Grant Crow, CEO, Smilepass
Fraud of all kinds, particularly social engineering, is increasing rapidly and it is high time financial institutions of all stripes adopt biometric security measures to ward off the lurking dangers.
Fraudsters are extremely innovative and many financial institutions are lagging behind the technological capabilities available to secure and tighten their systems.
There are some alarming figures to back up this claim. In the US in 2017, for example, 16.7 million consumers fell victim to identity fraud, representing an 8% rise on the previous year and collective losses of $16.8 billion.
Indeed, the figure is an uncomfortable insight for anyone in the modern world, but perhaps more so for the financial institutions who often bear the burden of costs and reputational damage.
So what will it take for banks — not reputed for their ability to innovate fast — to get on top of the problem and how can they go about it? After all, a catastrophic hack could damage a bank’s public image for a generation, and it wouldn’t be surprising if we see something like this in 2018.
It’s all very well to focus on educating customers — in things such as password safety and scam awareness — and it is always a positive step, but ultimately it will not be enough to halt the hackers who want to cause damage.
The solutions, however, are quite clear. The route to better security lies in biometric authentication technologies, such as face-scanning, fingerprinting, voice printing, iris scanning and other forms of biometric readings — even heart rhythms — that can safely verify customers. One idea is to create a single biometric profile for each customer that can be shared internally within an organisation. Mastercard stated recently that offering biometrics also creates trust with their customers.
However, even biometric authentication can be spoofed, so one mode such as face alone will not be enough. For air-tight (as tight as it can be at this stage) verification, the use of multi-modal biometrics, such as a face scan and a fingerprint reading combined is what financial institutes will need to adopt if they truly care about cutting costs and protecting customers.
Hackers will be hard-pushed to spoof multiple forms of biometric readings and it would seriously improve most current systems and help to thwart hackers with bad intentions.
To safeguard themselves and their customers, financial services must begin their biometric journey sooner rather than later.
As financial institutions begin to standardise security along the lines of biometrics, customer satisfaction must also be given priority. For example, the process of customers registering their biometric identity should take no longer than 5 minutes. People nowadays value ease and it would go a long way.
Essentially, strong identity authentication always takes place at registration point by validating relevant documents such as passports, drivers licenses and/or utility bills.
Once the secure biometric profiles are created, financial service administrators can use them to authenticate any future transactions in the customer lifecycle, such as a change of address or anything deemed a risky process. Validation can then be done — literally — at the flash of a face.
Banks will save millions in back-end checking and verification and customers will experience far less friction than the current processes which are evidently not fit-for-purpose. It’s a no-brainer.
Research suggests 75% of millennials are comfortable using biometrics today, whereas less than half are comfortable using complex passwords — so now is an ideal time for organisations to implement such measures.
Anything less, in a time when technology offers fool-proof solutions, will only leave customers vulnerable and organisations weak. Which in 2018, there is no excuse for, when biometric authentication has the answers.