Published by Jessica Weisman-Pitts
Posted on August 31, 2022
7 min readLast updated: February 4, 2026
Add as preferred source on Google
By Sarah Rutherford, Senior Director Portfolio Marketing, Global, Fraud and Compliance, FICO on the need to bring biometric data together to carry out fraud checks
In the last few years, there has been a steady rise in banks requesting data from consumers. What began as passwords, addresses, and phone numbers turned to fingerprints, iris scans, and behavioral biometrics. For the average customer, banks will have a data-rich understanding of their finances and how they are accessed. But that presents a huge problem as banking security should not be built on averages.
Banks have good reason for requesting all this information. A total of over £730m was stolen through Unauthorized fraud last year. Principally, where a fraudster takes over an account and transfers money or uses stolen card details to make purchases.
At the heart of prevention is ensuring that the person using the card or payment mechanism is the legitimate account holder. For that fraud teams will routinely ask if they have the right amount of data, including biometrics, to do the job. Too little and they frustrate customers who can’t be verified and too much and the bank has to deal with an excessive amount of personal data they must keep secure. They should really question how they make use of the solutions they have to ensure the correct decisions are made. This elevates financial security above and beyond biometrics and single point solutions, which can miss the bigger picture.
Collecting consumer data, biometrics for example, is a necessary step in financial security but by no means the end of the journey. Cycling consumers through checks can cause friction in the process and there’s always a danger this will turn them away. With regulation such as PSD2, and industry moves such as the drive for 3D Secure 2, decisions about the frequency and to a certain extent the methods of authentication have been taken out of the hands of the banks and card issuers. This provides a challenge and an opportunity. Clearly there is much work to do to get it right and ensure that your bank isn’t the one people are choosing to abandon.
Getting personal
This is all tied into personalization and providing the customer with the right level of friction. For example, if banks know from the data they have about a customer that they are likely to be who they say they are, why would you put unnecessary barriers in their way? Similarly, why would you automatically invoke a biometric that costs money on every single customer when it’s not always needed?
These questions are important to answer and must be followed by further consideration of a customer’s preferences. Do they want a one-time passcode sent through text, WhatsApp or pushed to the app on their phone? Are they even able to provide biometric data? Not everyone has a fingerprint.
There are also actions happening in the background in terms of how many obstacles banks put in the way of someone. Consumers might not even know there is a personalization process happening behind the scenes. A completely frictionless journey would unsettle the consumer and provoke them to consider whether their account is secure when it takes such little effort for them to use it.
What does the data say?
FICO’s latest survey of 1,000 UK consumers into preferences around fraud shows a need for banks to strike a balance between identity checks and a smooth customer journey. It will not take much disruption for consumers to switch providers, with 35 percent saying they would do so if a legitimate online transaction was blocked three or four times.
One of the biggest irritations UK consumers have with banking security is when they are cycled through different forms of authentication, with 21 percent stating this as a concern. Consumers are also irritated when their cards are blocked for legitimate purchases (19 percent); when they never receive messages about fraud and have to call the bank to resolve an issue (7 percent); or when their time is wasted by delayed fraud messages (8 percent).
Banks walk a tightrope to protect consumers’ funds but also keep them engaged with the security checks that take place along the customer journey. To mitigate any losses on either side, banks must ensure their fraud systems are up to speed and reduce false positives, so they don’t delay a legitimate consumer’s purchase. Consumers expect instant results when purchasing and safety measures must be streamlined, direct, and effective.
The key message is, it’s not one size fits all. Not everyone is comfortable with biometrics and not everyone is happy with using WhatsApp for one-time codes. This is a nuanced, complicated scenario and to simply feed everyone through the same process will turn away customers, potentially give worse results and probably cost more in the long run.
The answer is an overarching system that orchestrates the use of customer identity verification be that biometric, behavioral, knowledge- based or possession factors. Deploying the correct checks to the account and transaction and creating the right level of friction in the journey. These systems will not only help with approaches to customers with different preferences, but also provide banks with a means of switching providers if they need to. With all their biometric solutions organized under one system, banks could swap one for another without losing out on a crucial piece of data.
Orchestrating the data
Banks have a long list of possibilities for carrying out identity checks. They can ask for fingerprints, facial scans, passwords, and PIN numbers but how should they go about these checks? What are the parameters that govern their approach and how are they implemented?
Biometric data refers to unique physical characteristics, such as fingerprints or facial recognition, used to identify individuals for security purposes.
Fraud prevention involves measures and processes implemented by banks and financial institutions to detect and prevent fraudulent activities.
Identity verification is the process of confirming an individual's identity using various methods, including biometric data, documents, or knowledge-based questions.
Customer friction refers to obstacles or challenges that customers face during their interactions with a service, which can lead to dissatisfaction or abandonment.
PSD2, or the Payment Services Directive 2, is a European regulation aimed at improving payment services and enhancing consumer protection in the financial sector.
Explore more articles in the Technology category
