December 20, 2023
Recently UBS – leading a multinational investment and wealth management bank – and Kuppingercole, a key analyst firm that specializes in providing advice and insights on Identity and Information Security participated in an iProov-sponsored webinar to showcase how UBS is innovating its digital identity strategy to better service the needs of its customers.
The webinar featured industry experts John Tolbert (Director of Cybersecurity Research and Lead Analyst at KuppingerCole) and Pascal Tavernier (Executive Director of Identity & Access Management Architect at UBS) discussing how biometrics can support digital transformation in the financial services industry.
Read ahead to learn the webinar’s key themes and insights.
Increasing Fraud and Regulations Drive Digital Transformation
Financial services is a colossal sector, forecasted to reach approximately $30,000bn by 2030. Organizations face increasingly stringent regulations, driven largely by growing levels of financial crime.
While some of the most pertinent regulations willl depend on your country/jurisdiction, the webinar identified the four most critical types for financial institutions:
- Anti-Money Laundering: Aims to prevent money laundering and terrorist financing.
- Know Your Customer: An extension of AML which is about ensuring that businesses are engaging with the same person they entered into the financial agreement with (and that the same person is still in control of their account).
- Politically Exposed Persons: These checks are all about identifying high-risk individuals and providing additional screening and information to mitigate any economic, regulatory, or reputational risk. They often relate to politicians or other prominent people.
- Sanctions Screening: Financial institutions must ensure they’re not transferring or holding money for sanctioned individuals.
Noncompliance leads to penalties, including fines and even criminal proceedings. In 2022 overall, banks globally incurred over $2bn in AML fines.
The other leading driver for digital transformation is fraud prevention. Financial Services is one of the most targeted industries due to lucrative financial incentives (receiving the highest share of account takeover attacks, 38%). The goal is to stop the most prevalent types of fraud, such as:
To achieve this, financial institutions have invested heavily in compliance processes and personnel. However, this has also increased onboarding and customer acquisition costs.
This landscape, combined with a general move towards all-encompassing online services, has made digital transformation more important than ever. Procuring the right technologies is key.
Biometric Verification Is The Foundation of Digital Transformation For Financial Institutions
The difficulty of proving that online users are who they claim to be is one of the biggest challenges FIs face. Ineffective identity verification controls are often the root cause of regulatory infringements and fraud.
Robust identity verification depends on linking the physical person asserting their identity to a trusted ID document. The only way to do that reliably is with biometrics. Biometric verification works by linking the data on a Government-issued ID to the biometric data of the person asserting their identity, and performing checks to ensure they’re real and indeed the genuine holder of that ID document.
Biometrics verification is preferred for a number of reasons:
- It’s a self-service, automated process: The ability to automate onboarding and authentication is crucial for organizations. It means you can operate a 24/7 service, at a lower cost, and usually with higher conversion rates – in a way that’s generally preferred by clients.
- Better security: The right biometric solution can deliver unparalleled security, enabling FIs to avoid or at least minimize the security and usability issues posed by legacy methods such as passwords and one-time authentication.
- Better user experience: The end-user does need to remember anything; their biometric is always on their person. This also means there’s nothing to lose or forget. The right biometric solutions makes everything exceptionally easy for the customer.
- Improved accuracy and efficiency: Biometric technology removes the need for in-person checks or manual verification, which increases accuracy and reduces costs. It also speeds up the process, enabling customers to quickly get access to their new accounts.
- Reduced risk of compliance penalties and reputational damage from negative publicity: A robust solution enables financial institutions to meet regulatory guidelines while reassuring customers and protecting the organization’s reputation.
- Easy account recovery: Account recovery inherently introduces fraud risk, because the person recovering it could be a fraudster attempting to hijack control of an account. You need to be certain of their identity; the right biometric solution can deliver self-service account recovery that is effortless and does not require re-binding of their device.
Other ID verification methods like video call verification (over Zoom or Skype, for example) are inconvenient and difficult to scale. Pascal stated that “prospects and clients do not like, and it takes up a lot of time.”
Not All Solutions Are Equal: Understanding Biometric Accuracy
The effectiveness of biometric solutions varies. John Tolbert (KuppingerCole) discussed how biometric systems can deliver higher identity assurance by evaluating biometric accuracy. Biometric accuracy is determined by a number of factors:
- False Acceptance Rate (FAR): The measure of the likelihood that the biometric security system will incorrectly accept an access attempt by an unauthorized user. A system’s FAR typically is stated as the ratio of the number of false acceptances divided by the number of spoof identification attempts.
- False Reject Rate (FRR): The percentage or probability of biometric authentications that reject the correct user when that user’s biometric data is presented to the sensor and incorrectly marked as ‘fail’. If the FRR is high, users will be frustrated with the system because they are prevented from accessing their own accounts. Also known as False Non-Match Rate (FNMR).
- Equal Error Rate (EER): Where FAR and FRR meet, usually best tradeoff between usability and security.
Liveness is a crucial factor in FAR and FRR. Liveness refers to the technologies that determine whether a sensor is viewing a live biometric – i.e. if it’s a living person or not. This makes liveness a key differentiator between facial biometric solutions.
The quality and sophisticated of the liveness technology will affect the numbers of fake images misclassified as real (FAR) and number of real images misclassified as fake (FRR). Generally, multi-frame solutions will acheive a more desirable FAR/FRR than single frame-solutions. The quality of the face matcher will also impact the FAR and FRR.
Critically, FAR and FRR, will underpin the users conversion rate. You need to ask: how many of your users can use the product, and of that number, how many of them can complete the verification? The success rate of user verification is a critical driver for identity assurance technology.
Implementing and Testing End-to-End Identity Verification Systems
Pascal Tavernier helped design and build the UBS end-to-end remote identity verification system, which uses iProov for facial biometric verification. While biometric accuracy is key, there are many other success factors.
Pascal shared his valuable insights on maximizing success rates for digital enrollment journeys:
- User Guidance: Visual, animated guidance is a must. The less effort the user has to expend to complete the process, the better. Biometric solutions must provide users with crystal clear, visual, and animated instructions
- Error Handling: Context-based help is essential along the user journey. Users need to know what they did wrong if they face an error, with real-time feedback, or they’ll be frustrated and drop out.
- Eligibility: Evaluate self-service support at the start of the process (i.e if your app only supports users to register from specific countries, ensure that users complete a country selection at the beginning of the process so they’re not disappointed later).
Pascal suggested that organizations conduct as many usability lab sessions as possible to get things right the first time around. He also recommended engaging an “independent third-party vendor that specializes in biometric penetration testing”, rather than taking security claims at face value.
Closing Thoughts
Ultimately, biometric verification removes the reliance on in-person checks, providing self-service automated remote identity verification. This enables organizations to deliver services remotely to customers that were once relegated to in person visits, which is a huge customer experience win (and indeed often a expectation from today’s end-user).
Biometric technology helps financial institutions with their two main challenges: regulatory compliance and fraud prevention – making it a perfect tool for digital transformation in the financial services industry.
You can read more about the advantages of face verification here and consider our guide to choosing a biometric vendor here.
Click here to watch the whole webinar on-demand here. Enjoy!