= Subscriber content; or subscribe now to access all American Banker content.

Banks Embrace Biometrics, But Will Customers?

As banks incorporate biometrics technology, they are doing so with the dual goal of enhancing security along with customer experience.

But from the outside, the technology that aims to make authentication easier is at a crossroads that a lot of innovation comes to — verifying people via biometrics will likely become the norm at some point, but plenty of people are not quite interested yet.

"We did a massive survey last year, talking to consumers about digital banking, and many were not even aware their bank offered [Apple's] Touch ID," logins, said Alistair Newton, an analyst at Gartner. "There were also many consumers who were happy to do the extra step and type in a username and password because it felt more secure to them. So even with the base stuff, like Touch ID, it's certainly gaining momentum but still has a long way to go."

Banks, however, are moving ahead. For instance, Citi launched a voice authentication project in the U.S. that allows its credit card customers to use their voice to verify themselves when they call the bank. Citi has voice authentication initiatives in some other markets as well. Since the project's April 2015 launch, roughly 250,000 customers have opted in.

To the company, voice authentication is not intended, at least not yet, to replace other methods — it is there to give customers options.

"We want to offer our customers choices when it comes to authentication, and we're always looking at innovative and secure ways to do that," said Ash Khan, Citi's head of information security for global consumer banking.

Citi customers who want to take advantage of voice authentication start by providing a brief voice sample. Citi is working with NICE Systems on the technology, which can identify roughly 130 different physical and behavioral characteristics within a person's vocal pattern. When customers call in, their voices are matched to the prerecorded data. Setting up the voiceprint takes less than a minute, Khan said.

While he wants customers to have options, Khan said voice authentication is a much better experience for the customer than the typical game of "20 questions" required when calling in to a call center for authentication.

"I start talking to the rep, they ask my card number and that is it," Khan said. "Then they start talking to me about my account, address me by name, and it's a totally different experience."

Besides voice recognition, Citi is looking at other biometric technologies, including working with Diebold on iris-scanning ATMs. And Citi is certainly not alone in its focus on this technology. Eastern Bank earlier this year rolled out a similar voice authentication initiative, while USAA allows its customers to take "selfies" to log onto mobile banking.

Slightly more than a third of banks said biometric technology would be a priority to them in 2014, according to a study by London-based Ovum, a global technology research firm, in which it surveyed chief information officers and other senior information technology decision-makers globally.

Technologies like facial- or eye-scanning authentication may become popular in coming years as millennials — who are more comfortable and open to such concepts — expect such services from their banks, said James DeBello, CEO of the digital vendor Mitek, which surveyed millennials on their digital banking habits and desires last year. The survey of 1,000 milllennials found that in identifying themselves via mobile devices, 61% prefer fingerprints. Additionally, almost a third said they'd accept facial recognition.

"People, and millennials in particular, are tired of passwords and PINS and desirous of high-level security," DeBello said. "When it comes to things like taking a selfie to authenticate yourself, and incorporating optics in other ways, milennials expect that. They are demanding it."

But banks should be practical in considering biometric technology, Newton said. Projects like Citi's voice authentication will likely be a hit with customers, because it solves a clear pain point. But things like facial recognition and iris-scanning technology may not prove as popular.

"Voice authentication will grow more rapidly, because it has distinct benefits," Newton said. "But with a facial-scanning ATM, for example, is that really easier than just putting a card in there? To change customer behavior and habits in financial services, the new solution has to be so much better or easier than the existing services."


(2) Comments



Comments (2)
Passwords will never go away. Biometrics are useless for authentication if they are not used along with passwords because they are inherently more insecure for several reasons. First: what good is a password left behind on everything you touch, or can be be reproduced from any high def picture you are in or recorded without the user's knowledge? Second: only a few reference points are used for scanning prints, irises, and voices because systems must be able to account for physical changes over time (i.e., a small cut on your finger, a raspy voice from a sore throat, etc) which makes it easier to crack if an intruder gains access to the biometric hash table when compared to a password hash if security is breached. Third: if said security breach does occur, you can't change your biometric login - EVER! Fourth: the potential of unconstitutional searches by law enforcement is very high; if a user is arrested or detained, authorities can easily gain access through physical force against the user's will, whereas a password would require a more voluntarily relinquishment on the user's part. In the future the most secure form of authentication should be a token combined with analysis of the user's keystroke dynamics from entering their password. Biometrics should only be used as an additional layer on top of those two.
Posted by Jonny_Zuhalter | Wednesday, February 03 2016 at 11:34AM ET
Wells Fargo is rolling out a combination of voice and facial biometrics for their commercial mobile clients.
Posted by Ari G | Tuesday, January 19 2016 at 3:05PM ET
Add Your Comments:
Not Registered?
You must be registered to post a comment. Click here to register.
Already registered? Log in here
Please note you must now log in with your email address and password.