printer friendly version

Biometrics growing in finance

Biometric authentication, whether for financial transactions, time and attendance, or even logical authentication, has been growing steadily over the past few years. Of course, the uses of biometrics extends far beyond these few areas as we can see in the number of countries requiring biometrics for passports and tourism.

In the world of finance, an understandably slow-moving industry, biometrics has been growing steadily over the past few years in numerous areas, from client authentication, to employee authentication and transaction authorisations, and more. To find out what the state of biometrics is in the financial world, Hi-Tech Security Solutions asked Morpho South Africa’s Nicolas Garcia for some insights.

He notes that financial institutions, due to the nature of their business, always take longer than traditional businesses to adopt new technologies. They need to make sure that the technology they choose can integrate seamlessly into their current environment and the use of biometrics is no different. The process is in fact longer because biometrics can be used almost everywhere.

Fingerprint readers could be used for audit purposes in transaction validation, for example. Additionally, during the last phase of opening an account, the operator as well as the customer could be asked to present their fingers. Not only could the system verify their identity, but the audit trail would show that both were involved in the transaction.

Although not well publicised, for obvious security reasons, Garcia says there are several initiatives currently running in different financial institutions worldwide. “Africa in general and South Africa in particular are following this trend. The biometric technologies used depend on the business case, and are mainly fingerprint, facial recognition, and voice biometrics.”

While fingerprints are traditionally used for physical as well as logical access control for employees, banks are also now looking at using smartphones for voice recognition through calls and facial recognition via the embedded camera. He adds, “Mobility with biometric-embedded tablets and the integration of fingerprint readers in ATMs is also on the cards.”

Unbelievers still exist

When it comes to authentication, there are still those who say that fingerprint biometrics is not reliable because there are always people with ‘unreadable’ fingerprints and the criminal element is starting to figure out ways to steal or fool readers.

Garcia says that while fingerprints are the most convenient and adopted technology, like any technology, one must be aware of its strength and limitations. “In most of the cases, fingerprints work, but there are some conditions that make some fingerprints more difficult to use than others.

“If one fingerprint is not readable, there are still nine fingers that can be used. If no fingerprint can be read, it is then possible to add the use of a PIN code or card, or other biometric opportunities can be investigated.”

Facial biometrics has come a long way and it is now possible to authenticate yourself via your face. However, while the technology has improved dramatically, Garcia says financial institutions should adapt their security requirements based on the type of transaction.

“For instance, to check his balance, the customer could present his face. For more advanced transactions, like payments, two-factor authentication like face and fingerprint could be used. After a certain threshold, the transaction could also require a PIN code or another biometric verification, like iris verification.”

Whatever solution or combination of solutions one decides to use depends on the trade off you are prepared to make between security and convenience. The risks are self evident, and so are the solutions.

Share this article:

Further reading: