Biometrics: Preparing for a Passwordless Future
Forward-looking organizations are turning to biometrics to prepare for a passwordless future
In today’s digital world, people can accomplish anything they need to online, from banking to shopping. Yet, the popular authentication for this online activity—passwords and PINs—is putting countless Americans at risk for online fraud. Gartner predicted that by 2020, 75% of omni-channel customer-facing organizations will endure a targeted, cross-channel fraud attack.
Companies need to not only protect their business against the cost of fraud and damaged reputation but also take responsibility for better safeguarding the personal information of their customers, employees and stakeholders.
According to a 2019 Harris poll, 66% of Americans reuse the same passwords for their online banking, email and social media networks. This reliance on passwords has shifted from a relic to a liability, both in terms of security and customer experience. Coupled with this increased risk is the demand for convenience. Consumers want access to their accounts, resources and information as quickly and easily as possible. Yet, everyone has experienced the dreaded moment of forgetting that they reset their password and locking themselves out of their account. In fact, the Harris poll shows 75% of Americans say they have trouble keeping track of all their passwords.
So passwords and identity questions are not only insecure and hackable but also frustrating for customers. Worse, many Americans prioritize convenience over security: Less than half (45%) change their password even after a data compromise or breach. To keep customers safe and satisfied, organizations need to mature beyond passwords, numerical PINs and personal history questions, all of which fraudsters can mine for data.
Forward-looking organizations are turning to biometrics to prepare for a passwordless future. Biometric security is the premium alternative to passwords because it eliminates knowledge-based authentication to reduce fraud risk. With this approach, enterprises can protect their customers through a layer of AI-based technologies, including fingerprinting, facial recognition and voice and behavioral techniques that can identify legitimate customers through their individual biological makeup or through information that can be augmented from external factors, such as the device print or location. Rather than typing out a password or PIN, customers will expect to simply say a short passphrase or use facial recognition. This level of convenience delivers instant gratification to consumers, without sacrificing security.
Voice biometrics has already been deployed by large organizations such as national banks, government agencies, telcos and retailers to make the process of authentication safer and easier. It’s never been easier for fraudsters to obtain personal information, perform account takeovers or obtain new products under someone else’s identity. While technology has made our lives easier in many respects, it has also made it much easier for fraudsters to obtain personal information, perform account takeovers or obtain new products under someone else’s identity via the dark web.
Biometric security can fight this fraud on multiple levels. First, biometric technology can constantly monitor customers’ bank accounts and freeze the accounts or send a push notification to another device when suspicious activity is detected. This prompts the account holder to speak a sentence to unlock the session, making it impossible for a fraudster to unlock the session even if they manage to steal the device. If a fraudster notices the account is frozen and tries to call a bank representative, all data from the call will be analyzed to determine if a fraudster is on the line. Algorithms can then detect if the caller is a known fraudster, or if they are using recordings or synthetic speech. If a voice is heard on multiple calls, it can also lead to a voice analysis, potentially IDing a new fraudster and adding them to a blacklist. Being placed on this kind of blacklist makes it virtually impossible for them to perform another attack.
HSBC, the multinational investment bank, recently said voice biometrics has helped it prevent more than £395 million falling into the hands of criminals since it launched in the UK. This is the level of protection that companies and their customers need—especially as the world only becomes more digital. Convenient, secure authentication is already an integral part of the optimized customer experience and will become a differentiator for those organizations that can deliver.
