April 6 2023
Banking inclusion has skyrocketed in recent years. According to the World Bank, 71% of people had access to a bank account in 2022, up from 42% a decade before. This growth can mainly be attributed to the digital revolution – two-thirds of adults worldwide now make or receive a digital payment, which has risen from just 35% in 2014. Juniper research estimates that the number of remote banking customers is expected to exceed 3.6 billion by 2024.
While there are many advantages to remote banking for banks and customers alike, there’s a serious challenge posed by this trend. Remote banking relies on a level of trust in the identity of the individual accessing the service, and that trust that can be exploited by cyber-enabled crime. As banks expand remote access to digital services and make access easier for users, they often extend an unintended invitation to fraudsters.
In truth, banks are facing pressure on all fronts – consumers expect to be able to open accounts and bank remotely with speed and ease. Meanwhile, fraudsters are siphoning money and undermining security through online channels. Simultaneously, banks face the threat of KYC and AML compliance fines.
In response, many banks are leveraging advanced verification technologies to onboard and authenticate the new era of online bankers – replacing cumbersome manual processes and supplanting outdated authentication methods like passwords and passcodes.
Biometric verification technology in particular can enable banks to deliver an effortless user experience, maximize customer inclusion, reduce user frustration, and provide the security needed to protect against fraud while supporting compliance with regulations. But not all solutions provide the same level of protection.
There are a few key use cases for biometrics in banking:
The first and most critical step is verifying the identity of a new remote customer. This is how banks ensure that they’re engaging with a legitimate individual from the outset, which enables banks to filter out potential bad actors, bots, and fraudulent identities early while supporting compliance efforts (proving they “know” their customers).
By scanning their trusted identity document – such as a driver’s license – and then completing a brief biometric facial scan, banks can check the verified identity of each new customer without ever meeting them in person.
Onboarding is the point of highest risk because you don’t know anything about the user or their risk until you have enrolled them – so it’s important to start off with the highest level of identity assurance in order to defend against threats such as synthetic identity fraud. Trust established at onboarding will carry through the customer lifecycle.
An account could be onboarded legitimately, but then compromised through account takeover fraud, identity theft, phishing, or other fraudulent activity. Biometric face authentication ensures that the person trying to access an account (the ‘visitor’) is the same person that created the account (the ‘owner’) on an ongoing basis.
Once the individual’s identity has been established using the highest level of assurance, returning authentication doesn’t require the same stringent process and can be achieved through a simpler liveness check – unless something has changed to raise the level of risk. Examples of this include the customer asking for a new line of credit, adding a new authorized user to their account, requesting a password reset, or setting up a new device or rebinding an existing device. In these instances, a bank may decide to step up the authentication and require an additional biometric scan to ensure that this is in fact the customer requesting these changes. This enables banks to deliver the required convenience and flexibility for customers.
The two above processes have become absolutely essential for banks to deliver remote services securely and conveniently – and biometric technology is the core.
Biometric technology can be implemented in a number of ways. It can be combined with other authentication methods to create a multi-factor authentication or step-up authentication solution, for example.
In some jurisdictions, banks are required to implement multiple security factors under strong customer authentication laws.
Banking with biometrics delivers a number of key benefits:
Not all biometric solutions provide the same level of protection. This is because they are not created equal in their ability to determine the “liveness” of the supposed person trying to verify their identity, ensuring that the person is who they claim to be and present at that time. This is important when defending against generative AI attack methodologies like deepfakes and face swaps.
Additionally, there can be consequential differences in usability. When reviewing solutions, it is necessary to understand important things like if there are device or technology requirements, and if will the user be asked to perform certain movements as they will lower completion rates.
iProov technology delivers a number of key benefits:
Facial biometric technology…
Ultimately, the future of banking is digital and will owe much of its success balancing security with customer experience to biometric solutions.