Connect with us

Technology

In consumer biometrics we trust: Authentication for the data privacy age

Published

on

In consumer biometrics we trust: Authentication for the data privacy age

By Jonas Andersson, Head of Standardization at Fingerprints.

Data privacy is high on the global agenda. In the wake of data protection policies such as Europe’s GDPR, ensuring the integrity of personal data is an increasingly pertinent subject. This is a governmental and corporate policy reflection of the fact that our lives are moving increasingly online and, with it, our personal data is facing new and increased threats.

For all access to private data or services, we must be authenticated – this is the basis of privacy in the online world. But as PINs and passwords are increasingly viewed as insufficient to tackle this new reality, the world is looking to stronger authentication solutions, such as biometrics.

When implemented in the right way, biometrics will bring multiple benefits. It already enabled consumers to add layers of authentication to personal data previously unsecured in their owned devices – from apps and e-commerce, to our homes and devices. But its potential is phenomenal. Consumer-driven authentication via our phones and tablets is already today by far the largest application of biometrics in the world, with figures in the billions that dwarf government-led identification schemes such as India’s Aadhaar and the FBI database.

Crucially though, it’s a privacy and security measure that consumers have the power and choice to implement. And as third parties, such as financial services, healthcare and enterprise organizations, increasingly accept consumer biometrics authentication for their services, supporting the market’s continued adoption is an important and timely topic. But first, as biometrics creates its own sensitive personal data, there are a few points to clarify and discuss…

Consumers need confidence!

Jonas Andersson

Jonas Andersson

Undeniably, the success of existing applications of consumer biometrics is based on the advantages they offer consumers. Just look at the penetration and use of fingerprint biometrics in smartphones. But the success of future adoption will be determined by how confident consumers continue to feel in new situations. We’re frequently reminded not to use the same password or PIN multiple times, so it’s only natural consumers are beginning to feel concerned of their biometrics integrity as they start to utilize their fingerprint on multiple devices and apps: their phone, tablet, card, USB dongle…

In fact, consumer device authentication utilizes a ‘privacy by design’ approach that inherently protects end-user biometric data with an on-device authentication approach – where biometric data is enrolled, stored and managed all on the same device. The following principles have been fundamental to biometrics’ privacy protection in mobile and are what will enable new benefits for consumers in other personal device-based scenarios:

Translating images to templates

It’s a common misconception that biometric data, such as fingerprints, are stored as images. And in turn, if this image is accessed, the corresponding fingerprint is permanently compromised and unable to be restored or used securely on other applications. You’ll have heard the argument about biometrics: “I can change my password any time, but I only have ten fingerprints; what happens if they’re all hacked?”

In fact, data from a biometric sensor is captured and stored as a template in binary code – or encrypted 0s and 1s. This mathematical representation makes hacking basically pointless as, even if fraudsters could access the template, they can’t do anything with it. Template code cannot be reverse engineered into the original fingerprint image, nor can it be linked to other services and, in turn, other personal data. Moreover, this template is unique to the device it is on, making it impossible to re-use between devices, even if the same fingerprint has been enrolled!

The consumer is in control

This neatly leads on to my next point regarding storage. In consumer authentication use cases, information remains solely on the unique consumer device on which the template was created, remaining physically in control of the user.

Our recent consumer research found 38% were unwilling to share their biometric data but, with this approach, no data needs to be shared with third parties or cloud-based databases as everything is stored, and the authentication process is contained, within a single personal device.

Layers of security

Layering defense mechanisms is standard best practice for a range of security implementations – biometrics is no different. In addition to the transformation of biometric data into an irreversible template, these templates are also later encrypted and further protected by hardware and software both at rest and during the matching process.

The most successful example of a biometrics use case, the smartphone, utilizes the highly secure software isolation of Trusted Execution Environment (TEE) technology for storage and matching of biometric templates on device. The hardware on which it runs is intrinsically secured through its high degree of integration, complexity, miniaturization and specialization.

This approach is also championed by new use cases such as biometric payment cards. Here, the Secure Element (SE) – the chip technology that secures the financial data in your bank card – is utilized to store, process and match biometric information within the confines of the card. This treats biometric templates with the same security as the PIN and other financial data that is stored on our payment cards.

Removing the weakest link

Nothing is ‘un-hackable’, this is the reality of security. With enough time, money and effort, it’s possible to get into anything. A safe, a bank vault. However, attackers take the path of least resistance, and often it’s the end-user that is the ‘weakest link’ in the security chain when it comes to social engineering attacks.

End-users are vulnerable to attacks, such as phishing, where they can be tricked into giving away information such as a PIN or password. With consumer biometrics, the user only presents their biometrics to their personal device and can’t give anything away. This also removes the risks generated by mistakes or complacency, such as creating a password that’s easily guessed.

More authentication = more protection

Biometric authentication can protect a whole host of other sensitive personal data, far more quickly, conveniently and securely than was ever possible with PINs or passwords.

Today however, passwords and PINs remain the most used authentication methods outside of smartphones – something increasingly problematic. The friction created by asking users to create a new password has a significant impact on drop-out rates – especially as new ‘best practice’ guidelines recommend complex requirements such as including numbers, capitals, special characters and length. NIST’s digital identity guidelines outline the importance of usability challenges and stress, fundamentally, “positive user authentication experiences are integral to the success of an organization achieving desired business outcomes.”

6 out of 10 consumers feel they have too many PINs and passwords and worry about forgetting them. Unsurprisingly, 41% also admit to re-using the same PIN code or password across multiple sites, apps and devices. So, not only are PINs and passwords frustrating for consumers, they’re also becoming less secure.

Biometrics can be the authentication silver bullet as it combines security and a convenient UX, with leading fingerprint sensors authenticating in under a second. Its capacity to bring security to devices and processes previously either unsecured, poorly secured, or secured with a poor UX is phenomenal. Mobile is the perfect example of how it has been able to transform a device from being unsecured most of the time, to now only unlocked when in use. And now, just look at how your bank accepts your fingerprint authentication on your phone for access to your account.

With consumer biometrics, its quick and effortless to enroll onto new services and subscriptions. Consumers are happy to authenticate more frequently, because it’s so simple and the action is so intuitive. Plus, you cannot forget your fingerprint…

Consumer biometrics: on the agenda

It’s clear that biometrics is key to many organizations’ plans for privacy and security, but don’t just take our word for it. Many industry and government initiatives are moving quickly.

Europe’s GDPR highlighted biometrics as ‘sensitive personal data’ which clearly needs to be protected in the right way. Meanwhile, the benefits and integrity of consumer device biometric authentication were also recognized by Europe’s financial services directive, PSD2, citing biometrics as a trusted factor under its strong customer authentication (SCA) mandates.

Looking to industry bodies, FIDO Alliance is gaining significant traction in formalizing the quality and security of personal authentication with biometrics. Its work is complementing rising initiatives such as Self Sovereign Identity (SSI) models, whereby individuals or organizations are endeavoring to have sole ownership of digital identities and control how this personal data is shared and used. With an owned, FIDO-certified biometrics-secured device, users can add another authentication layer over stored digital identifiers.

For several years, we’ve also participated in industry body GlobalPlatform’s work to verify and standardize the quality of security protection on TEE. The biometric API extension defines security protections specifically around biometrics and is highly referenced in mobile implementations, and increasingly in new devices such as key fobs and home security devices too. With the dawn of the biometric payment card, we’re also supporting GlobalPlatform to define an SE specification for biometric cards.

The combination of government and industry engagement is setting the scene for so much more to be achieved with consumer authentication using biometrics. Undoubtedly, biometrics’ role in an increasingly data-conscious world has only just begun to take shape, and excitingly, it’s consumers who have the power at their fingertips – quite literally!

Technology

The case for AI technology adoption in financial back-office roles to improve efficiency

Published

on

The case for AI technology adoption in financial back-office roles to improve efficiency 1

By Tomas Gogar, AI CEO, Rossum

In this era, digital transformation isn’t anything new. Nonetheless, it can still cause a lot of confusion and resistance for some companies, many of which are often slow, unwilling or unable to implement the necessary changes to embrace technology. As a result, entire industries are barely scratching the surface when it comes to shifting to the digital world, and many, from the insurance industry to logistics and delivery are still catching up on the digital transformation.

The banking and financial sector have been notoriously slow in adapting to the online world. They paid the high price for it, giving way to a flurry of incredibly successful new disruptive players, built on cutting edge tech from the ground up. From Transferwise, Revolut or Venmo, to GoCardless, this new generation of fintech companies addressed consumers changing expectations in a way that traditional retails banks simply couldn’t.

To catch up, incumbent players have prioritised the user interfaces, giving the appearance of a digital offering, and oftentimes leaving the back end infrastructure untouched, and hence the processing power, accuracy and speed unaffected. Back-office functions, although they are essential to the smooth running of a business, have seen very little change and as a result,  too many people in these functions are still tied up typing information into spreadsheets and software forms – in fact, manual data entry is a prime example of how much resources the offline legacy wastes. Take Accounts Payable for example, invoice data entry in this sector is estimated to eat up roughly 100 human lives worth of time every single day.

Tomas Gogar

Tomas Gogar

With the significant increase in the number of employees working from home due to the global COVID-19 pandemic, the back-office challenges have suddenly come to light, and finally, companies that got away with minimal changes so far, are realising that they need a structural digital overhaul, and fast. We believe the solution to this is artificial intelligence backed software solutions.

Previous technology based solutions essentially did half the job, heavily depending on human fact checking. Consequently, these solutions were actually quite cumbersome and time consuming and costly to implement and maintain, and offered only incremental improvements. Now with AI, automises data processing completely removing the need for human fact checking (and human error!). Additionally, deployment is massively simplified with an average setup time of one week, compared to about 6 months for previous technologies.   AI solutions are also highly adaptable to new formats and scenarios, allowing businesses to test them in say one department and to quickly roll out a single unified solution across all functions of the business.   Data can be extracted from any invoice layout with no template or rule set-up, saving significant and effort. Rather than trying to change and standardise a highly fragmented environment (there are about as many invoice formats as there are businesses), AI can work with it, and optimise the overall process and offer a unified answer to a fragmented ecosystem.

Taking Accounts Payable as an example again, this is a sector that has relied by and large on Optical Character Recognition (OCR) software solutions in an attempt to remove some of the manual labour involved in reading processing and filing invoices. Although OCR did improve the processes to a certain degree, ultimately these types of solutions still required a long and expensive set up processes and a lot of manual labour to actually capture the data accurately with templates and manual data entry. Now, with AI software, like the one we have created, this is a solution that makes data extraction simple and easy, saving time and man power, as well as building on existing infrastructure. It has the ability to transform this industry.

In conclusion, for a sector that has been slow to adopt digital change, AI is THE technology answer that is finally fixing the invisible pain points that businesses had simply accepted as unremovable. AI applied in this way offers a viable way forward and businesses that were notoriously slow and resistant to embrace the digital transition, incentivised to make a change, may actually end up at the head of the pack. Skipping ‘older tech’ and jumping straight into AI solutions, the best scenario available by far, is indeed the smartest, fastest and most cost effective way to transition into the digital world.

Continue Reading

Technology

InsurTech is helping to drive the digital evolution of the UK motor retail industry

Published

on

InsurTech is helping to drive the digital evolution of the UK motor retail industry 2

By Alan Inskip, Tempcover CEO & Founder

If the last nine months have made anything clear, it is that the pandemic has fundamentally changed both buying and driving habits for UK motorists. The latest Tempcover research has revealed that online-only used car sales had increased fifteen-fold during the pandemic among 2,000 survey respondents.

Before lockdown, just 4% of used car sales were fully-digital. The vast majority of those surveyed opted for either a physical purchase (50%) or a digitally-assisted purchase (45%), relying on a combination of digital tools and an in person viewing or road test before buying.

While car sales overall are down on last year’s figures*, one in six (17%) of those surveyed had bought a used car during lockdown, with two thirds (64%) relying on a fully-digital purchase journey. Digitally-assisted purchases counted for one in five (20%) used car sales, while in person sales fell to just 15% – no surprise considering the ongoing social distancing measures.

And when it comes to arranging insurance for their recently-purchased vehicle, our survey participants displayed an equal balance between telephone and online as the preferred method (48% each). Nearly a third of those (28%) said they wait up to ten minutes for their policy to be confirmed, and a further 22% wait as long as 20 minutes to get cover.

The switch to digital insurance, driven by InsurTech

In the midst of rapid and significant market changes, many traditional insurers have lacked the agility and flexibility to adapt accordingly. InsurTech can provide immense value in bridging that gap, as the digital solutions are entirely scalable, with the flexibility to substantially increase in size and across multiple geographies, with minimal disruption.

Alan Inskip

Alan Inskip

The ongoing decline of physical transactions in the motor retail industry is a perfect example of how InsurTech is adding value. Several national blue-chip dealerships, with both physical and digital showroom floors, are already streamlining their online purchase process by offering temporary driveaway insurance policies to cover the vehicle for a fixed-term, usually between five to seven days, as part of the purchase journey.

The entirely online one-step user experience is the first of its kind in the traditionally outdated and inflexible driveaway insurance industry and it is dramatically simplifying the process of how insurance is purchased and consumed. Due to the flexibility and agility of the digital solution, each retailer has its own unique URL, where the customer can obtain a simple single-cost policy in just 90 seconds through an entirely digital process, which fits in line with the evolving consumer purchase trends.

For the dealers, this technology means more efficient stock clearance times and greater profitability. For the buyers, it takes the stress out of searching for annual insurance on the spot, and provides the driver with near instant cover so that they can immediately drive their new car, while giving them the opportunity to thoroughly research the best annual policy to suit their needs. An added benefit is there’s no risk to any existing No Claims Discount, as it’s a separate and standalone policy.

While there is a chance these trends will reverse to some extent post pandemic, it is clear that the consumer appetite for digital purchase and consumption is here to stay, and InsurTech will continue to lead the way in making motor insurance more easily-accessible across digital platforms, while offering consumers the best value for money.

* https://www.thisismoney.co.uk/money/cars/article-8615851/Used-car-sales-halved-lockdown-brakes-1m-motor-transactions.html

Continue Reading

Technology

Five ways enterprises are using the public cloud

Published

on

Five ways enterprises are using the public cloud 3

By Michael Chalmers, MD EMEA at Contino

The public cloud is the most significant enabler in a generation. It’s causing a massive shift in how businesses are operating and tearing apart previous business models.

Amid challenging economic times, it’s inevitable that spending within IT is dropping. However, the cloud is the only segment that is still growing. The public cloud is increasingly becoming a central element of enterprise IT.

Contino asked 250 IT decision-makers at enterprise companies across Europe, USA and APAC within companies of over 5,000 employees about their views on the state of the public cloud within their organisation at the beginning of 2020.  Nearly all of them (99%) saw a significant technical benefit compared with on-premises.

Here are some other ways public cloud is being used by enterprises:

  1. Widely, albeit not yet business wide.

A whopping 77% of enterprises are using the public cloud in some capacity. Overall, 50% of businesses are utilising a hybrid cloud, 22% single private cloud, 20% multi-cloud, 7% single public cloud and only 1% are using only on-premises.

But only 13% of businesses have a fully-fledged public cloud program. The largest set of respondents (42%) have multiple apps/projects deployed in the cloud. 24% were still working on initial proofs-of-concept, and 18% were in the planning stages.

83% of respondents said they want to grow their cloud program. Almost half (48%) do wish to grow, but with caution, while 36% want to move as quickly as possible.

Only 4% plan to revert to on-premises but are in no rush to do so.

  1. To enhance security and compliance versus on-premises, although these are still also seen as barriers to adoption.

A massive 64% of respondents stated they find this more secure than on-premises, and only 7% see it to be less secure. 72% found it easier to stay compliant with business data in the cloud versus only 4% who found it harder.  However, 48% cited that their biggest barrier for not using the cloud was security, and 37% stated the need to remain compliant was the most prevalent blocker.

Other challenges also posed a barrier: a lack of skills, the cost to purchase and cloud-native operating models not working with existing investments made up 29-32% of responses.

19% stated that lack of leadership buy-in is the biggest barrier, reflecting that a significant number of IT departments have a need for this solution but have not been provided with the support to do so. However, relatively speaking, this was one of the least-cited barriers.

  1. For improved efficiency, scalability and agility, but vendor lock-in is still a major concern.

The top three cited technical benefits of public cloud were better efficiency, agility and scalability versus on-premises. However, 63% of IT professionals were ‘somewhat’ or ‘very much’ afraid of the commitment that can come with investing in the cloud. This is another major barrier that is preventing businesses from ​migrating to the cloud.

Only 23% are not afraid of being locked in and a meagre 5% have no fear at all. However, the fact that 77% of businesses are using the cloud shows any risk of being locked in is outweighed by the benefits of the cloud.

  1. To align IT with the business.

This is by far the most cited business benefit of the public cloud. 100% of those surveyed witnessed varied business benefits versus on-premises. Other major benefits include the ability to focus on new revenues (43%), accelerated time-to-market (43%), and increased ROI (40%).

  1. To accelerate innovation and increases cost-effectiveness.

Innovating in the cloud was quicker for 81% of respondents. What’s more, not one person surveyed said the cloud slowed down their innovation. 79% have saved money with the cloud and only 5% have found it more of an expense than on-premises.

Continue Reading
Editorial & Advertiser disclosureOur website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.

Call For Entries

Global Banking and Finance Review Awards Nominations 2020
2020 Global Banking & Finance Awards now open. Click Here

Latest Articles

Beyond Transactions: The Payment Revolution 4 Beyond Transactions: The Payment Revolution 5
Finance15 hours ago

Beyond Transactions: The Payment Revolution

By Marwan Forzley, CEO of Veem  The uninterrupted disruption brought on by the pandemic accelerated the need for robust, digital-first...

The UK’s hidden payments crisis: why businesses should rethink their payments strategy 6 The UK’s hidden payments crisis: why businesses should rethink their payments strategy 7
Finance15 hours ago

The UK’s hidden payments crisis: why businesses should rethink their payments strategy

By Edwin Abl, Chief Marketing Officer at Modulr. As the economic conditions imposed by the Coronavirus endure, businesses are facing a...

Investing into a more sustainable future: changing businesses from the inside out 8 Investing into a more sustainable future: changing businesses from the inside out 9
Top Stories16 hours ago

Investing into a more sustainable future: changing businesses from the inside out

By Shawn Welch, Vice President and General Manager of Hi-Cone Worldwide As industries across the world are facing unprecedented uncertainty...

Securing Information Throughout the Supply Chain – Preventing Supplier Vulnerabilities  10 Securing Information Throughout the Supply Chain – Preventing Supplier Vulnerabilities  11
Top Stories16 hours ago

Securing Information Throughout the Supply Chain – Preventing Supplier Vulnerabilities 

By Adam Strange, Data Classification Specialist, HelpSystems  The financial services sector is experiencing extreme disruption coupled with rapid innovation as...

RegTech 2020: The rise of Open Banking 12 RegTech 2020: The rise of Open Banking 13
Banking18 hours ago

RegTech 2020: The rise of Open Banking

This month on the RegTech 20:20 podcast, host Alex Ford is joined by industry experts Gavin Littlejohn, Chairman of The...

The case for AI technology adoption in financial back-office roles to improve efficiency 14 The case for AI technology adoption in financial back-office roles to improve efficiency 15
Technology19 hours ago

The case for AI technology adoption in financial back-office roles to improve efficiency

By Tomas Gogar, AI CEO, Rossum In this era, digital transformation isn’t anything new. Nonetheless, it can still cause a...

Gain financial regulation qualification online 16 Gain financial regulation qualification online 17
Finance20 hours ago

Gain financial regulation qualification online

Gain financial regulation qualification online   Warwick Business School in partnership with the Bank of England are delighted to offer...

COVID-19: Dealing with fraudulent applications for the Bounce Back Loan Scheme 19 COVID-19: Dealing with fraudulent applications for the Bounce Back Loan Scheme 20
Finance24 hours ago

COVID-19: Dealing with fraudulent applications for the Bounce Back Loan Scheme

By Ed Lloyd, EVP Global Head of Sales, Encompass The COVID-19 pandemic is still having a devastating impact on businesses...

EU Commission sets out new intellectual property action plan affecting SEPs, patent pooling and EU design protection 21 EU Commission sets out new intellectual property action plan affecting SEPs, patent pooling and EU design protection 22
Business1 day ago

EU Commission sets out new intellectual property action plan affecting SEPs, patent pooling and EU design protection

By Andrew White, Partner and UK & European patent attorney at intellectual property firm, Mathys & Squire The EU Commission...

InsurTech is helping to drive the digital evolution of the UK motor retail industry 23 InsurTech is helping to drive the digital evolution of the UK motor retail industry 24
Technology1 day ago

InsurTech is helping to drive the digital evolution of the UK motor retail industry

By Alan Inskip, Tempcover CEO & Founder If the last nine months have made anything clear, it is that the...

Newsletters with Secrets & Analysis. Subscribe Now