Innovations in sensors, processing and secure storage have brought biometrics into everyday life. People are already embracing biometrics for tasks like fingerprint recognition to unlock mobile devices from phones to laptops – and even to open particular apps. It’s likely that within the next few years we’ll see even more types of biometric become cheap, reliable and secure enough to become mainstream. This is quite understandable as the fear from both businesses and individuals of falling victim to ID fraud or financial theft have become acute. This year the ONS even included cybercrime and fraud in their annual crime survey for the first time, demonstrating the seriousness and rising awareness of the problem.
Biometric identification has the potential to add a very secure layer and boost current security processes, but far more importantly for widespread adoption is that banks get that seamless user experience right. It’s no use having a great security barrier that real customers don’t feel comfortable using, or get false positives blocking access when they really need to access their money.
Biometrics is all about people
The good news for the banking industry is that biometrics like fingerprints or voice – unlike passwords and log-ins – are ‘us’. They are difficult to fake or recreate and don’t require any special effort to remember. However, it would be wrong to say that biometric technology should be just adopted in place of passwords and other security measures, because the best way to stop thieves and fraudsters is to make them face a number of different barriers. It’s not only one wall that keeps out a criminal – it’s a variety of traps and obstacles that they are unlikely to have every key or answer to that really reduces the risk to users.
Experian’s research of over 2000 nationally-representative people showed that 76 per cent of the population agree that biometrics is the future of identity verification. Despite this acceptance, firms should note that only one in twenty (5 per cent) of this sample say they’d be happy using voice recognition technology to unlock their online accounts…
So it seems that despite voice recognition having been around for over 20 years in different forms, there could be a long-term resistance to the technology. Perhaps it still doesn’t ‘feel’ as secure as the ‘ritual’ of typing in passwords, counting characters from memorable information, and calculating on fingers to find the right numbers in customer IDs and PINs.
Identity and access cat and mouse
Criminals will always go for low hanging fruit first. This means cybercriminals will certainly go for those smaller number of financial firms without the advanced security and access technology investments. It’s not alarmist to state that the fewer the layers of security, the more vulnerable to theft those systems are.
Experian’s own research went into more detail around the biometrics that the UK could get on board with. Fingerprint scanning is the biometric identification most UK adults are most comfortable with, as 40 per cent said that they would be happy relying on it to access online accounts. Yet less than one in five (19 per cent) of people were willing to have their ID verified by retina scanning – related to a squeamishness around messing around with eyeballs, perhaps? And less than one in ten (9 per cent) would be comfortable with camera facial recognition as the main form of identification verification.
Making it matter
It’s crucial that any solutions don’t just help banking customers stay secure – they must also be inclusive so no users get left behind. Not all users want to live a high tech world. And what happens when people lose their devices? Are they barred from accessing their cash or will biometrics let them move through verification on premises, faster? Will banks allow us to change biometric data if users face bodily changes from age or accident that mean their real bodies don’t match their official, stored identities? These questions need to be answered to get a broad range of the population behind any possible technology ‘jet lag’, if and when the biometric wave reaches an industry tipping point.