Cloud Biometrics Use to Soar in Two Years: Report (Infosecurity Magazine)
“Over half a billion customers worldwide will be using cloud-based biometrics to securely authenticate with their banks within two years, according to a new analyst report.
London-based Goode Intelligence’s Biometrics for Banking report details what might happen to the market over the next five years.
It claims that by the end of 2020, 1.9 billion bank customers will be using biometrics to: withdraw cash from ATMs, prove their identity over the phone, access banking services through smart devices and more. Sometimes a combination of biometrics will be needed, for example to initiative a transfer of funds from a web-based interface.”
We’re also seeing a lot of activity on this front and adoption of our IdentiTrac Web API.
Consumers ready to switch from passwords to biometrics, Visa finds (The Paypers)
“Consumers are ready to leave the password behind and adopt biometrics, according to the results from a survey commissioned by Visa.”
The full pdf info-graphic from Visa is available here.
The study of 1,000 U.S. adult consumers who use at least one credit card, debit card, and/or mobile pay account covers a range of topics on biometrics including:
- Top benefits
- Top concerns
- Trusted entities
Banks drawn to vein pattern recognition biometrics (Electronics News)
Vein recognition technology is restricted to checking vein patterns of living body tissues and offers reliable reading. Moreover, vein patterns are nearly impossible to counterfeit. Many banks worldwide consequently have incorporated this technology into their ATMs to improve the user authentication procedure of these machines.
While the ease of duplicating fingerprints to hack biometric systems is regularly overstated, it is a possibility. I’ve never even heard of anyone trying to spoof a finger- or palm vein biometric system.
The trade-off for vascular biometrics is that the sensors are typically larger and more expensive than fingerprint readers and there are fewer vendors offering vein technology. Nevertheless, certain deployments recommend themselves well to vein biometrics.
More companies are turning to voice biometrics for security purposes (Digital Trends)
Technology known as voice biometrics seems to be the next big thing in keeping your accounts safe and sound, especially with the alarming rise in call-in center fraud. In this latest version of trickery, criminals take advantage of human error and human emotions when they dial into a customer service line, describe some fictional situation that garners the representative’s sympathy, and subsequently gain access to sensitive data and, of course, money. $10 billion worth last year, in fact.
The purpose of identity management technology is to force fraudsters into social engineering. Identity management technologies can still help with that, too.
Citi tests ATMs that replace plastic cards with mobile phones, QR codes, NFC and iris scans (NFC World)
Customers using one of the new Irving ATMs download a mobile app and set up the transactions they wish to make when they reach the ATM on their mobile phone. They can then chose to have a QR code scanned by the ATM, tap their NFC phone against the ATM or have their iris scanned to authenticate themselves in order to complete the transaction they previously logged inside the mobile app.
This “grab bag” ID regime is interesting. Throw in Bluetooth, fingerprints, RFID and chip-on-card technology and the number of permutations of possible ID deployments goes up even higher. This is good news both for consumers and for business with ID management challenges.
Financial inclusion and women empowerment (Economic Times)
In 2014, the Bhamashah initiative was refurbished with a broader coverage of gender empowerment, financial inclusion and family-based benefits. It now provides end-to-end delivery system for individuals and various family-based benefits of the government’s social welfare schemes — like the PDS, pension funds, health insurance, MNREGA and scholarships — through a centralised e-government platform by leveraging the enhanced electronic infrastructure of the state.
These transfers are made to the bank account of the woman of the house through the Bhamashah smart card, which also provides biometric identification of family members. The card is also a co-branded debit card with the participation of several banks.
The merits of financial inclusion are deeply rooted in citizen empowerment. Access to credit is a critical link between economic opportunities and outcomes. By empowering individuals and families to cultivate economic opportunities, financial inclusion can be a powerful agent for strong and inclusive growth. With women constituting half the population, their equal participation in society is imperative for sustainable development.
No wonder this man is smiling.
One of the important assertions Amartya Sen makes in “Development as Freedom” is that empowering women in developing countries through education and financial inclusion is a tried-and-true way toward economic development for a country as a whole.
He won the Nobel Prize for Economics in 1998 for his contributions to welfare economics.
Biometric technologies can help make inclusion programs more efficient and more affordable.
USAA tops 1 million biometric users (Houston Chronicle) — San Antonio-based USAA reported Thursday that more than 1 million of its members have signed up to use its biometric technology on its mobile app.
A Millennial’s Mindset: Money and Biometrics (Finextra)
The best thing for me would be a fast, easy and secure process, designed around me. Why can’t I use my biometric data to have a joined up experience? Without removing body parts, it is hard to steal from you. Biometrics would enable me to identify myself immediately.
We agree; and we’re working on it.
If it seems like things are moving slowly, it’s only because there’s a lot that had to be done on the infrastructure side first. A whole lot.
How mobile identity can unlock the DNA of trust for the financial sector (Information Age)
More than two-thirds of UK consumers think that using biometrics – such as voice, fingerprint, iris and facial recognition – would be more secure and help reduce the risks of fraud. These findings were consistent with consumers across Australia, Singapore, Indonesia, Malaysia, the United Kingdom and United States.
Biometric Data Without the Big-Brother Angst (American Banker)
At the end of the day, biometric data is really just another type of personal data that banks hold, access and use with the trust of customers and employees. But obtaining consent should not just be seen as merely a bureaucratic necessity. It is part of a process by which banks can maintain and enhance trust — which only becomes more important in the age of big data and virtual relationships.
Biometric authentication could help solve online fraud (bobsguide)
Darren Hodder, Director of Fraud Consulting told delegates at the SMi 2nd Annual Big Data in Retail Financial Services last week that the easiest way to solve online fraud is for banks to know exactly who their customer is, which could be achieved through biometric authentication.
Hodder believes that we are currently in “authentication hell” and that the authentication processes used by biometrics such as facial, iris, finger print or vein recognition could help to reduce the risk of fraud and enhance customer experience by enabling banks to recognise exactly who their customers are.
Hitachi: Malaysian bank keen to adopt biometric reader technology (Astro AWANI)
A Malaysian bank is keen to adopt Hitachi Asia Ltd’s finger vein authentication technology solution.
Its senior vice-president/general manager ICT Solutions Business Regional, Mitsuhisa Kajiyoshi, said the new solution would enable the customers to easily access their online bank accounts and authorise payments within seconds, without the need for personal identification numbers, passwords or authentication codes.
Fujitsu Looks To Secure Card Payments With Biometric Data (Tech Week Europe)
Fujitsu says its new PalmSecure ID Match device will make identity verification and card payments more secure by combining a chip and PIN system with its palm-vein scanning technology for multi-factor authentication.
The unit is similar to current point of sale systems and comprises a multi-card reader, its PalmSecure sensor, a touchscreen and a processor board powered by an ARM chip.
It really does seem that Japanese tech firms dominate in hand-vein biometrics.
The 5 Best Ways to Protect Your Financial Data From Crooks (The Street)
“It’s premature to declare fingerprints the winner,” said Gil Mermelstein, a managing director with technology-focused consulting firm West Monroe Partners.
The lowest-hanging fruit would seem to be protecting customer information databases with biometric access control systems. Passwords, however complex aren’t enough protection against the huge data losses making the news lately.
This article discusses account-level (rather than database level) security and which type of biometric might work best.
Biometrics: the future of payments (New Zealand Herald)
“The adoption of biometrics is on an exponential curve and is largely as a result of the financial services and payments industry,” said Dunstone.
The core uses of biometric data to date have been largely confined to government agencies such as passports and visa application processing as well as in policing but the technology is now starting to be adopted in consumer level devices.
Fingerprint scanners most popular alternative to banking passwords (Computer Weekly)
The increasing use of mobile banking apps and the deluge of apps requiring passwords makes biometric security attractive.
The survey found that 52% of consumers would like banks to integrate fingerprint scanners into digital banking apps. This was the most popular followed by Iris scanners (33%), facial recognition (30%), electrocardiogram heartbeat monitors (29%) and voice verification (27%).
We’ve made the point before that reasonably strong passwords are even more inconvenient on mobile devices.
…as the article concludes, it’s not necessarily an either/or proposition.
Online financial services providers are looking forward to a future where they are less reliant on password technology for authenticating their customers’ identities on line and they seem to have very open minds re biometrics. But can biometrics supplant the password altogether?
PayPal wants to get rid of passwords in favor of biometric security (SlashGear)
However, he [ed. PayPal chief information security officer Michael Barrett] noted that passwords simply won’t go away after biometrics are introduced. It’ll certainly take a while before a new standard can completely take over, especially considering that passwords have been the standard for so many years. So while we could see smartphones with integrated fingerprint scanners, it could be a few years before a new security standard takes over full-time.
Biometrics can be used to overcome some of the limitations of passwords in use cases important to PayPal.
A biometric template is like a really long password your body makes — the example below uses 800 hexadecimal characters — in that sense biometrics allow for more complex passwords the user doesn’t have to remember or write down.
Nevertheless (and in agreement with the quoted article’s concluding paragraphs), rather than making passwords obsolete, biometrics will most probably be used to return the the password to the simplicity of the PIN era, ending the arms race that has required the use of longer, more complex, and more frequently changing passwords.
Real fingerprint template:
Can voice biometrics help banks restore consumer faith? (Finextra)
Voice Biometrics offers many advantages including the ones below:
- It removes the human operator from the authentication process
- It prevents the information obtained through data breaches from being used
- It removes the need for complex passwords and PINs
- When properly integrated, it can remove the need to duplicate the authentication process.
Voice is the ideal biometric modality for telephone call center ID.
Bulletproof Money Will Be a Thief’s Worst Nightmare—and Help Drive the Mobile Wave (Money Morning)
In the future, you’ll have all sorts of biometric security features that will protect your assets and your identity. All of them can both protect corporate assets and empower the individual.
Finally, these same features could also exist inside your PC or even in different rooms within your home to give you a total security package.
We’re not far from the day when ordinary folks will be able to defeat even the smartest hacker around, just by touching or looking into their phone’s screen.
And it’s all because the world is going mobile.
The article isn’t even mostly about biometrics, but as we readily acknowledge here all the time, biometrics are only ever a means to an end. What the article does provide is a coherent view of where future profits will come from for Apple and Google well supported with charts, graphs and other visual aids, which I love.
The key biometrics bit is here but the rest is very interesting as well.
How Android gets Google to $2000 by 2020 (Marketwatch)
The most exciting thing I see on the horizon isn’t the ad sales that will almost certainly materialize, but the network effects of a billion Android users and the ways Google can leverage that scale. If one billion people are on the same mobile OS and you know where they are precisely and they have a biometric scanner on their phone, do you really need Mastercard and Visa to take their 3% to verify the funds and identity? That’s why Google is working on Google Wallet. If one billion people are constantly sharing their location by virtue of having their phone switched on, could you sell them stuff based on where they are? That’s why Google is working on Google Offers. And if one billion people care more about the device than the network and will pick the service based on who has the cool new Android phone, couldn’t you launch your own data service? That’s Google Fiber.
This also seems to be of a piece with growing recognition among financial types that biometrics are going to have a role in how authentication works and add significant value to the process.
Court Rules Bank’s Security Procedures Were Not Commercially Reasonable (Day Pitney LLP)
In an important decision last week, the U.S. Court of Appeals for the First Circuit held, as a matter of law, that People’s United Bank’s online banking security procedures were not commercially reasonable, even though its selected authentication technology fully complied with the Federal Financial Institutions Examination Council (FFIEC) guidelines for Authentication in an Internet Banking Environment.
This case of PATCO CONSTRUCTION COMPANY, INC. v. PEOPLE’S UNITED BANK is a really big deal but a little outside the scope of what we usually deal with around here.
The gist is that with today’s decision, banks have more responsibility to shield their business customers from fraud. That responsibility, however, will entail a cost that will ultimately be borne by customers in higher fees — applied directly to this this case, wiring fees. But if not appealed and/or upheld, it means banks will be offering customers more security and charging higher prices, part of which will flow to security providers including biometric ID management providers.
A couple of good blog posts already exist out there to bring interested readers up to speed:
Technology & Marketing Law Blog: Bank ACH Fraud Victims Get Mixed Rulings (Venkat Balasubramani – June 18, 2011). This one covers the first round and mixed decisions in two different but related cases.
Thinking About Security: Decision on Appeal of Patco v. Ocean Bank (Bill Murray – July 11, 2012). This one covers more recent news.