New regulatory enforcement makes 2020 big year for biometrics, execs say
Regulations for authenticating transactions and protecting privacy will continue to evolve in 2020, with companies gearing up for PSD2’s Strong Customer Authentication (SCA) requirement, and Veridium is expecting standards such as the FIDO 2.0 protocol to play a major role in ensuring firms achieve compliance.
Recent releases from Equifax and TypingDNA show a range of stakeholders from different areas of the industry are thinking along similar lines.
“Our FIDO 2.0 certification is part of a strategy to put compliance rigour at the centre of our value proposition to companies operating in a range of sectors, delivering a strong, passwordless authentication experience without compromising convenience,” says Veridium CPO John Spencer. “Conducting suitable and efficient risk assessments as part of this is crucial to ensure we provide the highest level of safety to both our employees and end-users.”
Regulations like SCA could also represent an opportunity to meet that need by leveraging biometrics, according to Spencer.
“It’s key that the biometric industry embraces the rapid evolution of regulations and certifications that are being issued,” he explains. “The FCA’s regulatory sandbox allows organisations to test innovative propositions in the market with real consumers. This ensures that compliance is woven into their service propositions, to produce the best outcomes for businesses and their end customers. This is ultimately in the interest of the public as it impacts a range of sectors, improving services, and strengthening security for consumers.”
Keith McGill, head of Fraud & ID at Equifax, also notes the impending enforcement of SCA in 2021 as a major factor in biometrics adoption, and notes that research by Cifas suggests an increase in ID fraud last year.
“As the strongest form of authentication, the benefits of biometric solutions are two-fold, stemming the tide of third-party fraud losses and offering a sleeker customer experience,” McGill says. “Brits are increasingly on board, with nearly three quarters happy to do away with pins and passwords to access their mobile phones in favour of a biometric solution. The challenge for businesses is crafting optimal deployment routes to harness this potential.”
Adding a biometric security layer to payment processes meets the multi-factor requirements of SCA, but the challenge for retailers is to do so without adding friction to the process, causing abandoned online shopping carts, according to the Equifax announcement.
“With the risk landscape more pronounced than ever, there’s no doubt that businesses must take increasing precautions to protect consumers, so expect biometrics to have a more hands-on role in the fight against identity theft,” states McGill.
As TypingDNA sets out its plans to address this looming market as a focus following its recently-announced $7 million Series A funding round, the company notes that behavioral biometrics, which perform authentication in the background of a transaction, are approved by the European Banking Authority for meeting PSD2 requirements. Keystroke dynamics can also improve the security of card-not-present transactions by leveraging the leading 3D Secure protocol.
“Keyboards are incorporated in almost any device today, making typing behavior the most widely available user biometric,” TypingDNA CEO and Co-founder Raul Popa explains in a blog post. “This round of funding will allow us to further our mission to provide user-friendly, non-intrusive biometrics and increased security to people around the world.”
“With global regulation impacting face-recognition-based authentication and hackers targeting SMS-based two-factor authentication, typing biometrics is the best form of identifying people without compromising privacy or security,” comments Darian Shirazi, general partner at Gradient Ventures, which led the funding round.
TypingDNA also says it is planning to add staff in New York, London, Bucharest, and Oradea.
biometrics | Equifax | Europe | online authentication | privacy | regulation | secure transactions | TypingDNA | Veridium