11/22/2024 | Press release | Distributed by Public on 11/22/2024 08:44
Our fraud team tells us how biometrics is being used to help tackle fraud and scams, including AI and other deepfake methods.
Biometrics plays a growing role in the battle against scams and fraud. It uses our unique physical characteristics and personal data to identify us and strengthen digital security measures.
Instead of traditional passwords, PINs or even access cards, physical biometric identifiers include fingerprint, facial or voice recognition, which are harder for fraudsters to replicate. In a fingerprint, for example, there are intricate, distinctive patterns and ridges; hundreds of thousands of data points are analysed in just a few seconds. This can simplify and streamline the user experience: scanning your finger is easier than remembering a password.
There are also behavioural identifiers based around how individuals behave and engage online. They might include keystroke patterns, mouse activity, scroll/swipe patterns, a user's movements or gait.
Biometrics is used increasingly to help businesses more simply authenticate their employees and customers within this digital space.
The UK's freshly appointed Labour government has introduced The Digital Information and Smart Data Bill, which aim to update legislation to support the management of data in the UK, including digital verification. As we watch artificial intelligence and machine algorithms pinpoint personalisation, security must become more nuanced and customer-centric.
Customer expectations set high benchmarks of ease and speed when accessing products and services online. "This, unfortunately, provides fraudsters and hackers with more opportunities. Biometric approvals are an extra layer in fraud prevention, and are used ideally within multi-factor authentication, so a combination of biometrics and passwords, for example.
"As cybercrime becomes more sophisticated, workplace security must step up to combat identity theft and fraud," says the bank's fraud specialist.
To combat fraudsters using AI and other deepfake methods, tools offer improved identification of masks, and screen replays, helping to evaluate whether users are human and 'alive', and not a forged photo or voice recording.
The bank faced its own challenge in developing facial recognition software for its mobile banking app. Until recently, customers were required to blink to verify their identity but the software was glitchy - it didn't always work first time and wasn't accessible for everyone.
Sue Duka, Lead Product Owner from the bank's Digital Channels team, acted on customers' needs and feedback: "We've removed the need for customers to blink when they use the feature, making it more accessible to people who can't complete this action."
With the 'passive' identity feature, customers can remain still while scanning takes place.
"This work has included improving our biometric approvals to make them more secure and easier to use. We've enhanced these features to better spot things such as deep fake technology which could be used in fraudulent transactions," she adds.
In the US, the Deloitte Center for Financial Services predicts synthetic identity fraud to result in losses of at least $23bn by 2030, prompting more financial institutions to incorporate robust biometric checks. Government and digital infrastructure initiatives, healthcare, consumer electronics and payments are other industries where it's gaining traction.
Under the Secure Banking Promise, biometric data is encrypted and kept safe within a hardware-backed storage system, with regular security assessments carried out.
Businesses are advised to carry out a risk analysis to determine the appropriate storage and security measures necessary for their biometric data.
Learn more about using biometric approval and how it works in mobile banking.
The material published on this page is for information purposes only and should not be regarded as providing any specific advice, or used by consumers to make financial decision. Terms and conditions apply to any products or services mentioned.