For decades, the U.S. financial industry has toyed with heavier integration of physical characteristics as a proof of identity. Over the last five years, the clamor to do so has progressively increased, with little to show for it. Even with the hype, most people have limited interaction with any biometric system on a regular basis.
One was inclined to say that biometrics are the authentication of the future – but probably always will be. That changed last fall with the announcement of Apple Pay, which secured fingerprint authentication a prominent place in financial markets.
More recently, USAA rolled out national use of facial and voice biometrics for their mobile app with truly impressive participation. Over the past month, upwards of 100,000 of USAA’s four million mobile users began using the new biometric authentication. Initial reports are positive, with strong user feedback and high accuracy being reported. There are multiple reasons as to why financial institutions are turning to biometrics to secure mobile logins.
The first and most obvious reason is that passwords are incredibly ineffective as authenticators - in fact, the growing use of mobile devices, with their cramped keyboards, has only worsened the security value of passwords as smartphone and tablet users are 25% more likely to reuse passwords across multiple logins than the average consumer. The second reason would be usability - again, passwords are cumbersome to enter on a mobile device, whereas most biometric solutions are considerably more user-friendly. And finally, one of the largest impediments to the adoption of mobile banking has been security concerns on the part of consumers.
Biometrics provide for a conspicuous solution that can bolster the security image of mobile banking, helping increase consumer adoption of this low-cost channel for financial institutions. While the growing prominence of biometrics is an undoubtedly positive development, one should not expect it to take the financial world by storm any time soon. U.S. financial institutions are hyper-conscious of FFIEC guidelines on authentication, which for better or worse have yet to specifically address the mobile channel. Fortunately there has been some guidance on the use of biometrics, all relatively positive, but as bankers tend to be a conservative lot this has still been a bit of an impediment.
Overseas financial institutions were among the first to put biometrics through their paces, including voice recognition for the phone channel in Europe and Australia and palm scanning at ATMs in Eastern Europe and Japan. The top concern that American consumers have regarding biometrics use is privacy, but given that privacy is also such a big issue in Europe (as demonstrated by their significant data privacy regulations) I don't think that this concern makes us any different as far as willingness to use biometrics.
According to Javelin data, Americans also trust their primary financial institutions with their biometric information more than they trust any other institution or organization, which gives the financial industry a clear advantage in increasing the acceptance of this form of ID. As biometric solutions are integrated across a wider array of financial channels consumers will become more familiar and more comfortable with this technology. When this happens, we can expect the current trends to accelerate with greater pressure on institutions that principally rely on unwieldy or outmoded authentication. In the next two to three years biometrics will be relatively commonplace for financial applications, with other consumer applications following not long after.