In a Hand or a Face

Fingerprints, facial recognition and other biometrics can make banking more secure

As society becomes more technologically sophisticated, so does the way we manage and protect our money. Long gone are the days of hiding money under the mattress, or even needing to write a check by hand.

But with the convenience of ATMs, online banking and mobile banking apps comes new security risks.

The ability to connect from anywhere at any time amplifies potential threats, such as identity theft, fraud and data breaches.

The security risks do not stop at the bank doors. Financial institutions must also address internal security challenges, such as access control and employee verification. New advances in biometric technology, like facial recognition programs, allow banks to enhance their security systems and work in tandem with local law enforcement agencies that are also utilizing biometric-based solutions.

Biometrics present a significant opportunity to alleviate many security issues that cause stress for banks and financial institutions, and they can help make operations more efficient in the process.

What are Biometrics?

A biometric indicator refers to any unique attribute of an individual, either biological or behavioral. This could be a person’s finger or palmprint, iris pattern, face, or even vocal patterns and fluctuations. One or several of these identifiers are collected and authenticated using state-of the-art sensors and algorithms.

Authenticating identity is a critical component of banking security. There are three methods used to verify a person’s identity:

  • Authenticate something they know, such as a PIN.
  • Authenticate something they have, such as a driver’s license or passport.
  • Authenticate something they are, such as with a fingerprint. This is where biometrics come in.

For decades, the first two methods were the primary ways to verify identity in financial institutions. With the increase in mobile connectivity and the creation of banking applications specifically for mobile devices, though, the method of identifying people is likely to change. Traditional authentication solutions were not designed for mobile use; they are inconvenient and are proving to be insecure, according to Goode Intelligence in their 2015 report, “Biometrics for Banking.”

As more smartphone manufacturers incorporate biometric sensors for fingerprints, eyes and face, biometric authentication is finally primed to take the lead in verifying a person’s identity when using mobile applications.


Using biometrics increases the accuracy of authentication as they use a person’s unique identifiers when making a match. These physical attributes are more difficult to forge than a password or ID card. As a result, many financial institutions will see a migration toward incorporating biometrics into their multi-factor authentication processes in order to increase security for themselves and their customers.

A recent study by Telstra points to security as one of the most important factors for consumers when choosing a financial institution: “While factors such as interest rates and ease of accessing funds used to be the most important considerations when selecting a financial institution, today, more than half of U.S. consumers cite the security of their finances and personal information as their top priority, together with their institutions’ reputation for security.”

Biometric authentication provides a cost-effective and reliable addition to a bank’s overall security program, as well as peace of mind for its customers. In Telstra’s survey, more than two-thirds of U.S. respondents said that biometrics such as voice, fingerprint, iris and facial recognition would increase security and help reduce the risk of fraud.

Biometrics at ATMs

ATMs typically require a card and PIN to access account information and withdraw funds. However, the Asian market is changing the way ATM security works. Many banks in this part of the world are using biometric authentication at ATMs in large metropolitan areas, such as Tokyo. A recent report by Biometrics Research Group found more than 80,000 biometric-enabled ATMs in Japan and more than 15 million customers using them.

Sometimes biometrics are used in conjunction with a PIN or card, while other times they are a standalone security measure. Fingerprints are the most commonly used biometric indicators for this purpose, but facial and voice recognition are becoming more reliable and, therefore, will become more common.

Biometrics in Mobile and Online Banking

Offering services on the Internet are vital to a financial institution’s livelihood; in fact, some banks exist only online. Unfortunately, the ability to log on from anywhere increases the risk of fraud. The ability to authenticate identity for online banking is vital to its utility and success. Biometrics and the Internet, both versatile in their nature, can combine to create a sophisticated and easy-to-use security alternative. Facial recognition is a modality that could easily excel in the online banking arena, as many devices are equipped with cameras.

The advent of smartphones has brought a whole new dimension to banking. With services like Apple Pay and mobile apps specific to financial institutions and payment processors, there is a new virtual vault that banks must secure.

Biometrics Research Group recently reported that PayPal facilitates $1 of every $6 spent online worldwide and that the total payments volume during the preceding 12 months increased by 26 percent to $203 billion. This makes the need for enhanced and reliable security even more pressing.

Nearly every commerce website that the typical consumer deals with includes online payments, whether it leverages common options such as PayPal or Google Wallet or uses a site’s own proprietary payment system. With all of these sites and applications pinging consumers’ online bank accounts, banks have to do more to verify the identity of those who are authorizing transactions.

Biometrics for Telephone Banking

Voice recognition provides a great alternative to the current methods used for telephone banking security. Typically when calling into a bank, a person is required to verify his or her identity by using the keypad to enter a PIN, bank account number or Social Security number. Voice recognition makes this process more secure by adding a layer of security.

A number of large U.S. banks are receiving positive feedback regarding the installation of voice recognition, according to Biometrics Research Group: “Banks that deploy voice biometrics to automate the ‘log-in’ process not only enhance customer satisfaction levels but dramatically reduce their customer care costs through increased automation rates.”

Banks are exploring additional uses for voice biometrics in their fraud reduction initiatives. By cataloging voices of fraud suspects, for example, banks can use voice recognition to help protect against criminals gaining access to accounts.

Biometrics for Branch Security

When physically present at a bank, customers are required to present a form of identification and a bank card to verify their identity and gain access to their funds. Providing knowledge of the account, like a current address or the account number often supports this method. Banks work to make this an easy and quick interaction, but is this the most secure approach?

With more than 50 unique driver’s licenses in the United States and with municipal identification cards on the rise, the number and appearance of government-issued IDs are constantly growing and changing. Is it fair to expect tellers to know the exact look and feel of every form of identification that could possibly be used to access an account? With identity fraud on the rise, incorporating biometrics into the authentication process offers a more secure and efficient method that relies on standardized technology to confirm identity and removes the possibility of human error from the equation.

In 2014, Goode Intelligence reported that 41 percent of all financial fraud in the United Kingdom was identity-related. This is largely because of criminals opening up accounts under false identities or changing contact information on existing accounts. This could easily be curbed through the use of biometrics. It is easier to create a fake ID than to fake a fingerprint or iris pattern. Biometric technology offers a more efficient, effective and precise solution compared to an identification card.

Implementing biometric technology can also help banks combat physical security threats. Large institutions in metropolitan areas with their own security departments could benefit from incorporating facial recognition software into their existing surveillance systems. Using whitelists and blacklists, security departments could monitor patrons and employees alike, providing access to secure areas for employees and being alerted to the presence of unwanted visitors. Smaller banks could benefit from the increased adoption of such technology by law enforcement. Solutions are now available that would allow captured security footage (with appropriate resolution) to be processed by facial recognition software, after the fact. Agencies using the software could take video footage from banks (or any commercial entity using the right security camera infrastructure) and use the software to check facial images against criminal databases. This type of application quickens the process of identifying and potentially capturing suspects. The versatility and preventative nature of facial recognition technology make it a leading biometric tool for the banking and financial institutions sector.


Biometric technology can provide enormous benefits for the financial sector, removing the element of human error and creating more efficient and secure processes. Using unique personal attributes such as fingerprints, face, iris or voice to authenticate people can help increase customer satisfaction and reduce the risk of fraudulent activity in all areas of banking while advancing the efficiency and security of the industry overall.

Amy McKeown ( is U.S. biometrics marketer for 3M (