Libraries and APIs attached to even official applications can be a conduit for security problems. Here's how to cover your tracks.
With more and more customers accessing their financial information on mobile phones, biometrics in banking, such as iris scanning technology, are rapidly being rolled out to replace easily hacked passwords to keep accounts safe.
Iris scanning works by using pattern recognition to make a mathematical record of the colored ring of the eye. Every person has a unique iris pattern which is formed at a young age and doesn’t change as you grow older.
As a result, iris scanning is now considered one of the most secure and reliable biometric tools available for verification of identification and is used in scores of airports, border control posts and even in dispensing pharmacies. Banks around the world are scrambling to adopt the technology, both to stay ahead of the competition and for improving the customer experience by providing them with a simple, secure way to ensure their data is protected.
One of the first banks in the world to take advantage of iris scanning instead of passwords is TSB in the UK, which is rolling out the service in September this year. Customers with a Samsung Galaxy S8 or S8+ smartphone will be able to unlock their TSB mobile app by just looking at their phone and letting the build-in iris scanner authenticate the iris pattern.
How Retail Banks Can Thrive in Today's Digital Age
Explore short- and long-term opportunities to transform brick-and-mortar branch experiences. Download Now
“It takes advantage of 266 different characteristics, compared with 40 for fingerprints,” said Carlos Abarca, chief information officer at TSB to Sensors Online. “Iris recognition allows you to unlock your TSB mobile app with a simple glance, meaning all of those IDs, passwords and memorable information become a thing of the past.”
Setting a Biometric Standard
In addition to the TSB, in the U.S. Wells Fargo and 30 smaller, regional banks and credit unions are implementing iris scanning as a form of biometrics in banking for commercial customers. In some cases it will replace the secure tokens they have to carry around to access commercial accounts and thus improving customer experience.
Biometrics in banking technology is also being adopted in parts of Asia, such as in India. DCB Bank in Mumbai, for example, is using iris scanning to relieve rural customers of the burden of carrying around identification documents to authenticate customer identity.
While most banks are focusing their use of iris scanning for the moment to opening financial apps on their customers’ phones, other applications in the retail bank branch are also being implemented. Citibank is carrying out trials of ATM machines that have iris scanners built into the cash dispensers so that customers can access their accounts.
While some users deploy iris scanners in place of passwords or fingerprint readers on smartphones, many security experts are recommending that financial institutions deploy a combination of the three types of identification to foil hackers who have illicitly accessed one method of identification.
“Rather than use biometrics in isolation, businesses need to be looking at strong authentication that incorporates three distinct elements,” said Richard Parris, chief executive of software firm Intercede. These three elements are: Something you carry around with you or have, such as a smartphone or tablet, a PIN code that you have memorized or know, and something that’s part of you, like your iris or fingerprint.
Increasing Security with Iris Scanning
Samsung was able to apply two new components to enable iris recognition, equipping phones with a dedicated iris camera that utilizes a special image filter to receive and recognize the reflected images of the irises with a infrared LED light, which allows for the best range for scanning. Unlike traditional visible images, which can be affected by iris color or ambient light, infrared images display clear patterns and have low light reflection.
Financial institutions can combine the iris scanner in Samsung’s Galaxy smartphones with Samsung Pass, which enables users to quickly log into apps and websites using the iris scanner and improving customer experience. All of this information is protected thanks to the extra encryption provided by Samsung Knox, a defense-grade mobility security platform built into the hardware of each phone.
As malicious actors increasingly find new ways to break into digital security systems, IDTMs will need to find new ways to secure highly sensitive data. Biometrics brings a new opportunity for simultaneous security and customer satisfaction as financial institutions enter the next generation of banking.
Get a look how advanced iris scanning can create a defense against security threats.