Biologically-based verification methods — voice verification, facial recognition, fingerprints, retina scanning — are not only simple for consumers to use, but also far more difficult to maliciously compromise than other security methods. Biometric-based verification is one of the biggest trends in the security industry. So what is the hold up in the banking industry?
Using something you know for verification is good. Something you have is better, but something you are is best. The utilization of biometrics in the financial sector increases the security of online transactions by offering a combination of a number of these factors. For example, your use of a registered mobile device (something you have) combined with your fingerprint (something you are). This method also addresses the customer’s second requirement that authentication should be easy and convenient.
The appetite for biometric verification technology among consumers is so large, in fact, that Business Insider Intelligence predicts 99% of smartphones will support biometrics by 2021. With consumers increasingly accepting, and demanding, biometric technology, it is only a matter of time before it impacts the banking and financial sector.
Given the increased incorporation of the technology into consumer devices, it is also likely that customers will begin demanding it in financial applications in the not-too-distant future. This new security functionality will undoubtedly bring significant benefits, not least of which is a new tool in the fight against fraud and malicious activity. However, a blind integration of biometric solutions into all applications could ultimately prove hurtful to customers, and may be a misread of many of the competing aspects customers value in their banking interactions.
Competing Customer Desires
What competing consumer desires will financial institutions have to balance when looking to implement biometrics into their transaction processes? Well, on the one hand, consumers obviously have an expectation for the highest level of protection available when it comes to their finances. This, of course, matches the desire of everyone in the industry to stave off instances of fraud and malicious activity. At the same time, customers also want this verification to be as simple and convenient as possible — a problem also solved with the advent of biometric technology.
While the security benefits of biometric technology are significant, it’s also true that consumers have traditionally backed away from security functions that limit the ways they can interact with or utilize their own financial data. When looking to implement new security processes, it’s always paramount to do so in a way that doesn’t inhibit the ways customers can use and share their data. In fact, doing so would not only ignore good risk management practices, but also have significant impact on customer adoption as well as overall loyalty and satisfaction.
Uniform adoption of biometric verification could threaten to do just that, which is why its incorporation will require a careful approach. Implementing biometric requirements for all data-based interactions could threaten the ability for consumers to permit use of their personal data in ways they want — such as sharing it with their spouse or advisor, or using it with financial wellness applications to help them improve their financial state.
So What Is The Answer
When it comes to biometrics for financial applications, the ultimate answer will likely be balanced implementation — one that utilizes biometric authentication in high-risk situations, but also doesn’t inhibit the sharing of financial data that ultimately benefits the consumer.
This could mean introducing biometric verification as part of an authentication mechanism for all high-risk situations, such as adding a new payee, changing personal information or moving money across accounts. Employing activities that checks off all of the authentication principles is definitely a prudent move and one that – as an industry – we should all consider implementing into our infrastructure. This is because in these high-risk situations, a single authentication mechanism is insufficient. Integrating biometric technology in these circumstances provides customers with a second authentication method that is not only highly secure, but also provides a seamless user experience.
However, not all transactions fall into this high-risk category — and financial institutions looking to integrate biometric technology should look to distinguish between them. Financial institutions that want to best address their customers’ desires should look to compliment strong biometric authentication technologies for high-risk transactions, with a “read-only” authentication mechanism in lower-risk situations. This approach gives consumers the stringent security they need, while still being able to use their financial data in the ways they have come to expect.
This can be achieved in a couple of ways. For instance, in these situations banks could call for a secondary, non-transactional username or introduce token-based authentication. Or alternatively, they can implement a multi-layer security framework where the username and password always allow access to “read-only” transactions, and biometric authentication is required high-risk activities.
As with all successful innovation, customers will expect biometric technology to become part of their banking experience in the near future. However, they also won’t compromise their current experience to use it. This means it’s critical for all financial institutions to examine the ways they can best incorporate biometrics into our consumer-facing applications, which doesn’t solely involve broad-stroke applications. While this technology holds tremendous promise for the entire industry, institutions taking a “one size fits all” approach to its implementation could suffer significant customer backlash.