Massive Data Breaches: How Biometric Authentication is the Future | GBAF

Massive Data Breaches: How Biometric Authentication is the Future | GBAF

Editorial & Advertiser disclosure

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Home > Technology > Overcoming Customers’ Fears of Technological Change for a Better and More Secure User Experience

Overcoming Customers’ Fears of Technological Change for a Better and More Secure User Experience

Published by Gbaf News

Posted on September 11, 2019

5 min read

Last updated: January 21, 2026

Visual representation of technological change and cybersecurity concerns in banking - Global Banking & Finance Review — An illustration symbolizing the intersection of technology and security in banking, highlighting user concerns over data breaches and the need for robust authentication methods.

Recent data breaches at Flipboard and Evite are shocking in magnitude and yet should come as no surprise. Both involve hackers stealing vast stores of account data including usernames, email addresses and, of course, users’ passwords. The latter hacking attack culminated in perhaps the most sinister invitation that Evite has ever been associated with: one to purchase the records of ten million Evite users on the dark web. In response to the breaches, each company has naturally prompted its users to reset their passwords.

Alexey Khitrov

Alexey Khitrov

The fact that hacks such as these have become routine points to a deeper issue: trust in the simple password is woefully misplaced. Roughly 8.2M passwords are stolen every day – or approximately 95 passwords every second. Companies have long recognized the weakness of password-based systems; 81% of hacking-related breaches are due to stolen and/or weak passwords and many large organizations spend up to $1M annually just in password-reset support.

Personal authentication systems can function by verifying one of three different types of credentials. The first includes things users “know”: a password, as well as password reset clues such as our pet’s name, our first elementary school, where we got married, etc. The second includes things we “have”, such as a separate email account, or a mobile phone to receive a code for two-factor authentication. The problem is that enterprising criminals consistently find ways to obtain the data we “know”, whether by hacks, simple-to-guess passwords, or security question answers that can be found through online research. More concerning is that these criminals can access the data that we “have” through spoofing mobile numbers or phished email accounts. The most secure and hardest-to-spoof authentication requires a third kind of data: that which we “are.” Far from just a fingerprint or facial scan, biometric authentication can identify people through unique factors including their voice, the way they type, how they walk, or even how their eyes move.

However, users are wary about new security measures. A recent Paysafe report found that over 80% of consumers favor passwords over biometrics due to security concerns and that 66% worry about being able to pay for goods or services without being asked for a password. Irrationally, 56% of consumers worry that shifting to biometrics to authenticate online payments will lead to large increases in identity fraud.

Overcoming these fears and misconceptions for users should be a consideration for any organization as biometrics offer two key benefits for any fintech customer.

1) Identification and account access is simpler. Whereas passwords place the responsibility for security on the users – and can be tremendously frustrating when forgotten – biometrics remove that responsibility entirely. Analyzing a fingerprint, face, or voice is fast and easy, and doesn’t require a sophisticated password management system or an extraordinary memory. Some biometric systems are so unobtrusive as to be entirely imperceptible, and can verify a user’s identity passively as soon as a user begins interacting with an application. This shifts the responsibility and effort of authentication from the user to the technology. In this case, the best user experience is no user experience, and the strong incentive of seamless access stands to lead to increased demand for, and adoption of, biometrics.

2) Account security can be stronger. Contrary to some users’ concerns, tying authentication to one’s unique biology makes unauthorized access extremely difficult for attackers, since attempts to impersonate users can be flagged and stopped immediately. Biometrics can authenticate continuously – if someone leaves a public computer while logged in or loses a cell phone with no screen lock, biometrics can determine that the authorized user is no longer present and deny access instantly, in real-time. Biometrics can also detect if a bad actor is attempting to fool the system using a voice recording, a high-resolution image or video, or synthesized speech. Whereas a stolen cell phone can give fraudsters access to an account and allow them to receive the text message or email confirmation of a two-factor authentication system, biometrics protect users even when devices have been compromised. And combining biometric modalities – like confirming a face while simultaneously analyzing a user’s swiping behavior or voice, offers heightened security far beyond what passwords and security questions can offer. Given the profoundly negative experience when security measures fail, biometrics will earn its rightful reputation as a superior security strategy and win over users as the technology becomes more commonplace.

Indeed, there is increased user exposure to, and familiarity with biometrics. One driver is governmental regulation mandating stronger data security measures like Europe’sRevised Payment Service Directive (PSD2) and its requirement of Strong Customer Authentication (SCA) for ecommerce and mobile commerce. Under it, European businesses and organizations will have to integrate authentication that includes two of the three following types: something the user “knows” (such as a password), “has” (such as a device), or “is” (such as biometrics). As regulatory pressure leads businesses to strongly consider biometrics, companies leveraging this trend will benefit from consumers regularly encountering and engaging with the convenience and ease of biometric systems.

Just as consumers were once reluctant to adapt to ecommerce, only to embrace it once realizing the convenience and improvements it brought, biometric security is undergoing a similar evolution. There are positive signs in this regard. PaySafe’s research found mobile commerce – especially among the younger set – to be a major driver of biometrics adoption, with 69% of 18-to-24-year-olds using biometrics for online payments compared to just over 10% of those over 65. As young adults and digital natives embrace biometrics as part of their online habits, they’re simultaneously shaping a future in which personal data is far more secure.

Alexey Khitrov is president and CEO at ID R&D, a biometric solutions provider offering proprietary AI-based behavioral, voice, and anti-spoofing user authentication capabilities.