Bank Systems & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


12:13 PM
Jamie Cowper, Nok Nok Labs
Jamie Cowper, Nok Nok Labs

Biometrics and Mobile Payments Security

The payments industry needs to consider how to support new and emerging biometric technologies.

Last month saw the launch of the Apple iPhone 5S, with an integrated fingerprint sensor, Touch ID. Much has been written about Apple’s intentions; all we know for certain is that today you can use the fingerprint sensor to unlock the device and to make purchases via iTunes and the App Store. If, as expected, Apple does allow 3rd-party developers access to Touch ID, then can we expect to see this technology used to enable mobile payments?

There is a growing shift towards the use of biometrics to support both login and transaction verification, this is occurring for number of reasons:

-- New capabilities in modern devices – Apart from the Apple fingerprint sensor, the latest generation of smartphones contain a wide-range of sensors that can be leveraged to help identify a user – these might include high quality cameras to perform facial recognition, or microphones to support voice biometrics. Of equal importance, they contain embedded secure elements and secure Operating Systems to support the secure creation and storage of biometric templates – a smart card within your phone.

-- Increasing sophistication of Biometric technology – Historically most implementations of biometrics have been focused on secure building entry or border control. These use cases assume that the user is being observed as they enter their credentials, a very different scenario to the remote authorization of a payment via a mobile device. We have seen the biometrics industry react to these new business opportunities by improving their algorithms and introducing anti-spoofing capabilities, to try and limit fraud.

-- Broad distribution – Laptops with fingerprint sensors have been shipping for more than 10 years, without seeing significant usage. The problem has always been the same – what can you use them for? Until now it hasn’t been possible to use the fingerprint sensor on your Windows PC to shop online, access your online bank or perform any of the other functions that we typically use passwords for, there has been no incentive for Payment Service Providers to support individual solutions. Apple’s introduction of biometrics to a mass-market device has the potential to alter this situation. We are already seeing some of the major Android phone manufacturers being linked to biometrics, and the expectation is that tablets will follow this. Microsoft is also looking at this space, with Windows 8.1 offering enhanced support for Fingerprint Sensors.

The main challenge and opportunity around biometrics is around consumer acceptance. A new survey, sponsored by PayPal and the National Cyber Security Alliance, published recently suggests that consumers are comfortable with the idea of using biometrics instead of passwords. The survey showed that 53% were happy to use fingerprints, with 45% preferring retinal scan and 41% with photo identification. These results are not dissimilar to a survey which we conducted with the Ponemon Institute earlier in the year, where the majority of respondents in the UK, Germany and the United States were happy to use biometrics with Banks and Credit Card companies, amongst other trusted organizations.

The payments industry needs, therefore, to consider how to support new and emerging biometric technologies. Both the regulators and the industry groups must consider when biometrics are a sensible replacement for the traditional username and password to allow Payments Service Providers to take advantage of the new technology present in their customers’ hands.

Jamie Cowper is Senior Director at Nok Nok Labs

Register for Bank Systems & Technology Newsletters
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.