In 2016, we explored how biometric technologies had reached their tipping point. With biometrics now delivering on their potential in financial services, we discuss what you need to consider when you’re choosing your biometrics solution.
Face, fingerprint, hand geometry, vein and iris recognition. Voice, signature, typing, gait, odour and even DNA. Biometric technologies are now everyday tools, providing an easy-to-use, yet secure means for identifying ourselves on our smart devices to gain access to apps and information. While not all of these biometric technologies are widely available today, let’s take a closer look at some of those that are. What should you consider when deciding which type of biometric technology to adopt?
Is the technology available?
The first consideration is technology. The simplest biometric technologies, including facial recognition, make use of the smartphone’s own camera. The technology it needs to work is already in the hands of a large proportion of your customers. But take, for instance, fingerprint recognition: Not all smartphones include the hardware it needs, which is a fingerprint sensor. Estimates from Statista on the percentage of smartphones shipped worldwide that had a fingerprint sensor show only 40% of smartphones included the technology in 2016. More importantly, Statista forecasts that only 67% of smartphones will include the technology by 2018.
While growth is significant, up from 19% in 2014, the numbers show that you can expect a reasonable percentage of your customers will not have smartphones able to use fingerprint biometrics. This means that if you were to adopt this technology, you would need to provide these customers with an alternative means for them to identify themselves.
Another biometric technology, finger vein identification, traditionally depended on infrared sensors that weren’t available in smartphones. But Hitachi has developed a system that makes use of a smartphone’s own camera rather than specialist hardware, making it more suitable for adoption. While this solution is still in development, it’s worth keeping an eye out on how it’s progressing.
What’s the user experience like?
This second consideration looks at the convenience and appropriateness of the biometric technology. After all, if it’s difficult to use or if the consumer feels awkward using it, they won’t – it’s as simple as that. Customers want a discrete authentication solution that can be used naturally and doesn’t draw attention to themselves.
Take facial scanning technology as an example. If a customer needed to hold their smartphone in front of them as if they were taking a selfie each time they wanted to access their bank account, many wouldn’t be comfortable doing that. Or if they needed to line their face up in a very specific way, that would be too inconvenient. With iProov’s technology, on the other hand, the user doesn’t need to move the device from the way they normally use it to authenticate themselves.
Can it be ported across channels?
The ability to use the biometric technology across multiple channels may also be a key consideration – after all, we’re living in an increasingly omni-channel world. A customer may use your app on their smartphone, laptop and tablet, for example, and may also need to prove their identity in person in the branch or on the telephone. Voice recognition would be a great biometric to use in this instance, with the speaker using their voice to verify that they are who they say they are.
With voice recognition, the system is first trained to recognise the speaker’s voice by simply speaking the numbers zero to nine a couple of times, for instance. When that person needs to authenticate themselves, they simply recite a certain phrase (or randomly selected numbers in our example) to verify their identity.
What chance do the hackers have?
Another important consideration is whether (and how) the biometric technology could be fooled, or spoofed. How does facial recognition know that a person is standing there, or voice recognition know that it isn’t listening to a recording? You may have guessed the answer to the second example. With voice, the system needs to verify the presence of the person and one way to do that is to randomly select what it wants that person to say. Not knowing ahead of time which words the system will select means a recording cannot be made.
EyeVerify’s Eyeprint ID, which recognises patterns within veins in the eye, is using algorithms within its software to detect what it calls ‘liveness’.
Some characteristics vary from day to day
Our final consideration is around how sensitive the technology is to changes in the person it’s trying to authenticate. How well would voice technology cope if you had a cold? Or facial or iris recognition if you had a facial injury? Where a biometric technology is sensitive, an alternative means of authentication would be needed.
Some biometric technologies will be more sensitive to changes than others. Behavioural biometrics may be less sensitive. Examples include typing recognition that analyses the unique characteristics of how you type to verify your identity. Or a technology that verifies who you are by the route you walk.
Then there is the ultimate biometric technology: DNA biometrics. Your DNA is not only completely unique, but it never changes. Just one challenge with this one … ever tried integrating a forensic kit into a smartphone?
Biometric technologies are certainly going to be one of the most talked about technologies in 2017, especially with the increasing amount of activities that require secure identification, such as digital banking solutions, and we can expect to see many new applications of them. Are your customers asking for them, and are you ready to deliver?