The search is on for the biometric reader technology that is fool proof and easy to use, requires no extra dongle or device at the point of use that is accurate and works consistently world-wide.
A key variation is whether the technology requires the user to carry an extra device/dongle or not.
No extra device needed
To avoid the problem of asking users to carry a separate device many banks and suppliers have adopted systems that use the mobile which many (most?) customers already carry:
- HSBC in the UK are now using Touch ID from Apple and voice recognition for 15 million customers through a mobile phone:
- for voice recognition, HSBC is relying on software developed by Nuance Communications, the company behind Apple's Siri virtual assistant.
- to use both the finger print and their voice, customers have to record their "voice print” or “finger print”. A key feature for the “print” is in the device. (According to HSBC, the voice recognition software will still work even if a user is sick.)
- Cards and dongles have used to identify corporate treasury users and create unique passwords have been around since the 1990s, but they meant that senior corporate treasury staff have had to carry a bag of these tokens. Citi last year, launched MobilePASS, a new capability enabling users to log in to CitiDirect BE®, CitiDirect BE® Mobile and CitiDirect BE® Tablet by leveraging their smart phones to generate dynamic passcodes, instead of the physical token (SafeWord cards).
- Google is piloting a payment app that uses face biometrics for authentication. The new system is available on Android and iOS devices and uses face biometrics and your phone’s location as two identifying factors to verify it’s you making the purchase:
- The Bloomberg Keyboard includes a built-in fingerprint scanner for biometric authentication.
Separate additional device required
Although we are seeing the ID cards and dongles being replaced, there still important and highly secure technologies that require separate devices.
- Barclays uses a biometric reader - Hitachi’s Finger Vein Authentication Technology (VeinID) which uses infrared light to scan the blood flow in a user’s finger which is more secure than a fingerprint as it cannot be duplicated unlike fingerprints, see
- Bloomberg’s users need to carry a separate reader if they want to access Bloomberg services on a standard PC.
CTMfile take: To identify users biometrically there will always be the problem of how to read/identify the user. Corporate treasury departments are going to be offered for a long time if not for ever both types of solution. It is clear is that biometric identification of users is essential in today’s insecure cyber world because ID and passwords do not provide any real protection, see.