Biometric authentication will be in widespread use by financial institutions and online merchants by 2015, a payments-security expert predicts. “We’re at the threshold, it’s going to be common in the next year or so,” Al Pascual, a senior analyst at Javelin Strategy & Research, tells Digital Transactions News.
Pascual forecasts that voice recognition will be the first such technology to be widely deployed. “Voice will be first out of the gate,” he says. “It’s a flexible solution, easy to deliver, and there’s not as much of a learning curve [for consumers].”
Already, vendors of authentication solutions are introducing systems incorporating technology that matches spoken words with previously recorded voice patterns. This week, for example, Chicago-based Authentify Inc. launched its xFA app, which allows mobile-device users to secure transactions with voice recognition along with an exchange of digital certificates.
If Pascual’s prediction proves accurate, it will represent a comeback of sorts for biometrics for authentication of payments. The technology suffered a black eye five years ago with the bankruptcy of Pay By Touch Inc., a startup that deployed devices that secured point-of-sale transactions with fingerprint scans.
A key factor explaining the rising interest in biometric technology is the expected conversion of point-of-sale transactions to EMV (Europay-MasterCard-Visa) chip cards, Pascual says. EMV, which embeds card credentials on a microchip, is seen as far more secure than magnetic stripes and has reduced face-to-face card fraud in Europe, Canada, and other regions where it has been adopted. But these same regions have seen a dramatic surge in e-commerce fraud as criminals have simply shifted from using stolen credentials at the point of sale to using them online.
Experts warn the same wave of crime will follow the adoption of EMV in the United States. This could happen within two years as the card networks have set an October 2015 deadline for shifting liability for counterfeit card fraud from issuers to merchants that aren’t prepared to process EMV transactions.
In fact, Pascual says a shift of fraud from the point of sale to card-not-present channels is already under way. He says the fraudulent use of card credentials online has been outpacing such misuse in face-to-face transactions since 2010. “[Online] retailers are already starting to see that shift, and it’s only going to get worse when EMV comes,” he warns.
Yet issuers and online merchants are armed mostly with obsolete defenses, such as static passwords, user names, and sets of personal questions and answers. “They’re using solutions that are more than a decade old—[address verification] dates back to 1990. It’s wholly unacceptable,” says Pascual, who has authored a Javelin report released this week entitled “Online And Mobile Retail Payments Authentication.”
Solutions such as one-time passwords, which banks and social networks have begun to deploy, will become more commonplace to meet the challenge presented by the shift of fraud online, Pascual says. And the enormous popularity of smart phones and tablets will make the introduction of voice- and facial-recognition technologies easier. “It’s not a lot to ask consumers to use something like a mobile device,” he says, since they carry one everywhere and often go out of their way to retrieve it when they leave it behind.
Some banks and merchants may balk at introducing new authentication technologies, fearing they will drive up cart abandonment. But Pascual says consumers quickly adapt to new technologies, learning to rely on them as they become more familiar with them. Indeed, ease of use—or perception of ease of use—rises in tandem with familiarity, the Javelin report says. For example, 74% of consumers familiar with biometric identification say they find it easy to use, while just 26% of those unfamiliar with the technology say so, according to the report.
Here again, the features of a mobile device can come in handy. “Manual entry of payment information on a little device can be cumbersome, but a mobile device allows consumers to do things like facial recognition,” says Pascual. “You realize the mobile device has its own inherent benefits.”