Consumer interest in biometric banking is very strong in the UK right now. According to one recent study, 56 percent of UK customers actually prefer biometrics to traditional authentication solutions like passwords — even though there is still some general confusion among customers about how biometrics work.
Another study found that British consumers are almost twice as likely to trust banks over government agencies with storing and keeping biometric data safe.
There’s just one problem:
In order for customers to move beyond passwords and use biometric technologies, banks need to provide access to them. And there are still some mixed feelings in the financial community about the role that biometrics should play in authenticating logins and transactions. Many people still believe that passwords are better for protecting consumer accounts.
Passwords vs. biometrics: The debate is on
Consumer demand has forced the conversation to move forward. Recently, the Digital Banking Club (founded by Intelligent Environments, the digital financial services providers) gathered at the Law Society, London to address the motion “This house believes the password will never be replaced by your body.”
The debate was chaired by Retail Banker International Editor and Digital Banking Club Chair, Douglas Blakey. Guest panelists from Forrester, Fujitsu and Intelligent Environments spoke for the motion, while representatives from Secco, DWC and MasterCard spoke against it.
Before the debate, 42 percent of people agreed that the password will never be replaced by the body. But after the debate, just 19 percent agreed with the motion.
Opinions about biometrics varied from expert to expert. For example, some panelists voiced concern over false acceptances (FA) and false rejects (FR) in biometric systems. There is a small risk, in other words, that a biometric solution could malfunction and grant access to an imposter or reject the right user. This problem, however, can be addressed by embedding multifactor security layers. If one layer is breached, a hacker will still have to enter further credentials.
What’s more, some technologies — like VoiceVault’s voice biometric identity verification — come with very low FA and FR rates. VoiceVault guarantees a FA rate of just 0.01 percent, and a FR rate of less than 5 percent. Not all biometric technologies will offer the same level of protection.
We can also argue that false acceptances and rejects happen all the time with passwords when accounts get hacked, or locked.
Will we ever see beyond passwords?
It largely depends on who you ask. Some of the panel at the Digital Banking Club debate, believe that while biometrics will be popular, passwords will never be completely replaced. However, other panelists argued biometrics will eventually replace passwords, but in time.
One panelist likened favoring passwords over biometrics to favoring a horse and cart over a car. The technology is outdated, inefficient and insecure. The same panelist mentioned a study from the Netherlands, conducted by Mastercard, where nine out of 10 participants indicated they would like to replace their passwords with biometrics. And almost 75 percent of users are convinced that biometric security will decrease fraud.
What was interesting is that every single panel member used their iPhone fingerprint scanners to access their debate notes on the podium…
So, should your bank abandon passwords right now?
For now, you don’t have to worry about replacing passwords altogether. But you can look beyond passwords and start phasing them out with biometrics, which can coexist nicely with passwords.
Your best bet is to give customers a variety of different security options, and let them choose the ones they are most comfortable with. If you try to force any technologies on them, you are liable to experience negative blowback.
View highlights of the debate below: