society goes Cashless?

Frost & Sullivan predict more secure and more convenient future of ATM Cash Withdrawals (Security Park)

“It is difficult to foresee how common cardless ATM services are going to look like in the future, especially with some initiatives that aim to reduce the usage of cash, like contactless payments and digital money. However, I do believe that cardless ATM services are going to find a space within specific customer segments, urged by either the necessity or the convenience of usage,” concludes Mr. Fernandez.

As for the title of this post “ATM’s to go Cardless as Society goes Cashless?,” I’m not convinced of either proposition, but the blurb at Security Park does get one thinking.

I’m betting ATM cards, or other tokens, will be around for a while. Cash will be around for a lot longer than tokens.

Nigeria Continues to Develop its ID Infrastructure.

A State that desires to deliver the benefits to society that all modern people have come to require of it*, will find things vastly simpler with an effective ID infrastructure. Biometrics are a cheap and effective way of building that infrastructure and are a true leap-frogging technology.

Here’s another indication that Nigeria is taking advantage of biometrics as to build a modern identity infrastructure. This article is about the banking and finance sector, an important piece of the development puzzle to be sure.

Bank Customers to Face Biometric Verification (This Day)

According to the CBN, the activities and processes of customers’ due diligence that financial institutions must perform to identify their customers, among others, remain key to the development of the financial system.

It also regretted that: “Verification of customers’ identity has been very difficult in Nigeria because the identity environment is fraught with adverse and disparate types of identity systems, all running in silos and having no link, integration or standardisation nor a centralised identity database for verifying the identity of bank customers.

“The absence of a central standardised identity database, and the relevant infrastructure to support access to this database, for the verification and authentication of identity, have had a constraining effect on the country’s growth and development, effective credit administration, effective administration of most government services and collation of accurate data and statistics that could be leveraged on to drive effective planning, both in the public and private sectors.”

The extremely frank and technical discussion at the end of the article — what it all means, why Nigeria is where it is, the costs of the status quo, and the opportunities do be derived from a more effective ID management environment — is really good stuff. You don’t see it laid out like that too often in the mainstream press.

*National defense, basic education, vaccination programs, enforceable private contracts, well regulated public utilities, etc. Basically, it’s just really hard for the government to do anything well if it doesn’t know who anybody (perhaps everybody?) is.

ID is About People

Bridging India’s identity divide with a number (BBC)

In one of the world’s fastest growing economies, some 40% of people living in villages don’t have bank accounts, the number rising to three-fifths of people living in the east and north-east of India. (It is another matter that more than 40% of India’s earners have no savings.) One of the main reasons why they don’t have a bank account is that they have no definitive proof of who they are.

Also, identity – when available – is fickle and dubious.

You can’t be a fully-functioning member of the modern globalized world without a legitimate ID.

Voice Biometrics and ID Management in Call Centers

Voice Biometrics as a Fraud Fighter (Bank Info Security)

The biometric technology analyzes voice characteristics, such as dialect, speaking style and pitch. By collecting and archiving voice characteristics of customers, banks, in theory, could authenticate customers’ identities when they call in.

Call center fraud has been escalating. U.S. banks have reported upticks in call-center schemes that rely on social-engineering tricks. The attack: Convince customer service representatives to share or change account details.

The installed base of telephone technology pretty much guarantees that there will be huge incentives for voice recognition technology companies to develop better and better products and for financial companies to adopt them.

This article does a great job with the incentives and challenges of ID management by telephone.

See also:
The Con is Mightier than the Hack
Up to 20% of voice biometric samples could be fooled by ‘wolves’ (UK Register)
Phone ‘Line Noise’ As ID Management Technique
Voice Recognition ≠ Speech Recognition

Customized Biometric ATM’s Available to Public Sector Banks for Use in Rural India

Govt banks to install 60,000 more ATMs (Business Standard)

Customised ATMs for rural areas are also being tested. “The machines used in metros may not be relevant in rural areas,” said Jaivinder Gill, managing director, NCR Corporation. He said the company had developed machines that could interact with the user in 23 languages and use biometric authorisation as a safety feature if the user was not comfortable with PIN identification.

Fingerprint Technology Improves Physical & Financial Security of Ugandan Women

With growing financial independence, Ugandan women face new challenges

Nancy Acieng stands outside the door of Pride Microfinance Limited, a bank in Kampala, Uganda’s capital. A fairly educated woman, she works hard to earn money selling fresh food and fruit from a roadside stall.

She says her hard work used to go to waste because her husband routinely stole her ATM card and withdrew the contents of her account. But thanks to the bank’s new security measure that requires customers’ fingerprints to withdraw money, she now has full control over her finances.

“He still beats me sometimes,” Acieng says. “But he cannot steal my money anyhow, anymore. Using the fingerprint technology changed and improved my security – both physical and financial.”