KYC & BIOMETRICS
Cracking the bio matrix Is friction-free banking possible? Fergal Coburn, Chief Digital Innovation Officer for AIB, discusses how it’s accelerating the journey for customers while strengthening security with biometrics As every bank customer knows, security is usually the enemy of speed. However, although online and mobile communications have enabled swift and easy access to a wide range of financial services, security must never be sacrificed to convenience. Hence the development of strong customer authentication (SCA). Now that security has been forced to catch up with technology, the challenge is to protect customers without losing the benefits of digital transformation. In other words, how do you tighten controls without introducing friction to banking and undermining user experience? For Allied Irish Bank (AIB), the largest retail and commercial bank in Ireland, the challenge is being met through transformation programmes led by Fergal Coburn, AIB’s chief digital and innovation officer. Coburn has a wide-ranging role that spans both retail and commercial needs. As he explains: “I cover all our digital www.fintech.finance
channels and customer segments, including mobile, internet banking, our payments and cards development products, open banking services and, particularly, our future application programming interface (API) capabilities.” Although the deadline for complying with eCommerce SCA – part of Europe’s revised Payment Services Directive (PSD2) – has been progressively pushed back, with the latest extension due to COVID-19, there will be no escaping the new security regulations. SCA means that the vast majority of online card payments in the European Economic Area (EEA) must satisfy two-factor authentication. The need for transactions to meet two out of three possible checks (something you know, something you possess and something you are) has increased the possibility of friction. ‘Something you are’, also known as the ‘inherence factor’, is best served by biometrics, such as fingerprint, voice or iris recognition. When it works as intended, biometrics is a swift and seamless solution. And, Coburn says it must be applied more widely if the industry is to ensure that SCA doesn’t become a drag.
The alternative, knowledge-based solution – or password approach – is not only clumsy and time-consuming, but passwords are also easy to forget and often have to be reset. And that, as Coburn points out, is becoming more demanding because of the different password standards and characters that are required. “Biometric techniques – face ID and touch ID in particular – can remove a lot of the friction, although there are many solutions and it’s difficult to always know which is the best to apply,” says Coburn. Is there also a reluctance to use biometrics because of privacy concerns? “Trust is a factor,” he agrees, “and the latest research suggests that only one in three people is comfortable using biometrics.” But the advantages are hard to deny. “You don’t have to reset biometrics,” he says. “It’s a control that’s fixed and unchanging, and it’s detached from the service you’re using. Traditionally, both the service you use and your authentication credentials are stored together. Now, an important separation is happening.” Because biometric recognition is seamless and instant – no PINs to remember and key in – it provides a positive user experience. Issue 18 | TheFintechMagazine
17