Skip to main content

Has biometric banking finally arrived?

(Image credit: Image source: Shutterstock/Anton Watman)

Back in April 2017, MasterCard announced that it would be launching a payment card which features a fingerprint reader. It was the latest in a growing list of financial institutions to deploy biometric technologies. For example, HSBC has deployed voice biometrics within its customer contact centres. Barclays has done the same, while also allowing finger prints to be used to authorise basic banking transactions with its corporate client base. And Lloyds Banking Group is reported to be preparing to allow customers of Lloyds, Halifax and Bank of Scotland to use Microsoft Hello to access online bank accounts.

But, given biometric technologies have been with us for years, what is driving this current interest? At Fujitsu – a company that pioneered the development of biometric systems, has deployed them within financial institutions all over the world and is thus expert in applying the technology to financial services - we’re not surprised by the growing enthusiasm. Already, more than 11 million people use Fujitsu’s Palm Secure solution – which “maps” the veins in the human hand – each day. 

What’s driving adoption?

Firstly, bank and customer interest in security has never been higher. Growing awareness of the weaknesses of passwords and PINs, together with high profile incidents of fraud and identity theft, have led managers to question existing security arrangements. Increasingly, they are exploring other more cost-effective options, which include biometric solutions.  

Secondly, public acceptance of biometric technologies is growing. Research undertaken by Visa, and published in September 2016, found that nearly two-thirds of customers would be happy to use biometrics when making payments. It also found that the public is almost twice as likely to trust banks to hold such data securely as they are government agencies.

We also think that the use of biometrics in other areas of everyday life is helping to drive acceptance. For example, users of Apple and Samsung mobile phones can already use their fingerprints to open their device, and Apple Pay permits users to make payments using fingerprints. At Fujitsu, we are confident that, as society becomes more exposed to biometrics, familiarity and confidence in the technology will continue to grow.  

Thirdly, the speed, accuracy and cost of biometric technologies have all improved in recent years, making the mass roll-out of biometric solutions feasible. And, as banking has moved to the mobile phone, the practicalities associated with enrolment have also improved. Many people are now familiar with setting up technology and downloading apps, meaning that many are capable of enrolling themselves. This smooths the take-on procedures for many financial institutions, as well as reducing the cost. 

Looking beyond payments

So, if interest in biometrics continues to grow, where else might we see them deployed in British banking? Perhaps there is a clue in how are being used in other parts of the world. In countries such as Brazil, Japan and Turkey, banks are using biometrics to identify customers. In each of these nations, unique social characteristics drove the roll-out, and acceptance, of the technology, while also allowing a business case to be built which could justify the investment. For example, Banco Bradesco, Brazil’s second largest bank, claims to have virtually eliminated ATM fraud by deploying Fujitsu’s palm vein-reading technologies on its cash machines. Japanese banks have also been impressed by the security-enhancing properties of palm vein technology. In a country still wedded to cash, banks have promoted its use by increasing daily cash withdrawal amounts and lowering bank charges for customers who elect to use biometrics to identify themselves.  

Secondly, the technology is being used to track access to, and transactions undertaken within, key business systems. With security-related issues increasingly front of mind for managers, banks recognise that attacks do not just originate from outside the organisation; attention must also be given to addressing the internal threat of hacking and theft. In the United States, Fujitsu offers its PalmLock solution to users of SAP Enterprise Resource Planning (ERP) systems. This technology positively authenticates the identity and approved security level of the user at log-on and, once in the system, it ensures the user has the appropriate access approvals to conduct transactions within each given areas. Clients using the system report significant reductions in fraud in areas such as purchasing, payroll and at retail Point of Sale.

Thirdly, biometrics are being used for laptop and desktop sign on. Deploying biometric technologies in office and home computing equipment accelerates log-in times and provides a practical and easy alternative to remembering passwords (and thereby reducing requests to IT helpdesks for help with resetting passwords).

Growth areas for biometrics in banking

Thinking about where biometrics will be deployed next in banking, we expect it to be focused in three key areas – payments, ATMs and in-branch identity confirmation. 

The implementation of PSD2, which has to be implemented into national law by January 2018, will drive further interest in biometrics. The directive requires “strong customer authentication” methods to be deployed whenever an electronic payment transaction is initiated. The legislation defines this as two or more of three elements - knowledge (for example, a PIN); possession (such as a token); and inheritance (something the user is, such as biometric data). In practice, this means multi-factor authentication. As payers cannot be made to bear any financial liability for errors or mistakes (unless they acted fraudulently), we believe this will result in financial institutions looking to deploy the strongest authentication measures available, which suggests biometrics.

Over time, it’s possible that the plastic card will be made redundant by the mobile phone. If this were to be the case, the mobile might be unlocked using iris recognition, palm vein or finger print options. Such a phone could then be presented at an ATM, where NFC technologies would read the device and authenticate – or otherwise – the transaction. Such a solution may even enable the ATM transaction to be commenced before the customer arrives at the ATM, with the cash being issued as soon as a biometrically-unlocked phone is presented at the machine. 

Biometric solutions could also be deployed in branches, replacing the need for customers to produce photographic identity documents. This might be most applicable to supporting more significant transactions – such as withdrawing a large sum of cash, or authorising a transfer – rather than for all branch activities. And reports from America suggest that such an offering often appeals to older people, who appreciate how the technology can make banking transactions easier to conduct. 

A biometric future 

Biometric systems are highly accurate, cost-effective and scalable. They deepen bank defences by providing an unequivocal link to an individual, event or transaction and are very hard to forge. At Fujitsu, we believe that these are key reasons why banks are embarking on a journey to explore and deploy the technology on a scale previously unseen. We think that this journey has some way to go. 

Anthony Duffy, Director of Retail Banking, UK and Ireland at Fujitsu (opens in new tab)
Image source: Shutterstock/Anton Watman