USAA is home to 10.6 million active and former military members and their families. Customers use USAA for insurance, banking, and retirement services. The enhanced authentication should be available to members in all 50 states by March. It’s not available overseas, yet.
“Today, the first line of defense for a member would be to use their user ID and password as their login credentials – which we think is the least form of authentication,” says Gary McAlum, USAA’s chief security officer. “Biometrics raises the level of security significantly beyond a user ID and password, but it doesn’t necessarily slow (customers) down. The login process is actually about the same if not faster.”
The free app works on iOS and Android. “At some point, we’re looking at moving it to other channels,” McAlum says. “The first line of focus is on mobile application because today that is our prominent channel of interaction with members.”
Facial and voice recognition biometrics are captured during enrollment. Face recognition has become the predominant biometric for users. USAA also plans to offer a fingerprint option later this year.
After enrollment, the biometrics are then enabled for access. For facial recognition, users look at the screen and blink their eyes when prompted and with voice recognition, users read a short phrase and are then granted access.
Users who decide they don’t like the biometric login can un-enroll and their data will be purged from the system within 30 days. “In today’s threat environment, we just don’t see the future of the common password as being viable for the long-term,” McAlum says. “Identity theft, card hacking, fraud – all of those things are so mainstream anymore that the environment of the Internet is much more hostile from a security perspective. So naturally this was just an evolution of our thinking how can we raise security and not impact the member experience?”