When it comes to accessing your bank account, personal identification numbers — PINs — are starting to seem a little old-school. They’re still important, of course, and users need to guard them from theft like always. These days, however, mobile banking apps rely on fingerprint access, touch ID, and facial and voice recognition to ensure that only the authorized person can use the app.
It’s called biometric identification, and it’s all pretty cool — but is it safe?
How it Works
If you have an iPhone or other device with fingerprint recognition, you already know what biometric identification is. Once your unique fingerprint is stored on the device, you can identify yourself and unlock the device with your fingerprint.
That’s one of the ways banks are using biometric ID to make their mobile banking apps secure. Additionally, they are trying voice recognition so you can be identified — and access your accounts — over the phone. Eventually, you may be able to get cash from the ATM by allowing a camera to record and recognize your face, or even scan your retina. This kind of technology has many exciting applications.
Why the Switch?
Banks find these new, so-called “biometric” security options exciting. That’s because it’s a lot harder to steal a fingerprint than it is to steal a PIN or guess the answer to a security question. 1.6 million banking customers had their accounts compromised last year, and as a result, banks lost $4 billion to fraud in 2014.
It’s not easy for would-be thieves to access an iPad or other device that has fingerprint ID enabled. It is possible to do so, however, if they steal the user’s security code. Fortunately, fingerprint protection on mobile banking apps means that even if a device is compromised, the fraudster is still likely to be frustrated.
Is it That Much Better?
Difficult, unfortunately, doesn’t mean impossible. Biometric identification methods like voice recognition and fingerprint ID are more secure than traditional methods, but thieves aren’t known for giving up when security gets tighter. They may eventually find a way to capture or duplicate fingerprints, or even steal the sound of someone’s voice with a recording. Hackers might learn how to replace one stored fingerprint with another. As the security code example above illustrates, biometric ID is more secure if users remain watchful.
Even if biometric ID is more secure, it’s not perfect yet. For example, you have only one voice and one face. Once a PIN is compromised, you just make up a new one. That’s not so easy to do with a fingerprint, though, or with the sound of your voice.
There are also some problems with this kind of security. For example, anything that changes your voice — a cold, a poor connection — can confuse the system. Your account shouldn’t be so secure that you can’t access it! Similarly, systems that require a scan of the user’s retina can be extremely secure, but low-light conditions and other problems might make scans hard to complete.
Visit usbank.com to learn more about online bank accounts.