• Platform
    Arrow
  • Industries
    Arrow
  • Resources
    Arrow
  • Company
    Arrow
Make an enquiry
Back
Back

Platform

Interact Application Suite

A suite of pre-built pre integrated easy to configure services that work alongside your system.

Back
Back
Industries

We provide financial services providers, including banks and building societies with the option to greatly enhance their customer-facing digital platforms in an efficient, cost-effective manner.

Back
Back
Resource Centre

Stay in touch with news, views and articles across industry with a technical perspective on digital transformation 

Back
Back
About us

Discover the story behind delivering solutions for the biggest names in financial services for 25 years.

Search the site

Search

Close

Companies are looking for new ways to challenge hackers

As hackers become more adept, financial organisations are looking for new, more secure ways of allowing authorised users to access digital services.

As hackers become more adept, financial organisations are looking for new, more secure ways of allowing authorised users to access digital services.

Companies are looking for new ways to challenge hackers. A story by Kevin Phillips for ieDigital.

Archive

Date

3rd April 2017

man smiling at camera

Kevin Phillips


Until recently, access to our online and mobile banking platform has been provided by the ubiquitous ‘username and password’ security challenge we’ve come to expect. Sometimes, this has been augmented with a second security factor, such as an SMS one-time code or small hardware token, designed to make it harder for hackers and fraudsters to gain access. While this does make it more difficult, it also makes the journey harder for the legitimate user as well, which is why it hasn’t been widely adopted anywhere without enforcement by stiff regulation.

As we see the rise in cybercrime across the financial services industry, keeping the security status quo is no longer an option. As hackers become more adept at tricking and stealing passwords from unsuspecting customers, organisations are looking for new and more secure ways of allowing authorised users to access their digital services. The digital banking solutions they’re moving towards involve authorising access by validating a customer’s unique human characteristics, otherwise known as biometrics.

From all of the excitement and innovation that’s apparent in the market, we can be excused for thinking that this is actually something new, but in fact the password-only challenge is a rather recent and substandard anomaly in the wider world of identity recognition.

Biometric authentication methods

In the animal kingdom, determining from the shape, smell, size and sounds of another creature whether they are a threat or a member of the same family, pride or troop, is an instinctive and instantaneous reaction. Having to recognise a predator from just a benign visitor is often a matter of life or death. Human reaction is just the same. From the moment we’re born, we learn to recognise our parents and those around us regularly as those who offer comfort and security. When a child meets someone new, the reaction is most likely one of caution, manifesting itself as shyness and a reliance on a trusted adult figure to give reassurance.

We have all been taught to be wary of strangers, and for a high percentage of the time, we get it right. How do we do this? We use biometric authentication methods to challenge and confirm identity.

Combined biometric and password authentication has been used for centuries in the theatre of war. I’m sure we are all familiar with the phrase, “Halt! Who goes there?”. You can go as far back as you like into military history, you will find that the combined use of verbal and visual challenges are the most common and reliable form of identity recognition. In the case of, Who goes there?, the response is expected to be name, rank and regiment, or a password. You could argue that this is only a password challenge, but the challenger would no doubt be trying to detect a foreign accent, stress or hesitancy in the tone, as well as recognise the spoken words.

Often following this initial verbal challenge, a sentry would command, “Stand forward and be recognised”.  Certainly, a guard would want to check that the person was in fact who they say they were. This was (and arguably still is) the most important part of the identity challenge. You may be able to learn the words, and you may even be able to say them in a convincing way, but it’s much harder to wear the right uniform, carry the right equipment and most importantly be known and recognised by the challenger as a friend and not a foe.

In essence, the most important elements of any security challenge – those being the hardest to replicate – are the personal characteristic components, including sound and visual recognition: biometric security in action.

Biometric recognition solutions

So, why are password-only challenges used in today’s digital world at all? Well, because until recently the technology has been limited to the use of keyboards and inert screens. Now, with the recent mass adoption of high resolution cameras built into touchscreen devices, we’re seeing the explosion of biometric recognition solutions.

Knowing now that this is nothing new should help with mass adoption by financial service providers and their customers, because, when we think about it, we’ve been doing it instinctively since the day we were born.

Related Content

You might be interested in...