Exciting articles several times a month
26 July 2016
Financial and personal data security is one of the most important concerns in the FinTech industry. For years, passwords have been the most common means of authentication, but now they often fail to prevent fraud and identity theft – using special hacking and phishing apps, it can take minutes to break them through. And, it’s difficult for users to keep track of dozens of passwords for different websites and applications.
Taking into consideration the increasing level of data breaches, the financial industry invests millions of dollars in security and alternative methods of authentication based on biometrics. For example, USAA offers its mobile app users to verify their identity using Touch ID sign in, voice recognition, and facial recognition. According to the company, over 100,000 USAA members opted for the new password-free system in the first few weeks after its launch.
When Apple offered its innovative iPhone 5S featuring a fingerprint reading sensor, they started a new biometric authentication era. With Touch ID, users can securely log on to their accounts with just a finger on the Home button. Following the success of the new technique, many other payment systems including Samsung Pay and Android Pay have introduced similar fingerprint authentication methods to confirm payments.
Fingerprint recognition is the most popular biometric solution today. Such financial giants as Bank of America, PNC, JPMorgan Chase, and Wells Fargo offer their customers to use their fingerprint to access their mobile bank accounts. CardFlight and Credit Union have also integrated fingerprint authentication technologies into their mobile apps – and many more companies will follow. However, this solution is not ideal – fingerprints can be faked or obtained by physical force, so biometric researches are going on.
The iris (eye) recognition feature is the next big thing in biometrics. Similar to fingerprints, our eyes are unique – even the left and right eyes of the same person have different iris textures. Originally used for transport security control and datacenter access control, this new biometric solution is slowly entering the financial market. For example, Wells Fargo allows some large corporate customers to log into their accounts using eye scans.
Iris recognition involves taking a photo of your eye – and now there are devices supporting the iris scanning capability. Microsoft has launched the Lumia 950 and Lumia 950 XL smartphones offering to read the pattern of your iris. Japanese phone maker Fujitsu and wireless carrier NTT DoCoMo offer ARROWS NX F-04G, a smartphone equipped with an iris scanner to unlock your phone or authorize mobile payments. It seems that Apple is also interested in iris recognition – they have recently hired many medical sensor field specialists.
Like taking selfies? Now you can use your face as a password to log into your account. The face recognition system is simple to adopt and use – just activate the front facing camera of your smartphone and then blink to prove that you are not showing a still image. The software will record several facial images via a video stream and then compare them against its database to prevent unauthorized access.
Based on nodal points, the facial recognition technology is becoming more and more popular among large financial institutions as well as new promising startups. OneVisage is developing 3DAuth Facial SDK that allows integrating 3D facial authentication into payment and banking apps, RealFace and IsItYou are working on mobile face authentication software for iOS and Android.
Facial recognition is also used by USAA to verifying their customers’ IDs. Alibaba.com is testing Smile to Pay, a new facial recognition system that they are going to apply for all Alipay Wallet transactions. Another large company interested in this security solution is MasterCard, they are working on a new payment system that will accept selfies as an alternative method of authentication.
If taking a selfie is inconvenient in your circumstances, you can submit your voice print to prove that it’s really you on the other end of the smartphone. The voice biometric system will analyze your unique voice characteristics (pitch, frequency, intensity, rhythm, etc.) and match your sent voice pattern with the voice print stored in its database.
Citigroup has already launched a voice recognition system for its consumer banking customers in Asia Pacific. You can also sign in with your voice pattern at online money-transfer service WireCash. SayPay offers the “voice-token” technology to confirm payments – you just need to say a unique one-time use SayPay code for validation.
Wordcore uses the VOICEKEY biometrics authentication engine to protect their users’ accounts from unauthorized use. First, you need to submit a voiceprint by saying a custom phrase featuring from 10 to12 syllables to provide data for future voice authentication. Then you can log into your account or authorize transactions by saying the approved passphrase to verify your identity.
Another form of biometric authentication is heartbeat recognition. Your heartbeat, or in other words your electrocardiogram (ECG) wave, is unique and doesn’t change even if you have run 5 km or are worried. Plus, ECG scanning doesn’t require any bulky devices to unlock a smartphone or confirm a financial transaction – just a small heart monitor on your wrist.
The Royal Bank of Canada and MasterCard are planning to incorporate heartbeat recognition as an additional layer of security for their digital financial services. They have invested in the development of Bionym’s Nymi ECG authentication wristbands that check the cardiac rhythm of the person who wears them to identify his/her ID. The sensors can also detect whether the authenticated person is still wearing the wristband – if someone else steals it and puts it on, it will stop working. Halifax has also tested the heartbeat recognition technology for its banking app.
Biometric authentication methods are rapidly incorporated into the financial sector and we will see the results in the next few years. With a rapid growth of smartphone capabilities, your fingerprints or voice pattern can replace static passwords for thousands of financial applications. The future is closer than you might think – if your payment service hasn’t already offered you two-factor authentication to keep your account safe and sound, it may soon adopt biometrics!
Exciting articles several times a month