China’s Central Bank puts restrictions on using biometrics for identity verification
China’s Central Bank has implemented a new policy that will prevent banks from verifying the identities of new customers using biometric data unless they meet a set of criteria, according to a report by Caxin.
Banks will be required to establish a technological standard for biometric identification as well as update their financial regulations accordingly in order to adopt biometric authorization practices, Fan Shuangwen, deputy director of the central bank’s payment department, recently said at a forum.
“The regulator has concerns about rushing to permit remote verification or say that it is safe and effective,” he said. “As for when it might drop those concerns, I don’t know for sure, and it is hard to set a timetable for this.”
One requirement is that the new customer must appear in person at a bank to open an account.
Many industry experts have proposed using facial recognition technology to prevent customers from having to show up in person at a bank.
Chen Long, chief strategy officer of Ant Financial Services Group, which is affiliated with Alibaba Group Holding Ltd., said having the staff verify the identity of bank customers in person is not a foolproof anti-fraud solution, and therefore, the Central Bank should allow banks to adopt biometric authentication.
Ant recently unveiled its “smile to pay” technology, courtesy of startup Face++, which allows users to verify their identity by scanning their face instead of typing in a password when making an online purchase.
The face-to-face requirement has been the foundation for various financial activities, including those offered by third-party payment companies such as Ant.
China Guangfa Bank VP Wang Bing said that the Central Bank could control risk by limiting the kinds of financial services customers could access with an account opened with facial recognition technology.
Critics say the main danger in using biometrics for identification is in how the data is transmitted.
“The current methods of Internet transmission are indeed very vulnerable to hacker interception and duplication,” Chen Zhong, a digitalization expert at a research facility under Peking University said at the forum. “So the risk is severe when using (biometrics) in financial services.”
Li Xiaojie, general manager of the China Financial Certification Authority, echoed Zhong’s stance at the forum, explaining that a lost identification document can easily be cancelled whereas stolen biometrics would have more permanent consequences because the owner cannot alter their identity.