Data breach has become one of the biggest threats for financial industry. The entire industry is rushing to invest in cybersecurity at a time when cyberattacks could cost the global economy $6 trillion a year by 2021 according to 2016 Cybercrime Report. The U.K. recently announced it’s also investing billions into technologies to defend against cybercrimes and financial terrorism. Password, signature and physical authentication like tokens still have security vulnerability and nearly obsolete. But more importantly, the authentication process is laborious itself. Today, banks are looking ahead to more advanced technologies such as biometrics, mobile device and cloud-based platforms to fight cyberattacks, save cost and bring mobility, usability to their customers.
Biometrics has been used by law enforcement and government agencies worldwide for over 140 years. However, biometric verification applications have been used by banks for just a few years now. Barclays has been one of the first banks to launch finger vein reader and voice biometrics to authenticate its customers, removing the need for PIN, passwords or authentication codes. Besides the making of customers’ lives easier through its convenience, biometrics also addresses client’s concerns about the threat of online fraud.
Although the market for biometric systems is growing, the widespread adoption and penetration of these systems still faces a lot of constraints. One of its biggest drawbacks is the high implementation cost of in-house database infrastructure which SMEs cannot afford. Moving to cloud-based biometric authentication system can be a real financial payoff. All the information including biometrics, personal and financial data can be recorded, analyzed and exported in real time on cloud. Companies can save money on the fixed components such as the server, database, and data centers while spending a smaller amount on cloud service and server maintenance. It works as a pay-as-you-go model, hence, making it a very cost effective and scalable solution.
At the same time, the proliferation of biometric-enabled smart mobile devices like IPhone with fingerprint scan and FaceID or Samsung Galaxy with iris recognition, mobile banking quickly become the customer’s preferred choice. Customers can use their biometric data saved on their smartphones to access their accounts at any time from any location. This device-centric model is being adopted by banks and payment service providers as a quick way of solving the “password” problem. However, this model only solves part of the problem by providing secure and convenient access. It only offers biometric authentication to those equipped with the latest mobile devices with integrated biometric sensors and secure hardware to store sensitive biometric data.
One alternative is to adopt a centralized architecture where biometric identity data is captured by trusted means and then stored centrally in the cloud. This ensures that the service provider can control the end-to-end process of biometric authentication, including capture and enrollment. This also supports an omni-channel service where the user can access digital services via a wide range of endpoints – computers, mobile devices, smart TVs, and physical locations like bank branch and in-stores.
According to Technavio, the global market of biometric as a service is expected to more than double in value between 2015 and 2020, to reach a total value of $5.64 million. Top vendors are providing cloud-based solutions that can be named are IriTech (leading iris recognition provider), BioID (face recognition & voice authentication), ImageWare Systems (biometric identity management) and more. Acuity also stated in its latest whitepaper on this solution that biometric authentication in the cloud will help financial service organizations to improve security, reduce friction, lower costs, and attract the most desirable customers.