Using Biometric Authentication for Customer Verification (KYC)

With a recent rise in identity fraud, correctly verifying the identity of an individual is critical to increasing security and reducing crimes. Biometrics are seen as new weapons against such crimes. With the use of biometric technologies, organizations such as banks are making KYC (Know Your Customer) procedures for customers even more efficient and easy to use. KYC processes are used by these firms to collect and authenticate the identity of their customers to prove their eligibility to access services. Law enforcement firms are using facial recognition to pick out individuals in large crowds with considerable reliability. Industries are using hand geometry to provide people physical access to buildings. Thanks to the spread of smartphones and the incorporation of working finger and iris scanners on today’s gadgets, you can now use your face and voice to open bank accounts and your finger scan to purchase goods and services online. If you are wearing a wristband wearable, you can also use your heartbeat to verify payments.

One of the key driver of using Biometric identification for KYC management is that it inculcates a higher degree of security than manual KYC processes such as passwords, e-mail addresses or PINs which can be hacked using many social engineering techniques and the personal information shared on social media. Forgotten, shared or lost passwords can mitigate security is they come in the hands of fraudsters. Resetting forgotten passwords and typing long passwords and PINs also increases time for companies to on-board and transact with customers and arises frustrations among them.

Biometrics systems use unique characteristics of individuals like fingerprints and voice which not only offer robust security, but also free users from the burden of remembering passwords and PINs.

In recent times, customers can perform banking operations using many alternative delivery channels such as branch banking, ATM, Internet and mobile. Banks all across the world are rolling out biometrics to transform and automate their KYC processes.

Banks are increasingly adopting biometric identification of customers for performing transactions using a mobile device like a smartphone, PC or tablet. Customers can either use the devices’ built-in biometric sensors or attach portable biometric hardware to it through a USB cable or a Wi-Fi connection.

Biometrics for payment authentication using mobile devices like smartphones has been building momentum after the launch of Apple Pay, a fingerprint-powered system for iPhones and the Apple Watch. This feature is used to make mobile POS (point of sale) payments more secure by using Apple Touch ID fingerprint sensor to verify a user’s identity. Users can access mobile banking services without requiring text-based passcodes as they can use their fingerprints as a passcode. Various Android devices also include fingerprint readers, which use different payments systems available in Google’s mobile OS ecosystem including Android Pay and Samsung Pay. Touch ID has now caught the attention of hundreds of banks. SOme of them include American Express, Bank of America, ING Bank, OutBank DE and Deutsche Bank

Biometric ATMs are automated teller machines (ATMs) that use biometrics to identify customers and allow them to withdraw cash or conduct other transactions after a successful fingerprint, finger vein scan, iris scan or a Face scan. Biometric authentication may be the only factor of authentication, or it may be used in conjunction with another factor, such as a payment card, a mobile device or an additional security credential like a PIN. Several countries around the world such as China, Japan and India, are already using biometrics-enabled ATMs. Japan has been an early adopter of this technology. According to a report, the country has deployed more than 80,000 biometrics-enabled ATMs with more than 15 million customers using them.

Many banks are rolling out biometrics across their branches which help people to perform several banking operations such as fund transfers, opening accounts, paying utility bills, and much more. Using biometrics saves staff time, improves customer experience, and increases process efficiencies.

Biometric technology is very well suited to the banking industry and offers significant advantages for the bank and end user alike.

Enhancing security has become a major concern for banks as more and more people are prone to identity frauds. As part of KYC process, many banks required certain forms of identification, such as passwords, national identity cards, passports, birth certificates and driving licenses which are easy to counterfeit. This has led to the rise in identity theft, Internet fraud, money laundering and terrorist financing as we see today.

To overcome this, the banking industry is increasingly looking to biometric technology to enhance security and protect the identity and confidential information of consumers. Using biometrics is a great solution for consumers as it replaces traditional passwords, PINs and security questions with a biometric alternative such as their fingerprint, voice or face. Biometric technology is quite safe, secure and difficult to spoof. Many extra safeguards such as anti-spoofing and live detection are incorporated into the biometric system to prevent access by hackers. Security can also be enhanced by use of multi-factor authentication methods.

Biometrics in banking and financial services helps to shorten transaction time for customers. These systems verify customers quickly and accurately within seconds. Apple’s new Apple Pay app working with its Touch ID fingerprint sensor is a good example of how little time and effort it takes to authenticate a user. All you have to do is just touch the fingerprint sensor and the system gets you authenticated within seconds. Biometrics also reduce the normal time it would take to open a new account, compared to the old manual customer authentication.

Customers don’t need to carry their identification documents while commuting to and from bank branches for transactions. This reduces the risk of theft by fraudsters.

Biometric authentication is quickly becoming popular especially for financial transactions on mobile devices as the functionality is easy to use. While doing transactions with passwords, users get fewer password attempts and if they forget or mistype their password, they may lock their account which leads to frustration. The biometric systems also makes customer authentication in branches and other channels less tedious as they need little or no documentation to transact.

Identifying customers by taking fingerprints and capturing webcam photographs notifies branch staff about the identity of the person who has arrived and can readily have that customer’s information in front of them. Biometric systems also reduce paper consumption costs and time to maintain documentation as all the information would be electronically stored. This saves staff time and increases process efficiency.

Other branch staffs can use biometrics such as fingerprint or voice recognition to log into a system. This enhances security by preventing the use of shared credentials.

To keep the confidentiality of consumers, banks don’t keep the actual biometric samples such as fingerprints scans or eye patterns. Instead, they create templates which are the digital representation of these patterns or complex numerical sequences, and then store these templates. These templates are also encrypted to prevent hackers from recreating the biometric template to penetrate the system.

With rapid innovation in Biometrics technology and many use cases which require advanced security, an increasing number of organisations are turning to use biometrics in order to provide enhanced security and convenient authentication processes to users.

One way companies are enhancing security is by using multi-factor authentication using biometrics to enhance security. In addition, as passwords are often difficult to remember, Biometric single sign-on (SSO) is another great solution for consumers who are not able to recollect multiple passwords that are required to access various accounts.

Many extra safeguards such as anti-spoofing and live detection are incorporated into the biometric systems so that imposters are unable to fool the system. Live detection feature in a fingerprint scanner will require a live person’s finger rather than a photograph of a finger scan to prove the person’s identity. This will prevent a hacker from using a photo to gain access to the services. Similarly, a voice authentication system adds live detection by prompting the user to prove it is not a recording and an eye scanner may require users to blink or move their eyes.

Biometric technology has now become more advanced with multi-factor biometric devices which incorporate an added layer of security to handle and prevent data breaches. Multi-factor authentication uses a combination of something the user knows such as a PIN/password and something the user possesses which is their biometrics including fingerprint, iris pattern, voice. Many biometric ATMs require users to enter a PIN in addition to using their biometric to access their accounts. In addition, some multi-factor biometric devices can capture both fingerprint and finger vein images in one single scan. One good example of multi-factor authentication is the launch of ‘selfie pay’ biometric authentication app from MasterCard. This feature basically enables app users to confirm an online payment by showing their face to their smartphone’s camera. In addition to facial recognition, users can also opt for authenticating their purchase with a fingerprint.

As the world becomes increasingly more digital, the number of passwords people have to manage and remember is becoming a serious problem. To counter this issue, many forward-thinking firms like Microsoft and Intel are using Biometric single sign-on (SSO) feature authentication in their products like PCs and laptops. Biometric single sign-on (SSO) is a biometric user authentication service using which a user logs in with a single ID and password to gain access to a many systems without using different usernames or passwords. This frees users from remembering an array of passwords while allowing them to use a more secure method of accessing a system or database.

Most biometric systems use a single biometric trait to verify identity. Such systems may face some challenges in identifying the individual due to noise captured in the biometric sample or there may be some scenarios where only one biometric may not work. This may increase the chances of miss-identification and reduces the security offered by the system. Multimodal biometric systems use more than one biometrics to enhance verification accuracy and offer higher security against spoofing. One example is a mobile banking app using both voice and face recognition to authenticate user login. Another example could be an access control biometrics system which has both fingerprint scanner and webcam for face scanning. Such a system will be able to use face scanning feature if fingerprints of any employee can’t be taken.

With the use of biometric technologies, organizations such as banks are making KYC procedures for customers even more efficient and easy to use. Biometrics has already hit the mainstream with the advent of more and more devices currently using biometric authentication as a security system. The technology has gradually become a standard for automation of KYC procedures in banks, healthcare, retail, and other institutions. Biometrics are seen to have great potential to transform KYC processes and ultimately deliver a better customer experience.