Biometric technology within financial services institutions is increasingly in demand and consumers are starting to expect banks to provide these measures. In addition to adding an extra layer of security, technology like fingerprint ID or facial recognition allows consumers to access their accounts more easily. Unfortunately, cybercrime is becoming an increasingly common occurrence. As our lives move progressively online, cybercriminals are becoming more sophisticated in their attacks on our personal data, especially in lucrative areas like digital banking.
Last year, online security experts Kaspersky uncovered evidence that such cybercriminals were behind the greatest bank robbery of all time. Working with Europol and Interpol, Kaspersky revealed that up to 100 banks and financial institutions world-wide had been attacked by an international cybercriminal gang, with members hailing from Russia, Ukraine and China. Its investigation estimated that $1bn had been stolen since the attacks started in 2013, even though the first attack was identified in 2014. Similarly, instances of identity fraud are becoming more common. According to our research, 48 per cent of Britons are concerned their identity will be stolen. Additionally, the National Fraud Authority revealed that £3.3 billion is lost through identity crimes each year.
This surge in cybercrime is concerning, however, technological advancements in biometric security and the growing number of businesses adopting these measures is proving a deterrent to most cybercriminals. Pioneering products like Apple’s Touch ID and Apple Pay, which use fingerprint recognition technology, have become mainstream, and as a result consumers are increasingly expecting this level of security across the board. Unfortunately, the financial sector isn’t keeping up with consumer demand. For most banks, the rate at which technology is changing and adapting is placing huge strain on legacy infrastructure which is becoming rapidly outdated. In line with this, many banks still rely on passwords, which are generally less secure.
Common cybersecurity guidelines specify a longer password, unique to each secure account, that changes every 30 days. The problem with this advice is that it simply isn’t realistic. According to password management company Dashlane, the average citizen in the UK is registered on over 90 accounts, a number that is doubling every 5 years. As a result, the average person uses different variants of the same password to cover everything from their monthly magazine subscription, to their email and online bank account.
Taking a step further
Certain banks and financial institutions have taken positive steps in the right direction by adopting new biosecurity measures. In 2014 for example, Barclays launched an authentication system based on finger vein scanners, which uses near infra-red lights to check specific vein patterns inside a person’s finger. Mastercard also trialled a selfie smartphone payment app recently, which uses facial recognition, and in 2015 Halifax trialled a heartbeat verification system using an electronic wristband. Outside the UK, e-commerce company Alibaba uses facial recognition in their payment system process and Tshighua University and Tzekwan Technology have developed the world’s first facial recognition ATM, which works by mapping facial data and matching it against an ID database, authenticating users by using facial features and iris recognition. The pressure is mounting on banks to adopt more advanced security measures.
Consumer trust is vitally important to the financial services sector and research has shown that this has taken a battering in recent years. Our research revealed almost a quarter (22 per cent) of consumers don’t trust digital banking apps, and 12 per cent don’t trust online banking full stop. Furthermore, seven per cent of UK banking customers said they no longer use digital banking having previously been a victim of cybercrime. The arrival of newer challenger banks on the market is also putting pressure on the traditional banks through their ability to quickly adopt the latest technology. Traditional banks are forced to deal with legacy systems and the huge costs associated with upgrading these, whereas challenger banks like Metro, Atom (a client of Intelligent Environments) and Starling can implement innovative and biometric solutions from the outset.
To take this a step further, Atom and Starling are digital-only banks, introducing a new and completely unique banking experience. However, these challenger banks face the task of establishing themselves as a viable and competitive alternative to the traditional banks which consumers are comfortable with. Nonetheless, by adopting a greater number of proactive security measures, and making the digital experience more user friendly, it won’t be long before these brands are truly competing with the leading high street banks.
The future of authentication
It’s worth noting that although biometric security measures are significantly more effective than passwords, they are not infallible. Fingerprint IDs are still susceptible to hackers, and other biometric measures, such as facial and iris recognition technology still have problems with 100 per cent accuracy. Indeed, the infamous German hacker Starbug (aka Jan Krissler) managed to recreate the fingerprint of the German Defence Minister via photographs taken from ten feet away at a press conference. He had previously hacked Apple’s Touch ID within 24 hours of its launch, and is renowned for attacking security developments in order to flag their weaknesses.
However, even he has agreed that biometrics is the future of authentication. Ultimate security will come from a combination of measures and layered authentication; however it will also be necessary to ensure an appropriate balance remains between usability and security. Biometric technology certainly adds a necessary layer into the defence against cybercrime and it is becoming increasingly popular with consumers. People are more aware of the risks of having their personal information online and are expecting financial institutions to take the necessary steps to protect this data.
It is difficult to ignore the growing threat of cybercrime and the challenge now lies with banks to adopt new and more effective security measures to ensure personal data remains secure.
Clayton Locke, CTO, Intelligent Environments
Image source: Shutterstock/Anton Watman