Technology / Behavioural biometrics: The future of secure payments?
Behavioural biometrics: The future of secure payments?
27 July 2016 |
The security of payments is constantly evolving, with the use of static biometrics increasing through methods such as iris scans and finger print recognition.
However, although this form of payment is arguably more secure, there are certain aspects that could be deemed inappropriate or inconvenient for a retail environment.
New alternatives that use biometrics but in a less intrusive way are being suggested, including behavioural biometric software, which builds a profile of mobile online shoppers based on how they interact physically with their phone. This is achieved by collecting data on identifying factors including the angles at which individuals type on their phones and their typing speeds.
Neil Costigan, CEO of behavioural biometrics firm BehavioSec, explains how the software works: “With behavioural biometrics, the idea is transparent analysis of how a person is interacting with their device or their website. We can analyse the behaviour and with quite high confidence determine the person is who they say they are.
“It reduces this friction and the steps so at the end of that checkout after buying products you’re not asked, ‘Can you remember this password?’ If we’ve watched you using the shopping cart, payment wallet or banking, for example, and we’ve already figured out it’s you, we can cut that step.
“This is good for the consumer because they don’t have to remember lots of passwords or find tokens and remember which ones you used for that site before, but also for the info-merchants and banks. There’s a huge amount of drop-off because of people getting challenged with security.
“So every step along the way there’s a reduction for the amount of people who proceed with the transaction and complete the overall process. We’re taking out that step as well so it’s good for both the consumer and banks and merchants.”
Behavioural biometrics are not only improving the security of payments with more personal ways to access accounts but also enhancing the customer experience. It is becoming more apparent that different types of biometric services are appropriate in different settings.
Costigan explains: “Do we want to queue at the store and drop everything to stick a phone in our eye to take a picture? It just doesn’t seem to be a pleasant experience.
“This type of high-end security can be appropriate for things like enterprise access or nuclear secrets, for example, but it just doesn’t seem that that same technology, which is really awkward and quite cumbersome to use for a lot of people, needs to be in a more consumer retail environment.”
A common concern raised by consumers is the potential lack of security a biometrics system could create if there is a breach. It is not as easy to change your natural typing pattern, for example, as it is to reset a password.
Costigan explained the precautions biometric systems take to avoid breaches: “What you have to remember is what happens if it doesn’t work is that you’re back to where you started, so you are then asked to find the calculator, find the smart code, so this is all part of the adapting system. If things don’t look right to the technology it will adapt.
“Every time you have to have that one-time calculator it’s only when the behaviour doesn’t look right. So if the system can’t determine the person, they’ll lock them out and lock it for a while. It’s akin to when you’re using your credit card.
“If you’re consistently buying the same products at the same price in the same shops it’s fine but if you’re out of the country and you buy something really expensive then they’ll challenge you – that’s really how it works.”
The technology used for this form of biometric security currently collects data surrounding customers’ basic interactions with their mobile devices. However, biometric services are increasingly being used in other industries, including marketing.
Though information collected by biometric software for financial transactions has not yet been considered specific enough for marketing purposes by companies like BehavioSec, there is potential for it to be relevant in the future.
Costigan said: “Marketers are trying to identify and figure out their shopping habits, consistency of use and their profile. It’s not really possible with something like a behavioural.
“We’re really just talking about the way they touch a screen or how rigorously they’re typing. It doesn’t really give marketers anything unique from that person. There might be more consistency in young people in their use, for example, but I don’t think it’s enough to base marketing and advertising decisions on. It may do in future.”
Behavioural biometrics are already in use in countries including Sweden, Norway and Denmark, and are set to be more widely used in the UK. This form of payment security is set to improve the payment process for customers and increase security through its use of more personal ways to access accounts.