Think selfies are just for the kids and the Kardashians? Think again. FNB says they are also for opening bank accounts and performing a range of other financial transactions. The bank is not alone: the Department of Home Affairs says facial recognition is a key part of its new Automated Biometric Identification System (ABIS), which will help consolidate South African and foreign nationals’ data into a single database.
Voice recognition, too, is starting to become more prevalent. Insurance company Discovery now allows members to authenticate themselves at its call centre with a pre-recorded voiceprint. And don’t forget the humble fingerprint: FNB, again, announced the roll-out of fingerprint-activated ATMs in townships and rural areas.
Collectively these identifiers – plus your irises, ears and palm veins – are called biometrics, and are increasingly being used to add an extra layer of security for preventing fraud. Biometrics are far from perfect (see “Bio-accuracy”), so are usually used in conjunction with something else: three-factor security would be combining something you have (a bank card or smartphone); something you know (a PIN or password) and something you are.
Proponents believe that biometrics will make life both easier and more secure for customers and companies. In call centres, for example, voice biometrics should cut down on the number of security questions agents perform – if the system doesn’t recognise your voice, it will prompt the agent to start asking for other ways of confirming you are the account holder.
“Let’s kill the complexity, make it really convenient and easy, and make it more secure – that’s the dream,” says Tim Collins, head of the Innovative Solutions Group at TransUnion, which is repositioning itself from being a credit bureau to an information risk company, and offers voice biometric services to its end-users and corporate clients.
Voice biometrics is finding a good fit in call centres, says Collins, partly because it’s easy to do.
“You can put it into a call centre without much interruption to the staff or the customer,” he says. “It’s not just a factor of things such as acceptance rate and rejection rate. It’s also about how easy it is to roll out, how effective it is, how cheap it is, and how easy it is for people to use.”
But surely a good recording can just hack a voice verification system? Just as fingerprint sensors now have “liveness” tests to look for subcutaneous blood-flows, so voice biometrics are designed to check they are listening to the real thing.
“A good voice system will look at two things,” says Collins, “the physiological sound and the behavioural element – how do I speak in terms of the phrases I use and how do I come across. Voice authentication uses both of those things.”
FNB first introduced biometric authentication in its branches in 2011 for certain transactions. It’s new fingerprint-enabled mini-ATMs, called TouchPoint, are part of the bank’s plan to extend banking services to the previously un- and under-banked. They work with the eWallet eXtra account, which allows customers to carry out transactions and buy airtime and electricity without plastic cards or a visit to a branch.
“We believe that the use of biometrics will go a long way to mitigating fraud,” said Raj Makanjee, CEO of FNB Retail.
The bank’s new facial recognition is aimed at individuals and businesses who want to switch to FNB easily, and allows them to skip much of the initial proof of identity. The image, which is captured in the mobile app, is cross-referenced with the citizens’ database at the Department of Home Affairs.
“We have been collaborating with Home Affairs as customers’ identities need to be verified with the department. We believe there’s more room for further collaboration in this regard,” says Makanjee.
Depending on how companies implement biometrics, it might be a bit soon to bid farewell to the PIN and the password just yet though, as bimodal authentication implementations, say voice and a PIN, are likely to still feature.
“While the use of biometrics is increasingly becoming a global phenomenon, the use of PINs for transactions is by no means outdated,” says Makanjee.