Sometimes seemingly sophisticated biometric fraud-prevention tools get hacked by methods that seem almost ludicrously simple.
Jumio is including the feature within its Netverify online verification service immediately, requiring consumers to follow an object on the screen with their eyes, in a randomized pattern Jumio said will be nearly impossible for fraudsters to fake.
“If an object is moving on a random basis, we can pretty much exclude photos, printouts and pre-recorded videos from being substituted for a live camera photo,” said Reinhard Hochrieser, Jumio’s director of product management.
Jumio also is adding technology that measures “micro-expressions” on a consumer’s face, including whether a user blinks or smiles, as another layer of security to prove that the image captured is a real person, Hochrieser said.
“What we’re witnessing is that as more applications go mobile, fraudsters are moving right along to hack mobile security tools, so it’s a constant battle of innovation between fraudsters and technology vendors,” said Robert Prigge, chief revenue officer at Palo Alto, Calif.-based Jumio.
Prigge concedes that adding new complications to its processes may increase friction for users during the initial customer sign-up, but he said financial institutions and enterprises using Jumio’s services favor adding this step.
“Companies want to be sure they’re matching the right person, and consumers express more confidence in services with escalated fraud protection,” Prigge said.
If the eye-tracking system can't verify a user's identity, Jumio is including a fallback solution that requires users to take a series of selfies, Prigge noted.
“Making sure you have the right person in a transaction is becoming more important as more products and services are sold through mobile channels, whether it’s lodging or car rental or a garage sale or dating, and consumers want this verification to be solid, too,” Prigge said.
