Authentication is a hot topic more than ever covering many aspects of our lives. It’s closer to our lives and even penetrates our most personal devices. With enough evidence that traditional methods are not enough to provide a safe, trusted authentication, there’s a need for an innovative solution that can bring extreme low friction to the end consumers.
Authentication is a hot topic
Authentication is growing to be a hot topic and an integral aspect of our daily routines, even penetrating personal aspects. Everyday, we enter passwords multiple times to turn on the laptop, use fingerprints to log in to mobile apps, receive One Time Passwords (OTP) to verify transactions. Authentication is everywhere and the need to authenticate ourselves safely and with trust , exists as fraudsters are increasing at an alarming rate.
Fraudsters are increasing at an alarming rate
Fraudsters are getting smarter everyday. From OTP hijacking, device spoofing to sophisticated social engineering schemes, they outsmart the technology. Unauthorized financial fraud losses in the UK alone across payment cards, remote banking and cheques totalled £824.8 million in 2019 while the combined worldwide figures for credit card fraud stand at an alarming $27 Billion. These circumstances demand that fraud is prevented at the earliest of customer interaction and customers are protected by better authentication methods.
Passwords are unreliable
- Passwords are the root cause of over 80% of data breaches
- Up to 51% of passwords are reused
- The average user has more than 90 online accounts and mostly forget passwords
- 1/3 of online purchases are abandoned due to forgotten passwords
- 50% of users abandon their online banking transactions due to the hassle and friction caused by passwords
- $70 average help desk labor cost is spent for a single password reset
(Source FIDO alliance)
One Time Passwords (OTP) are not the answer
- SMS is not reliable. NIST strongly recommends against its use
- Cost is higher
- Increasing social engineering OTP scams
In device biometrics data are not secure enough
- Dependence on device manufacturers for sensitive authentication solutions is too risky
- Vulnerabilities of the large range of devices expose doors for fraudsters to break in
- Many financial regulators are strongly against using in-device biometrics
- Depending on the capabilities of the user device is a too much compromise
The world needs stronger, friendlier authentication
Mandates such as 3D Secure 2.0’s requirement for 2 factor authentication (2FA) will drive merchants and banks to adopt biometrics to make the payment experience smoother across a variety of platforms. Ubiquitous biometric sensors, present in many mobile devices, are in the forefront driving this wide adoption of biometric authentication. Yet, a widely unspoken, far unseen problem stands in the way of secure authentication. Can we extensively depend on in-device biometrics when it comes to crucial authentication processes?
Advantage of FaceAuthMeTM
Zone24x7’s facial biometrics solution FaceAuthMeTM is a secure, low friction solution that addresses the needs for Strong Customer Authentication (SCA) now and for the future. FaceAuthMeTM uses the person’s face to authenticate access using any device’s camera. This is done quickly, seamlessly, and a low-friction high secure method. FaceAuthMeTM uses sophisticated machine learning and AI algorithms that capture intelligently facial biometrics and other data of the customer to uniquely identify a genuine customer from a fraudster. FaceAuthMeTM provides a one-stop, seamless authentication experience for all authentication needs.
The novelty and innovative edge
– No dependency on customer’s mobile phone
While most existing biometric authentication solutions heavily rely on the capabilities of customers’ mobile phones, FaceAuthMe is an off-the-device solution. There is no dependence on device manufactures, brands or 3rd party software vendors. Further, this enables FaceAuthMe to run on devices with extremely low processing footprint
– Device agnostic, OS agnostic
FaceAuthMe is completely device agnostic, where it works on any device with a camera and an internet connectivity. The mobile phones, tablets, laptops or even desktops can be easily utilized in the authentication process. Further, reaping the benefits of being device and operating system agnostic, FaceAuthMe can run on non-personal device use cases such as POS terminals, ATM machines etc.
– No action required from the end user
A key element in biometric based authentication is to verify if the user is live (Liveness), as fraudsters can easily impersonate a genuine customer with images or videos. In order to check liveness, most competitive solutions ask the user to do something in front of the camera such as, smiling, winking, turning the head sideways etc. Advanced machine learning and artificial intelligence algorithms in FaceAuthMe make sure that no action is required at all for liveness verification, ensuring extreme low friction.
– Authenticate with just a selfie
Taking a selfie is now standard and familiar to almost all the demographics. While most existing products depend on complex, data heavy inputs such as videos and collection of image bursts, FaceAuthMe innovates the customer experience by taking just a selfie. The in-house developed artificial intelligence/ machine learning algorithms are powerful in calculating if an end user is genuine or a fraudster, just by looking at a single image.
– No software/app needed – FaceAuthMeTM is not a mobile app
Many biometric solutions, that boast about biometric authentication in the existing market, depend heavily on special software applications developed to achieve the purpose. This adds a friction factor to the end customer where software needs to be downloaded and installed. Research clearly says that the penetration of mobile phone based apps is quite low (about 30%) even if the customer has a suitable mobile phone. FaceAuthMe, being a browser based application, removes this need for installing software and authenticates seamlessly.
– Privacy by design and by default
FaceAuthMe considers privacy of the end customers quite seriously. Usage of pseudonymisation of customer data and encryptions used at data transfers makes sure that FaceAuthMe follows data protection by design. Its strictest privacy settings are applied by default, without any manual input from the end user. Personal data is kept for a definite period of time and it’s privacy friendly to the end customer making FaceAuthMe follow data protection privacy by default.
Being a proud Sri Lankan, inhouse developed product, FaceAuthMe is changing the status quo of how authentication is done at most secure levels. It’s innovative approaches in providing world class facial biometrics help achieve a low friction authentication while ensuring the security aspects, thus having a clear distinction with its competitors.