Banks are often accused of being slow to innovate, opting for tried and tested methods and services over new technologies and solutions. However, when it comes to security, there is a lot that even the most innovative digital enterprises can learn from the world of finance.
The media is currently buzzing with news that HSBC is introducing voice recognition and fingerprint scanning into its services. We saw similar headlines last year, when Halifax announced that it was experimenting with heartbeat technology for authentication.
The reason banks are embracing forward-thinking security is simple – the entire business depends on the secure protection and transaction of huge volumes of personal and financial data. At the same time, customers simply want fast, simple, hassle-free access to online services – so adding authentication barriers is not an option. Jumping through various authentication hoops online and remembering numerous passwords, corresponding email addresses, pin numbers and usernames is a cause for frustration for the everyday consumer.
Fingerprint and heartbeat scans are forms of static biometrics that have arisen as a potential solution to this issue. Moving away from traditional passwords and memorable phrases that demand something we know, static biometrics ask for something we are. With static biometrics, authentication is generally carried out at point of entry – ie the moment a user connects to a service.
There is a whole world of biometrics that takes this concept one step further – engaging in ongoing analysis of what we do.
Known as behavioural biometrics, this machine learning technology builds up a unique profile of the user, based on the way they interact with their device – such as the force they use to hit each key, the angle they use to swipe a touchscreen, or their typing speed. Without disrupting the user, behavioural biometrics analyses whether the user is who they say they are throughout their interaction with the device, rather than just at point of log-in.
But demand for rigorous security that doesn’t add friction to the user experience is not limited to banks. Online retailers, for example, risk losing customers at point of checkout, who are put off by frustrating authentication hurdles. With demand for frictionless authentication coming from all areas of the digital world, we can expect to see biometric technology gaining even more column inches is coming months – and further developments in this space springing up.
It is just a matter of time before everything from our selfie angle of choice, to the haste with which we "Swipe Right" on Tinder becomes our password for online authentication.
Once behavioural biometrics is implemented directly into next generation mobile handsets, authentication will involve ongoing, real-time analysis of whole phone interactions – including playing games, messaging friends and taking photos.
With mobile manufacturers currently using pressure sensors, such as Apple’s ‘3D Touch’, largely for ‘quick actions’ and ‘shortcuts’, smart phone manufacturers are yet to embrace the full potential of this technology. However, it is just a matter of time before we see this take off. Last year, Google announced at its I/O conference that is was experimenting with behavioural biometric technology. With Mobile World Congress (MWC) just around the corner, we may well see number of interesting developments in the world of biometrics and mobile in the not too distant future.