Towards a safer and a trusted authentication

At a time where fraudsters are growing at an alarming rate, authentication is becoming a hot topic in almost all aspects of our life. It is now linked to our life more than ever. Everyday we enter passwords multiple times to turn on the laptop, use fingerprints to log in to mobile apps, receive One Time Passwords (OTP) numerous times to verify transactions. But are they providing enough security while providing a low friction experience?

Why is authentication a hot topic?

Authentication is growing to be a hot topic in almost all aspects of our life. From turning on the mobile phone when we get up, to doing an online credit card transaction, authentication has become an important aspect of our life. Authentication is now linked to our life more than ever. Everyday we enter passwords multiple times to turn on the laptop, use fingerprints to log in to mobile apps, receive One Time Passwords (OTP) numerous times to verify transactions. Authentication is everywhere and the need to authenticate ourselves safely and with trust is felt by everyone. The reason is the increase of fraudsters at an alarming rate.

It is an open secret in the authentication context that fraudsters are getting smarter everyday. From OTP hijacking, device spoofing to sophisticated social engineering schemes, fraudsters are finding better ways to outsmart the technology. Unauthorized financial fraud losses in the UK alone across payment cards, remote banking and cheques totalled £824.8 million in 2019 (UK Finance 2020) while the combined worldwide figures for credit card fraud stand at an alarming $27 Billion and rising according to the Nilson report (The Nilson Report 2019). These circumstances demand that fraud is prevented at the earliest of customer interaction and customers are protected by better authentication methods.

Strong Customer Authentication (SCA)

In the context of banking and financial services, strong authentication uses multiple methods of factors, to verify the identity of the user.

  1. Possession – Something the user has such as the personal mobile device, a hardware token
  2. Knowledge – Something the user knows and shared between the user and the financial entity, such as a password, a pin or an answer to a security question
  3. Inherence – Something the user is such as their  biometrics i.e. behaviour, fingerprint, face, voice.

As the number of authentication factors increases, it becomes difficult for the fraudsters to impersonate legitimate users as multiple tactics need to be deployed for a targeted attack. If you would like to read the original SCA requirements, they are set out in the Regulatory Technical Standards for Europe.

Why is Inherence the best 2nd factor authentication

The number of organizations moving into SCA for user authentication is increasing to fight fraud. But one common understanding between all these organizations is that traditional authentication methods, of knowledge factor, are proving to be less effective in the authentication process. According to VISA passwords are dying and thus less promoted. A customer survey done in the USA has concluded that out of abandonments of online purchases, 49% are due to  the fact that customers can’t remember their passwords.

Source : (VISA 2017)

As customers are now becoming more comfortable with new forms of biometric authentication methods, common frustrations of forgetting passwords will be soon a thing-in-the-past. Inherence based authentication methods such as facial biometric authentication are proving to be faster, safer and easier compared to the traditional use of passwords or PINs, which are difficult to remember and easy to steal. 

The above survey has further revealed that more than 65% of the customers are already familiar with inherence based authentication. But out of many inherence based authentication methods, which would be the best?

Face is the way forward

Whilst there’s no silver bullet in the authentication world, there are many promising solutions. Above all Fingerprint identification, Facial biometric and behavioral biometrics play a key role. Organizations are yet to embrace behavior biometrics into their solutions due to the inherent issues such as not enough empirical validations and privacy issues. For instance strong relations to cognitive function may uncover undesirable aspects for public disclosure information, such as illnesses. 

Further we’ve seen prominent organizations such as Apple moving away from fingerprint based authentication methods lately for facial biometric based solutions. According to Apple the chances of a random face unlocking your phone are 1 in 1,000,000 while the risk of a random finger unlocking your phone is 1 in 50,000 (Apple 2020). This claims that Face is 20x secure than the fingerprint. Unless you have an identical twin, Face can be the way forward.

FaceAuthMeTM – a secure, low friction solution

Zone24x7’s facial biometrics solution FaceAuthMeTM is a secure, low friction solution that addresses the needs for Strong Customer Authentication now and for the future. FaceAuthMeTM uses the person’s face to authenticate access using any device’s camera. This is done quickly, seamlessly, and a low-friction high secure method. FaceAuthMeTM uses sophisticated machine learning and AI algorithms that capture intelligently facial biometrics and other data of the customer to uniquely identify a genuine customer from a fraudster. From secure access control to when a customer is making a risky transaction or using their credit card (e.g. to pay for an airline ticket), organizations are required to authenticate customers using SCA. FaceAuthMeTM provides a one-stop, seamless authentication experience for all of these authentication needs. If you want to find out more about FaceAuthMeTM or request a demo, please follow us here.

References

Thilina Bandara

Tech Lead – Cognitive Machine Learning


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.