Move toward mainstream
In a broader sense, one little application is opening up the world of biometrics to potentially hundreds of millions of users. Apple Pay, which launched last fall, is available on later model iPhones, iPads and the Apple Watch.
With Apple Pay, users add credit or debit card information to their iPhones and the cards must belong to participating banks or credit unions. They can then pay for purchases at participating stores by holding their device near the scanner while putting a finger on the handset’s TouchID biometric sensor.
The crossover to widespread use of biometrics for secure mobile logins may not be far behind. Efforts are popping up domestically and internationally toward biometric logins, and companies often cite the ineffectiveness of passwords as the catalyst for change.
“The growing use of mobile devices with their cramped keyboards has only worsened the security value of passwords, as smartphone and tablet users are 25% more likely to reuse passwords across multiple logins than the average consumer,” says Al Pascual, director of Fraud & Security at Javelin Strategy & Research.
Usability is another issue for passwords, which can be annoying to enter on a mobile device. Pascual says biometric solutions like voice and fingerprint have been shown to be more user-friendly.
But security is at the heart of the biometrics trend. “One of the largest impediments to the adoption of mobile banking has been security concerns on the part of consumers,” Pascual says. “Biometrics provide for a conspicuous solution that can bolster the security image of mobile banking, helping increase consumer adoption of this low-cost channel for financial institutions.”
Biometrics is nothing new to the financial industry overseas.
“For nearly 20 years, financial institutions have been testing voice biometrics for use through the phone channel, though it only took off over the past few years,” Pascual says. “Palm-vein scanning has found success at ATMs overseas, including in Japan and Eastern Europe, and there is a distinct possibility that we will see some of that here as well.”
Pascual says privacy is the top concern American consumers have regarding the use of biometrics. But he doesn’t think Americans will be much different in their willingness to use biometrics than Europeans who also see privacy as a big issue.
“U.S. financial institutions are hyper-conscious of FFIEC (Federal Financial Institutions Examination Council) guidelines on authentication, which for better or worse have yet to specifically address the mobile channel,” Pascual says. “Fortunately, there has been some guidance on the use of biometrics – all relatively positive – but as bankers tend to be a conservative lot, this has still been a bit of an impediment.”
In spite of the challenges, Pascual believes mobile biometric logins for financial applications will be relatively commonplace in the next two to three years, with other consumer applications following soon after.
Still he is convinced passwords will remain for at least a number of years.
“Passwords have been around for thousands of years – since the Roman empire,” Pascual says. “Given their ubiquity and cost benefits, they are likely to be supplemented in the short term within the financial industry and largely replaced over the next five to ten years in both the online and mobile channels.”