“Build a better mousetrap and the world will beat a path to your door,” has become “a metaphor about the power of innovation,” says Wikipedia, suggesting that improvement upon product or service will reap rewards.
Ever-evolving fraud and security problems are one area in which better mousetraps might be helpful. Tech-savvy villains are creative in their deceptive tactics, and financial institutions need to find high-tech techniques to thwart their nasty endeavors.
Indeed, consumers have little tolerance for security breaches. Providers will feel the effects of discontent.
According to a CNBC article, “Millennial Customers Will Flee if Their Bank Accounts are Hacked.” One incident is sufficient to lose a millennial, according to a FICO survey.
“The study showed that 29% of millennials will close all accounts with that bank after an incident, compared with about 22% of all U.S. consumers.”
But fraud damage doesn’t stop with the loss of an account.
Millennials will voice their unhappiness on social media. One in four will comment online if the situation was handled poorly “and another 21% would actively discourage their friends and families from using that bank.”
A FICO product manager says consumers want “greater protection from fraud and identity theft... It’s clear that fraud prevention and communication are more vital than ever.”
This week, a look at one fraud mousetrap: biometrics. Are they effective? How do financial providers implement them, and what is consumer response?
‘A mouse does not rely on just one hole.’ --Plautus, Roman playwright
“More Banks Turn to Biometrics to Keep an Eye on Security,” says a NerdWallet article, which identifies four biometric strategies to help protect consumers:
1. Fingerprint identification allows consumers to access accounts on mobile devices without passcodes. Fingerprints are unique, but security may be compromised as some smartphones allow for storage of multiple fingerprints so that multiple people might access account information.
2. Voice authentication evaluates 130 voice characteristics in seconds. As of late 2015, Citi had signed on 250,000 customer voiceprints.
3. Face recognition may require capturing a blink, to prove live imaging and discount a fraud attempt with a photograph. This technology can be used to make purchases.
4. Iris scanning ATMs are “the second-most reliable biometric next to a DNA test” and technology is not deceived by photos, videos, “or even a disembodied eyeball.”
“Goodbye, Password. Banks Opt to Scan Fingers and Faces Instead,” says The New York Times. Big banks are increasingly implementing biometrics because passwords “are either too cumbersome or no longer secure.”
USAA, for instance, is able to recognize customers via their facial contours.
Although banks acknowledge criminals could determine how to pilfer biometrics, “banks are convinced they offer more protection.”
“We believe the password is dying,” says Tom Shaw, vice president for enterprise financial crimes management at USAA. “We realized we have to get away from personal identification information because of the growing number of data breaches.”
Smartphones are thought to provide additional protection as particular phones allow particular people to access accounts.
“If you have your phone and you are authenticating with your fingerprint, it is very likely you,” a biometrics expert observes.
Other biometrics are also consulted, and greater applications implemented.
“A new generation of tools beyond fingerprints and iris scans can measure qualities like body temperature and blood circulation at short distance and without alerting the subject,” says Fortune.
Analytics of such data prove useful. One bank noted “a spike in suspicious bank account applications occurred around the same time every month” and it was linked to local shipping records to determine the applications coincided with arrival of an international ship.
“Such records are just one of hundreds of external data sets that banks can use to spot patterns,” the article notes.
‘The cat with gloves catches no mice.’ --Navjof Singh Sidhu, Indian member of Parliament
Clearly, financial institutions find biometrics helpful in combating fraud. But what do consumers think?
“Verifying people via biometrics will likely become the norm at some point, but plenty of people are not quite interested yet,” says American Banker.
Gartner conducted a digital banking study to discover many people didn’t know their bank offered Apple Touch ID logins. Consumers also liked the comfort of usernames and passwords due to their sense of familiarity with the identification process and were happy to use it as an extra step.
“Even with the base stuff, like Touch ID, it’s certainly gaining momentum but still has a long way to go,” says a Gartner analyst.
Still, banks move ahead with biometrics as a way to offer customers security options. Again, millennials prove influential as this cohort expects services like eye-scanning authentication. In self-identification via mobile, 61% of millennial prefer fingerprints and about one-third would use facial recognition.
In order to alter consumer behavior, however, security solutions must be “better or easier than the existing services,” the article notes.
Another consumer view is that “Biometrics Are a Grave Threat to Privacy,” according to an article from The New York Times.
Biometrics provide “incredibly sensitive information” not only due to their uniqueness, but also to their permanency. One will not be replacing one’s fingerprint, the article notes.
Banks and other financial institutions using biometrics say they do not store the information, but rather the converted authentication codes. However, a growing number of data breaches “cast doubts on those kinds of promises,” and risks need to be addressed in regulation, design, and implementation of biometrics.
Another fear is that biometric data could be sold for location-based marketing, creating a consumer protection issue.
Biometrics could also follow people in real time.
“Walking down the street would become more and more like browsing the web, with every move recorded and filed away into highly detailed profiles about each individual’s personal preferences, financial status, political affiliation, and medical conditions,” according to The New York Times article.
The topic is here to stay, says the article, and consumers “should not be left powerless against profound threats to privacy and financial security.”
‘I hate mice. They move so fast.’ –Matt Czuchry, American actor
Fraud evolves as villains increase “both the frequency and methods used to target individuals and businesses,” notes Bankless Times.
Five trends financial providers might monitor in the second half of the year:
1. Call centers will become a “point of attack”;
2. Self-enforcement will prevail as financial institutions protect themselves;
3. Legislation will be a changing landscape as lawmakers address enterprise businesses and financial institutions;
4. Fraudsters will use new channels like consumer W-2 requests to attempt fraud—such methods are unfamiliar and people don’t suspect fraud problems; and
5. The industry will search for the ‘”silver bullet” which is elusive. Providers investing in fraud mitigation will be a step ahead of those who don’t.
Biometrics provide innovative avenues for financial institutions to protect their own reputations as well as consumer data.
This technology, however, is imperfect. Ironically, consumer privacy may be threatened in attempt to keep sensitive financial data secure.
Finally, the sense is that dedicated fraudsters will find eventually workarounds. Ultimately, providing security remains a work in progress. As noted at Bankless Times, “The reality is, any time you build a better mousetrap, all you get is smarter mice.”
LORA BRAY is an information research analyst for CUNA’s economics and statistics department . Follow her on Twitter via @Bray_Lora and visit the CUNA blog, The Research Roundup: Economic Perspectives.