Online banking fraud is showing no signs of slowing down. In 2017, just typing ‘online banking fraud’ in a search engine returns at least five unique news articles for the previous month! Passwords have proven to be an unreliable form of authentication. Through cell phone number cloning, fraudsters can even circumvent two-factor authentication using One Time Password (OTP) over SMS for transactions. Identity fraud and theft alone accounted for $16 billion in 2016, with stolen login information being used to access customer accounts rising to 31% over 2015.
Both clients and banks need an easy, secure, fast and convenient way to ensure the security of transactions as passwords are not reliable or secure in practice (see inset – Passwords not secure!). Using biometrics addresses this problem, as it is now both cost effective to deploy as well as widely accepted by customers. The driving factor for adoption of biometrics in banking transactions is that it shortens authentication times across both channels and devices.
Passwords not secure!
Bank customers limit effectiveness of passwords as they:
- choose weak passwords
- reuse passwords
- forget passwords
- write them down
Types of biometrics
Biometrics is the science of recognizing an individual based on their inherent traits.
Biometric authentication methods are primarily of two types – physical and behavioral.
Physical biometrics typically need the user to actively do something for them to be captured.
- Face scan
- Iris scan
Behavioral biometrics, which have become increasingly accurate, are passive and seamlessly collecting information about the user. They are used to create an environment of continuous authentication.
- Mouse movement
- Device usage
While an individual biometric method may be hacked or circumvented, using a combination of them will ensure a high confidence level that the user is being identified correctly.
However, providing numerous biometric authentication methods across devices, banking channels and user types will quickly become unmanageable, if done in silos. This is where creating an Authentication Hub is critical. A Hub has standards-based authentication-a plug-n-play platform supporting best-of-breed solutions that empower the bank’s customers through the device, authentication method and channel of their choice.