1

ChairRoger Clarke, Xamax Consultancy, Australia

Panellists Milena Head, McMaster Uni, Canada

Khaled Hassanein, McMaster Uni, Canada Roger Bons, (Ing), The Netherlands

Do the eyes have it?

Consumer Acceptanceof Potentially Intrusive

Identity Authentication Mechanisms

2

Acceptability of Biometrics in Financial Transactions

AGENDA

• Underlying Concepts• Consumer Financial

Transactions• (Id)entification• Authentication

• Introduction to the Panellists

• Panellists’ Statements• Discussion

• Intra-Panel• Open

3

Consumer Financial Transactions

ConsumerTransactor

Token(Identifier,

Credential)

TransactionCaptureDevice

NetworkTransactionProcessingDevice(s)

4

Account No.Card No.

Customer No.

AccountCustomer

Identifier + Data-Items

Identity andAttributes

RealWorld

AbstractWorld

Identity and Identifier

5

Identification

The process of associating data with a particular Identity

Achieved by acquiring an Identifier for the Identity

A recording medium for an Identifier

Token

6

Entity andAttributes

RealWorld

AbstractWorld

Identifier + Data-Items

Identity andAttributes

The Entity/ies underlying an Identity

7

Entity andAttributes

RealWorld

AbstractWorld

Entifier + Data-Items

Identifier + Data-Items

Identity andAttributes

Entity and Entifier

8

Authentication

A process that establishes confidence in an Assertion

• Assertion: a proposition relating to ...• Assertion Types:

• a fact• a quality of a Data-item• a characteristic of an Entity, e.g. condition, value• the Location of an Entity• an Attribute of an Entity or an Identity• appropriate use of a particular Identity• performance of an act by a particular Entity

• Authenticator: evidence useful for authentication

• Credential: a physical or digital Authenticator

9

Identity Authentication – Traditional

• What you know Password, PIN• What you have Credential, 1-time

Password

10

Identity Authentication – Traditional

• What you know Password, PIN• What you have Credential, 1-time

Password

• Risk of Fraud, because:• the Identifier is easily known• the Authenticator is easily acquired

11

Identity Authentication – Traditional

• What you know Password, PIN• What you have Credential, 1-time

Password

• Risk of Fraud, because:• the Identifier is easily known• the Authenticator is easily acquired

• Fraud Countermeasures:• Change of Authenticator• Two-factor Authentication

(provided the factors are independent)

12

Identity Authentication – Traditional

• What you know Password, PIN• What you have Credential, 1-time Password

• Risk of Fraud, because:• the Identifier is easily known• the Authenticator is easily acquired

• Fraud Countermeasures:• Change of Authenticator• Two-factor Authentication

(provided the factors are independent)• Risks remain, and new Threats arise

13

(Id)Entity Authentication using Biometrics

• What you do Performative Biometrics, e.g.

- Signature dynamics-

Password-input dynamics• What you are Static Biometrics,

e.g.- Voice, Face, Iris-

Thumb/Fingerprint(s)

14

(Id)Entity Authentication using Biometrics

• What you do Performative Biometrics, e.g.- Signature dynamics

- Password-input dynamics

• What you are Static Biometrics, e.g.- Voice, Face, Iris- Thumb/Fingerprint(s)

• Potential security improvements

• Biometrics can be acquired ==> security isssues• Biometrics relate to the entity ==> privacy issues

15

Panellist 1Milena Head

• Associate Prof. of IS, DeGroote School of Business, McMaster Uni, Ontario & Associate Dean

• eBusiness and Human Computer Interaction (HCI)• Trust, Privacy, Adoption, Identity Theft

• Research on consumer acceptability of biometrics in the context of financial transactions

16

Panellist 2Khaled Hassanein

• Associate Prof. of IS, DeGroote School of Business, McMaster Uni, Ontario & Chair of IS Area

• eBusiness (Director of Research Centre MeRC), Mobile commerce, eHealth, online trust, online usability, human-centric DSS

• Previously a software engineer with NCR in the financial services sector

• Research on consumer acceptability of biometrics in the context of financial transactions

17

Panellist 3Roger Bons

• Product Manager Cards/Cash, previously a strategic consultant, in a major financial institution

• But speaking as himself• A Bled community member in earlier years

from an academic perspective, while doing a PhD at Erasmus

• Financial services industry perspective on biometrics in consumer payments

18

Panellist 4Roger Clarke

• eBusiness consultant, academic, advocate, incl. • chip-cards generally• chip-cards in financial services• identity and entity, (id)entification,

authentication, biometrics• privacy, consumer protection

• Involved with consumer financial transactions sporadically over the last 20 years

• Sceptism about biometrics in consumer payments

19

Effectiveness of Biometric Authentication

• There are many sources of difficulty, e.g.• Lack of control over equipment,

capture environment, capture practices• Inherently fuzzy measurement, and hence

test for closeness of fit rather than equality

• These difficulties result in error-rates:• Failure to Enrol FTE• Failure to Acquire FTA• False Match Rate FMR• False Non-Match Rate FNMR

20

Error-Rates

• In Theory:• Even the best (iris) has problems• At FMR 1 in 1,000

FNMR 1-4%plus FTE 0.5-1%?

FTA 0.5-1%?• Hence 2-6% exceptions,

resulting in:• Cost to organisations• Inconvenience to people

• In Practice:• Appears to be a lot worse

21

Imposters (and Avoiders)• The statistics come from tests that

assume no attempt to subvert the system• Some ‘zero-effort imposters’ get through

• Biometrics are not a secret, can be acquired,and can be used to contrive an ‘artefact’

• ‘Liveness testing’ to detect artefacts is difficult,expensive, and subject to counter-measures

• A ‘> zero-effort imposter’, who has knowledge and who invests effort, can get through

• The few imposters are the problem thatwe were trying to address in the first place

22

Security Issues

• Many organisations acquire a copy of the biometric(but the scheme can be designed to avoid it)

• Some organisations retain a copy of the biometric

• Many organisations retain a copy of the ‘template’

• Some templates are not one-way hashes• Reversible templates enable creation of an

artefact and therefore support masquerade

23

Privacy Issues

• Biometrics are associated with the underlying entity• Biometrics strike through identities• Biometrics undermine identity silos, and

encourageconsolidation of personal data into one pool

• Identity silos are the primary privacy protection, which data protection laws have sought to sustain

• Templates have potential use as a common entifier(Almost all iris schemes use the same algorithm, and hence produce the same template. For all biometrics, industry concentration is likely in any case)