Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .


Banks can do better than biometric authentication alone

Banks can do better than biometric authentication alone

By Allen Storey – Chief Product Officer, Intercede 

With US regulators questioning its efficacy, and regular reports that everything from photos to siblings can unlock mobile devices via facial recognition, businesses should be looking at stronger methods of authenticating access to their systems and managing credentials of their employees.

Speaking earlier this year at a trade event in Brussels, Alphabet CEO Sundar Pichai added yet another senior voice to the calls for a moratorium on the use of facial recognition, noting the technology is “fraught with risks”. While this focused mainly on the ability for rogue organisations or authoritarian governments to use biometrics for nefarious purposes, the technology is often unreliable, and the platform security is lacking.

Despite these concerns, many of our institutions are still using older, less secure technologies to determine who can and can’t access their premises and networks. As technology advances, so too do the attempts to undermine it. Security technology continues to improve, but hacker’s ability to work around it does too. It is therefore incredibly important for organisations to continuously re-evaluate their systems, updating them regularly to maintain the necessary protections for their data.

While in previous years’ stronger authentication methods such as Public Key Infrastructure (PKI)-based credentialing was expensive and difficult to deploy in all but the biggest organisations with the largest budgets, recent innovation has made this technology much more accessible.

For financial services organisations, and in particular retail banks, who hold confidential details of people’s finances as well as other personally identifiable information, the ability to hold and use this information without it being shared further or compromised is an inherent part of the service provided to customers.

Within the bank there will be those who require access to certain data sets and those that don’t. For instance, a mortgage adviser would need a detailed picture of an applicant’s finances over a longer time period than most, whereas a customer service representative might only require knowledge of a customer’s account name and number to pass them on to another department or colleague. To manage who can and cannot access certain records most banks will use an Identity and Access Management (IDAM) or Privileged Access Management (PAM) system. While these systems can determine which users have the necessary clearance to access different data sets, they often require another, separate system to authenticate that the person logging in to that user account is the person it has been assigned to. This is where strong employee credentials, that are both unique and bound to them, come in. The combination of these two systems allow banking institutions can ensure they are able to deliver services efficiently while managing customer data securely.

Moving to credentials management systems that enable strong methods of Multi-Factor Authentication (MFA) to verify identity is easier and cheaper than it has ever been. It’s time that the institutions we trust the most roll out up-to-date security measures to protect some of our most personal data.

PKI-based credentialing can be executed today with relatively cost-effective USB tokens such as the YubiKey or even a smartphone app – binding a key to a user identity, and supporting existing security technologies within the business, such as PIN, fingerprint, or facial recognition. This additional step, matching something an employee has (the credentialed device) with something they know (a PIN) and/or something they are (biometric) allows the organisation to be confident that only those authorised to access a network/location are doing so. Much more so that any of the individual technologies in isolation.

With the improvement of end user technologies, such as smartphones and USB tokens, and pre-installed tech like Microsoft’s Windows Hello for Business, crypto-level protection has become far more accessible for organisations of all sizes. Now, with PKI-based credentials management systems, identity can be verified by a wide range of systems, as the public key is contained in the certificate and PKI easily integrates into Microsoft environments using built-in Windows security features.

Without credential management software, managing smartcards and USB tokens at volumes of anything above 500 employees becomes complex and hugely time consuming for IT teams. For retail banks, with hundreds, if not thousands of front-line staff, this would have been an issue. However, new systems that pair a convenient user experience for the employee with a unified central console that allows for the full lifecycle management of credentials for re-issuance, revocation, unlocking, renewing, removing and updating make the prospect of PKI-based identity and access management at scale commercially viable.

This new ability to remove the complexities of managing PKI credentials makes the strongest form of user authentication so much more accessible for enterprises who don’t want to compromise on data security. Whether financial institutions want to issue staff with physical USB tokens or use an app that can be downloaded on to personal smartphones – there are a wide variety of ways they can provide the kind of security customers expect of those they trust to manage their money.

Whether it’s to provide secure network logon, access to customers’ financial data, or even entry in to secure parts of the bank branch which contain physical cash, these newly available solutions make it easy for enterprises of any size and structure to step up to the most secure method of multi-factor authentication across their workforce.

Global Banking & Finance Review


Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!

By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post