Mitek millennial predictions: Q&A with Mitek CMO Kalle Marsal
Mitek recently released survey findings of the mobile preferences, purchase habits and financial goals of millennials, which forecasts that more than $3 billion mobile commerce transactions in 2017 will incorporate selfies for authorization or authentication.
This shows that there is a significant unmet demand to use selfies and the camera for commerce and identity verification.
Conducted by Osterman Research, “The Millennial Influence: How Their Love of Mobile Shapes Commerce” study surveyed more than 3,000 millennials in the U.S., Canada and the U.K. about what they are looking for in a mobile user experience.
Mitek found that only four percent of U.S. millennials currently use selfies to authorize purchases, while 46 percent said they would like to do so; six percent of U.S. millennials said they use selfies to verify their identity, but 39 percent would like to do so; and 42 percent of the oldest millennials (ages 29 to 34) said they strongly prefer taking a picture of their driver’s license instead of filling out a form, compared to 23 percent of the youngest (ages 18 – 22) millennials.
BiometricUpdate.com had the opportunity to discuss these predictions regarding the millennial market’s mobile preferences, purchase habits and financial goals of millennials, as well as what they mean for biometric technology providers, with Mitek chief marketing officer, Kalle Marsal.
Mitek predicts that security practices relying on knowledge-based authentication are rapidly weakening while data breaches are increasing. What key drivers can you attribute to this trend?
Kalle Marsal: Security processes that depend upon knowledge-based authentication (KBA) and consumers’ personally identifiable information (PII) are rapidly weakening due to an ever-increasing number of data breaches across all industries. There were more than 974 publicly disclosed data breaches in the first half of 2016 alone, resulting in the theft or loss of more than 554 million data records, an increase of 31 percent over the previous six months. We expect this trend to continue with more than 1 billion consumer records compromised by data breaches in 2017. Thus, the exposure to fraud for companies that have security processes that rely on KBA and PII will only accelerate. This will drive a significant number of the Fortune 500 companies to be more aggressive in their efforts to augment or replace KBA for identity proofing and authentication.
What factors do you attribute to the increased and unmet demand for facial recognition in commerce and identification verification?
We know from our millennial research that the process of taking a picture of your own face, a selfie, is a very common and familiar behavior for the majority of millennials. Eighty-five percent take selfies and many are taking more than five a day. But millennials want to be doing more with this capability. Currently, only four percent of U.S. millennials use selfies to authorize purchases, but 46 percent would like to do so. And, only six percent use selfies to verify their identity, but 39 percent would like to do so. Facial recognition leverages this familiarity and the functionality already built into the mobile device to easily add a layer of identity verification to e-commerce. A few leading companies have started to address this demand and are experiencing great success. For example, MasterCard recently rolled-out its ‘Selfie Pay’ process for approving purchases.
The company has had so much success with the program in the U.S. that it plans to expand it to 14 additional countries. Given the consumer demand and the business benefits, we expect that more companies will begin following MasterCard’s example in 2017 and incorporate selfies into their mobile commerce transactions and processes. With the size of U.S. mobile commerce estimated at approximately $120 billion in 2017, if even just three percent of those transactions involve a selfie, it means that selfies will be used in more than $3 billion worth of mobile commerce transactions in 2017.
Aside from facial recognition, which biometric technologies do you predict will see the highest adoption rates in 2017?
Fingerprint recognition has already become widespread thanks to the iPhone, but has a different use case and different approach. While we predict facial recognition will be the primary verification innovation of 2017, we think there will also be significant growth of device and behavior biometrics for identity verification. For behavior biometrics,companies can track measurable patterns in human activities (swipe duration on a touchscreen, common login location, etc.). This is in contrast to physical biometrics, which involves a human characteristic such as fingerprints or iris patterns but are no less uniquely identifying. Companies recognize the need for additional security. According to a Lawless Research survey, close to 75 percent of companies surveyed are planning to move away from relying on passwords only and 69 percent of companies say that usernames and passwords alone no longer provide sufficient security.
How is the millennial market’s adoption rate of biometric identification compared to other demographics?
Millennials are the most eager to add and adopt biometrics but we saw a surprising trend in our 2016 survey. The older millennials (29 – 34) had the highest demand for facial recognition technology. We are looking to expand our research into older demographics, but based on this revelation we don’t expect the appetite for facial recognition to diminish with age. The ability to verify your identity remotely to open a new account is a very attractive option for all age demographics and biometrics will help make that process easy, quick and secure.
What tips would you have for businesses in providing a better mobile experience to their customers, particularly in terms of security and identification verification?
Our advice to would be for businesses to stop relying on personally identifiable information (PII). Organizations need to realize that an identity pieced together by PII that can be breached, and is not safe for them or their customers. Instead businesses should turn to more secure sources such as government issued ID cards, passports or driver licenses that have a proven identity source associated with them. Asking for someone’s street name or first car doesn’t prove anything about that person’s identity.
Asking for a government issued ID document and authenticating it for the person attempting to enroll in a service inherently has a greater element of verified identity built in. When you partner a government issued ID with a biometric during the identity authentication process, you can be much more confident of who that person is, even in the mobile channel. In addition, when a user is in the mobile experience, the last thing they want to do is attempt to type PII in on a tiny touch pad. Leveraging mobile capture for a driver’s license and facial recognition will improve the user experience and the security of the process.