With the rates of smart-phones going south, more and more Indians are gaining access to these devices and could be authenticating themselves using facial biometrics, whilst logging onto various applications, especially most mobile banking applications
By Jan Valcke
Mobile Banking is here to stay! With mobility being continuously addressed, and the smart-phones getting cheaper and more advanced, most Indians are now mobile and using technologically advanced telephony. Among the other services being constantly accessed, online banking is one of the main activities that most Indians indulge in on their smart phones.
Furthermore, mobile banking is no more being viewed as a ‘new channel’ or as an optional service, as it has steadily become the preferred form of banking for the new generation of ‘yuppies’, i.e., the young urban professionals. Mobile banking or m-banking could soon prove to be the single biggest banking innovation since the advent of the ATM.
While technology upgrades like m-banking, promise convenience and speedy banking transactions, it brings with it security threats as innovative as the application itself. Hackers have constantly upped their game when it comes to finding new ways to get access to account holders. Even some of the largest and the most high profile international banks, who boast of new-age tech-savvy applications, have not been spared from the malicious intent of advanced hacking attempts. When mobile banking first arrived in developed markets like the west, banks often limited their services. While the availability, functionality and ease of use compelled customers to embrace mobile devices, banks initially viewed mobile platforms as inherently insecure. Consequently, many banks prevented the deployment of high-value services via mobile banking. Certain financial institutions allowed customers to check balances, while others applied limits to fund transfers, but few offered the array of services available online for PCs.
Apart from age-old security measures like the simple password and the OTP, a number of banks, especially in the US, Canada and the UK have increasingly looked at biometrics, specifically the use of fingerprints, iris scans and facial recognition as a means of authentication. Banks in particular have gravitated to Touch ID technology because it provides them with device-based technology they may leverage to secure the mobile banking platform, and in turn reduce costs in deploying and supporting such services. Banking institutions have long expressed an interest in biometrics as a method to authenticate customers. However, finding cost-effective solutions have proved challenging in general.
Banks view biometrics as more secure than simple passwords, while customers embrace their simplicity and convenience. Touch ID which has been increasing adopted by banking institutions as a popular biometrics based security tool, could however weaken the financial institution’s security-related defenses and heighten the level of financial, operational and reputational risk associated with the mobile banking platform, if integrated incorrectly.
Even in India, banks possess the technical capability to support a fully functional mobile baking platform but are unwilling to secure the channel sufficiently to provide secure services such as opening new accounts, higher limit fund transfers or third-party payments via P2P. The convenience of mobile devices also underscores the ease with which one could be lost or stolen, and banks are unwilling to make their most sensitive information readily available to criminals in case of a device theft.
As in developed markets, Fingerprint biometrics in India, is the largest segment in the market, in terms of revenue contribution, followed by iris and facial recognition segments. Voice recognition, on the other hand, could prove to be the fastest growing segment, on account of rising application in banking and growing integration in handheld devices.
The innocuous ‘selfie’ or the front-facing camera, which is available on most mobility devices, especially on smart-phones, these days, could prove to be a powerful accessory in ensuring facial biometrics for the vast majority. Additionally, with the rates of smart-phones going south, more and more Indians are gaining access to these devices and could be authenticating themselves using facial biometrics, whilst logging onto various applications, especially most mobile banking applications.
Certain specialized service providers have further provided facial biometric applications that could be installed on any smart-phone as a cost-effective, yet a virtually ‘hacker-proof’ option. It is not that easy for a potential hacker to simply use a photograph in place of the actual face to trick the software. Facial biometric applications nowadays use 3-D imaging with an additional layer of authentication built in when it asks the user to smile or move their eye-balls in a particular direction, which could virtually be neigh impossible to replicate.
As sensors of all kinds get smaller and facial biometric authentication software gets smarter, the day is not far when we will not need to type in passcodes or passwords to gain access to any of our devices. Facial recognition technology is one of the most exciting forms of biometric authentication and it is very likely that soon you will be able to buy a smartphone that can be reliably and securely unlocked just by recognizing your face, which would in turn mean a secure and a safe future for mobile banking operators.
The author is President & COO of VASCO Data Security
If you have an interesting article / experience / case study to share, please get in touch with us at [email protected]