By Xavier Larduinat, Digital Banking & Payment Expert, Gemalto
In the space of no more than five years, the financial services industry has been transformed. And the breakneck pace of change shows little sign of relenting. Innovation has come not just from the ambitious new breed of fintechs, but also well-established tech companies and, indeed, banks with histories stretching back hundreds of years. Many of the developments to emerge from this creative storm have proved a huge success. Furthermore, above and beyond the commercial returns, some have fundamentally changed consumer behaviour and expectations of what can be delivered. For example, we already take for granted the ability to pay for goods and services with a wave of our phone, immediately transfer funds to a friend via an app, or even open a bank account within minutes. However, the sheer speed of this revolution also has a downside. Notably, in the rush to innovate, security has sometimes been overlooked. But in a world in which cyber-attacks seem to be making the headlines on an almost daily basis, no one should be in any doubt that maintaining customer confidence and trust is critical to long-term success. What’s more, the latest open banking initiatives and new regulatory frameworks such as PSD2 are set to further increase the pressure to ensure robust protection of customer data and funds. In addressing these challenges, it is clear that biometrics is going to play a central role in the quest to combine security and usability. This fast-developing technology certainly offers compelling benefits, but it would be wrong for providers to regard it as a magic bullet. Unleashing its full potential demands careful consideration of a range of different factors.
Security vs convenience?
The age of 24/7 mobile connectivity has brought with it a step change in customer expectations. Unfortunately, for the financial services industry, this dramatic realignment of the consumer landscape has been further complicated by the interest that digital banking inevitably attracts from undesirable elements. Consequently, as the scale and sophistication of cyber-crime has grown, so has customers’ need for reassurance. Underlining this, a recent survey by Gemalto found that 44% of respondents would switch banks in the event of a security breach. But does strengthening protection against such threats mean compromising the user experience? It’s a critical question: the same survey also found that 38% would switch to a bank offering a better service.Not surprisingly, in the new age of digital banking, the most successful enterprises are those that are squaring the circle of convenience and security –by strongly identifying users to facilitate safe access to a comprehensive array of services.
Biometrics has taken hold
So how best can providers achieve this win-win scenario? Increasingly, the answer involves some form of biometrics. In a short space of time, biometric identification has been introduced and readily adopted by end users in a variety of different applications. The most obvious, and influential, is undoubtedly the use of fingerprint and facial recognition to unlock smartphones. But that’s certainly not the whole story. For example, biometric identification is increasingly commonplace at ePassport gates, and some forward-thinking banks are already enabling their customers to authorize transfers via a selfie, based on facial recognition or withdraw cash from an ATM with a palm scan. For those responsible for security, biometrics provides a truly unique means of identification as well as authentication. For consumers, it offers the ultimate in convenience – something they always have with them, so there’s no danger of ever leaving their means of authentication at home, in the car, or on the train. However, despite these attractions, providers should not be tempted to adopt a ‘one size fits all’ approach. For Millennials, choice and individuality are every bit as important as security and convenience; successful adoption is dependent on creating a digital journey that customers are immediately comfortable with.
Integration is now the key
Banks, fintechs and merchants must also recognize that effective implementation of biometrics requires integration with strong authentication and fraud detection solutions. Crucially, authentication provides the link between a local biometric check (such as a fingerprint scan on a mobile device) and the bank or merchant’s own system. Fraud detection, meanwhile, based on user’s behaviour and device profiling technologies, should deliver the instant, real-time analysis necessary for the provider to either approve or block a transaction, or seek further authentication from the customer. Significantly, such an approach also matches one of the key principles of the PSD2 directive.
Applying AI to fraud detection
Fortunately, in meeting such requirements, banks are now able to deploy a new generation of platforms. Solutions such as Gemalto’s new Assurance Hub, for example, utilize Artificial Intelligence (AI) to assess a vast array of signals and user’s behaviour patterns to determine the potential for fraud in each individual transaction. Typically this can encompass data ranging from the customer’s location and whether he or she is using their usual device, to something as personal as the style with which the mouse, touchscreen or keyboard is being operated. Anything out of the ordinary can be identified and assessed to determine whether additional authentication – such as a PIN code or fingerprint scan – should be requested, or the transaction processed without further intervention.The system also guarantees user privacy since the data analytics is anonymous.
Extending the appeal of contactless payment
In addition to being used for authentication and risk analysis, biometric technologies are also having a positive impact on the way we pay.
Another defining characteristic of the past decade has been the dramatic shift to contactless payment.Now an innovative new payment card is combining the ease of contactless ‘tap and go’ transactions with equally effortless biometric authentication. A fingerprint scanner built into the contactless payment card enables the holder to authorize payments with nothing more than a finger scan. The need to enter a PIN code is eliminated and end users can perform any type of transactions on a contactless mode, whatever the amount.
Reshaping the public sector
It should also be noted that the benefits of biometric authentication and associated technologies extend well beyond the banking domain. Notably, a number of bold initiatives have been undertaken in the public sector. Indeed, this particular field of science already has a long history of helping law enforcement agencies bring offenders to justice. Since the early 1980s, the AFIS (Automated Fingerprint Identification System) has been steadily replacing the laborious task of manually searching for fingerprint matches. Now it is being supplanted by the ABIS (Automated Biometric Identification System) which can utilize a far richer array of information to identify suspects. Government bodies are also starting to employ biometric technologies to tackle problems such as voting and benefit fraud, and to help secure national borders and citizens’ identities.
Financial service providers reap the benefits of government investment
As adoption of biometrics by governments gathers pace, so do the opportunities for banks to use national identity schemes in the quest for that winning combination of convenience and security. With full end-user permission and the proper privacy safeguards in place, it is possible for providers to facilitate swift and safe access not only to banking services, but also social and welfare benefits, or even in-store payments on a merchant’s phone that do away with the need for the customer to use either a phone or card of their own. As a result, government investment in biometrics can stimulate growth and innovation in the private sector too, and help citizens complete numerous day-to-day tasks with far greater ease and efficiency.
Biometrics has quickly captured the consumer’s imagination. Given the sheer speed of change in the financial services sector, future growth here is likely to be swift. There can therefore be little doubt that it represents a vital tool for all those providers – banks, fintechs and merchants – that understand that innovation can only flourish if it is underpinned by credibility and confidence among end users. The real key, though, is to see biometrics as part of a much bigger picture. Realizing its full potential and meeting the expectations of customers and regulators alike demands a genuinely holistic approach. Certainly enterprises need to tailor biometric techniques to the preferences of individual customers. Furthermore, successful deployment invariably involves integration with equally sophisticated authentication and risk assessment solutions. The good news for providers is that technology which ticks all these boxes – and many more – is now readily available. As a result, the digital banking revolution can finally look forward to a future in which trade-offs between security and convenience are well and truly a thing of the past.