The Customer Effect

Facial biometrics in banking still face security hurdles, say analysts

  • Face ID will allow users to unlock the iPhone X with their face, and this could be extended to mobile banking apps.
  • Banks are encouraged by the possibilities Face ID offers for mobile banking, but are adopting a wait-and-see approach while use cases are tested.
close

Email a Friend

Facial biometrics in banking still face security hurdles, say analysts

The key to unlocking one’s financial life will soon be your face, if Apple and the banks have their way. But beyond the hype, there are some security considerations that still need to be worked out.

So far, industry watchers have set high a high bar on how Face ID on the iPhone X could change mobile banking, with the ability unlock the phone through face verification and the extension of that capability to third-party apps.  The possibility of using a “face print” instead of a password could be a convenient and seamless way a customer can authenticate a mobile banking app. But it’s still not a completely secure gateway to a customer’s financial information, analysts say.

“We see the Face ID technology as a good step forward in [mobile] biometric identification,” said Brian Ziff-Levine, senior director of payments strategy and support at First Tech Credit Union, which has taken a lead among credit unions on the use of facial recognition technology with payments. “We will wait to see whether the security claims Apple is making will withstand real-world conditions.” So while a face recognition feature may be more trusted by banks than old-fashioned passwords, Ziff-Levine still said he is still cautious.

One scenario that worries Frank Gillett, vice president and principal analyst at Forrester Research, is when a thief accesses a phone and registers their face.

When you set up Face ID, how does Apple and the bank know it’s your face, and not a bad guy’s face pretending to be you?” said Frank Gillett, vice president and principal analyst at Forrester Research. The face scan is saved on the iPhone X’s secure enclave hardware chip, but the bank doesn’t doesn’t store a copy of the customer’s face to match it.

While Face ID is a convenience feature, to go mainstream, there would need to be less false accepts and rejects, said Andras Cser, vice president and principal analyst for security and risk management at Forrester. (Apple said yesterday that the chance that someone else could fool Face ID is one in a million.) Cser added that the secure enclave has to be “hardened,” especially given recent news of a hack.

Still, some industry players say the benefits outweigh the risks. Despite the security concerns, ATM manufacturer Diebold Nixdorf is optimistic on possibilities for the technology, and that the security concerns could be countered by requiring additional authentification methods for higher-value transactions.

“Just because we’re talking about facial recognition as part of the iPhone announcement, it’s not the only method of authentification that can be used,” said Douglas Hartung, senior director of global software innovation at Diebold Nixdorf.  “For example, you could make a decision as a risk officer that you’re going to use face recognition capabilities on the device for withdrawals and payments below 200 dollars, but if you want to transfer 2000 dollars, [the bank] could push a notification to the device and you could use voice authentication in addition to face recognition for that kind of transaction.”

The big banks aren’t saying much, other than the fact that they’re watching the developments with interest. Michelle Moore, head of digital banking at Bank of America, told Tearsheet that the bank is always testing new forms of authentication for the safety and security of customers, but wouldn’t comment specifically on Face ID.

While the security concerns could delay the onset of mobile banking powered by facial recognition, increased demand for the service could accelerate a mass rollout.

“With the popularity of Touch ID, already used more than 80 times a day [per person] on average, we believe consumers will drive the speedy adoption of Face ID,” said George Avetisov, CEO of Hypr.

Photo courtesy of Apple

 

 

0 comments on “Facial biometrics in banking still face security hurdles, say analysts”

Outlier OpinionsMakers

Sponsored, The Customer Effect

Mobile banking outlook for 2023: Why push notifications are more important than ever

  • Mobile banking usage is quickly growing in popularity as account holders are afforded 24/7 access to their finances and enhanced ease of use.
  • Push notifications enable financial providers to take advantage of this surge by driving account holders to their mobile banking apps and increasing customer engagement.
Larky | December 02, 2022
Sponsored by Visa, The Customer Effect

Holiday travel is around the corner — is it time for a customer experience refresh?

  • New research finds 41% of U.S. adults are planning to travel this holiday season.
  • Nearly three years since the onset of the pandemic, 40% of surveyed travelers reported changing their travel behaviors.
Visa | November 14, 2022
Sponsored, The Customer Effect

Widening access to financial advice in the face of uncertainty

  • Consumers across generations are concerned about their current financial situations, highlighting the need for wider access to wealth management and financial advisory tools.
  • Advisors have a significant opportunity to help more people and grow, but they must first turn to modern technology and embrace a hybrid approach.
intelliflo | October 25, 2022
The Customer Effect

It’s 2022 and FIs are still struggling to make their products accessible. Procure Access wants to change that.

  • Americans with disabilities have a total of $490 billion in disposable income. Yet financial services are struggling to meet accessibility requirements, even with basic tools like PDFs.
  • With Procure Access, everyone from Google to Fidelity Investments is getting involved to ensure accessibility is considered at the start of the procurement process.
Rabab Ahsan | September 14, 2022
Sponsored, The Customer Effect

Creating a hyper-personalized banking experience

  • To this day, a lot of financial institutions are using legacy systems that were written back in the '80s and remain the same.
  • Today's digital banking platforms and card services can offer hyper-personalized experiences to create a unique experience for each cardholder.
Zeta | August 25, 2022
More Articles