Identity, biometrics, and authentication took center stage at the world's largest payments & financial services innovation event
The BioCatch team attended Money 20/20 2017 earlier this week in Las Vegas, an annual gathering of innovators from across the payments and financial services spectrum who are inventing new ways to spend, manage, save, borrow, share and protect money. For those focusing on security and the user journey in payments and banking, this year’s conference did not disappoint.
Identity Takes Center Stage at Money 20/20 2017
Walking around the Money 20/20 2017 show floor, one could not take more than three steps without seeing yet another sign or display touting “identity”, “biometrics”, “authentication” or a related topic. Driven by the continued drumbeat of data breaches that are driving new account fraud and account takeover, online banking product managers and P2P players are faced with serious challenges to manage KYC requirements, strengthen authentication and protect consumers and assets.
The password is dead (or quickly dying) and the show floor provided evidence of what digital identity will mean in the future. The joint Samsung SDS Nexsign and BioCatch demo illustrated how payment apps can give consumers a seamless and secure experience without an active login. The solution provides continuous, risk-based authentication to ensure that a transaction is being conducted by a legitimate user.
In the demonstration, a user would be inside a payment app and attempt to do a money transfer simply by selecting the recipient, entering the transfer amount and a short memo through several swipes. If the behavior matched the profile that was previously established, the transaction would go through. If the system detected an anomaly, the user would get a request to provide an additional form of identity – i.e., a step-up authentication via face, fingerprint or voice biometrics.
With no PINs or passwords, the Samsung SDS Nexsign platform allows developers to establish their own policies for the login authentication and the step up, with BioCatch passive behavioral authentication running in the background for maximum security. With real-time payments coming in 2020, and security concerns holding users back from using mobile payments, these type of continuous, risk-based authentication security schemes will become standard fare.
Biometrics Dominated at Money 2020 2017
From Frank Abignale’s “Catch Them if You Can, Perspectives on a World Without Passwords” presentation, to FIDO, Biometric Fintech and finally, Wednesday’s workshop on Identity & the Future of Money, biometrics were a key part of the conversation on making tomorrow’s payment infrastructure secure and trusted.
One of the early questions in the conference centered around the risk of attaching a fingerprint to a record created with stolen personal data. Over and over, panelists and speakers talked about passive, frictionless ways to distinguish authorized users from fraudsters, and end users responded with plans to incorporate stronger authentication measures.
There was overall skepticism towards a single modality approach, like what Apple is doing with FaceID, and multi-modal options optimized to the user or use case were preferred. Behavioral biometrics, in particular, emerged from obscurity and into the mainstream. Sophisticated social engineering techniques, fileless malware and other Trojans are an ongoing concern for financial institutions, and they need solutions for balancing the convenience and ease of use of their mobile banking and payment apps with strong cybersecurity. Participants of Money20/20 2017 walked away with an appreciation for passive, behavioral biometrics that works across platforms and is resistant to emerging cyberthreats.What an exciting week! Join us as the conversation continues on November 8, when we will be participating in a webinar hosted by findbiometrics.com. Register here.