Understanding the Potential of Biometrics - Europe... · 2017-06-16 · – We need security…we crave convenience • Drives customer loyalty and captures new ones! Enhance productivity

The Trusted Source for Secure Identity Solutions

© HID Global Corporation/ASSA ABLOY AB. All rights reserved.

An ASSA ABLOY Group brand

Understanding the Potential of BiometricsBill Spence | 12 June 2017 ATM & Cash Innovation Europe 2017 | Workshop



PROPRIETARY INFORMATION. Do not reproduce, distribute, or disclose. No unauthorized use.

Overview

Why Biometrics in Financial Applications?Biometrics 101Biometric ModalitiesApplicationsSystem ImplementationInstallations




What questions do you want answered today?




Why Biometrics in Financial Applications?Trust, Security, Convenience




Security is the foundation of trustStopping fraud

https://www.theguardian.com/world/2016/may/23/japan-cash-machine-100-thieves-steal-13m-dollars-three-hours http://www.pymnts.com/news/security-and-risk/2016/taiwan-atm-heist-malware/




The Value of Consumer Trust

EY Global Consumer Banking Survey 2014

“Focusing on the customer experience is paramount to establishing complete trust....”




Why use biometrics in financial applications?

§ Convenience– We need security…we crave convenience

• Drives customer loyalty and captures new ones

§ Enhance productivity– Faster transactions

• Up to 70% reduction in cash withdrawal time

– No password for employees

§ Give them choice – multiple strong authentication methods– Mix and match

• Card and biometric• Phone and biometric• “Deviceless” - Account number and biometric




Transaction Security

EMV made cards more secure…

Biometrics is the EMV upgrade for the PIN




Biometrics 101Capture > Liveness > Match




Capture

§ Capture– Image is everything in biometrics

– It has to work• Bad images lead to bad decisions




Liveness

§ Security– Sensor dependent

– Some modalities more resistant than others

§ Privacy– If you can’t use a fake then why

collect the info?




Match

§ A match is the ultimate confirmation of the authorized person proving a live capture

§ Interoperability– Same enrollment template used

in multiple applications

§ Implementation – Where is the match completed

• Privacy• Security – encryption of data• Regulatory




Match

§ Recognizing the good guys is the key (FRR)– It has to work!!!!

• Often incorrectly approached from the fraud perspective (FAR)

§ Biometrics can be adjusted to a point– Think car alarm…more cats or crooks

§ Intuitive use – Reduces error rates– Reduces enrollment training/cost




Your Deployment: The Real World

§ All sensors are not created equal

§ No silver bullet

§ Modality Fusion– Two bad biometrics don’t always make

one good one

§ Geography and culture matter– Convenience is universal

What a lousy cruise ship!!!




Biometric ModalitiesChoices and Considerations




FaceConsiderations§ Ease of use – Depends

– Do I need to look at something?

§ Liveness– 3D harder to fake compared to 2D

§ Many degrees of freedom– Looking at the camera, head tilt, background light, lack of light– Less secure than many other technologies– Deep learning having a major impact

§ Privacy– Can be captured and used without permission, but do you care?– Recognition the way humans recognize each other

§ Can use mobile camera– Ambient light issues enhanced




Iris

Considerations§ Highly accurate§ Getting the image can be a challenge

– Head position/Glasses

– Illumination/Ambient Light/Color Variation

§ Interoperability very high§ Liveness

– Some sensors can stop fakes, but can impact error rates– No updating

§ Mobile sensors available – Recently deployed…special illumination on Samsung S8

– Recently hacked




VeinConsiderations § Palm, finger, eye§ Characteristic internal to hand/finger/eye

– Low probability of damage– Cannot be directly imaged– Eye uses ocular characteristics as well

§ Positioning is important– Training can become an issue– Getting the image can be a challenge

§ No interoperability§ Liveness

– Requires trusted enroller– Not active

§ No mobile sensors available




Voice

Considerations§ You just need to talk and a microphone

§ Variability can hurt “image” quality

– Ambient noise

– Normal vocal variability

– Microphone characteristics creates noise

§ No Interoperability

§ Liveness

– Not intrinsic, but can leverage pass phase

§ Mobile sensors available




Fingerprint — Conventional

Considerations§ Optical, Silicon, LES§ Image quality impacted by many factors

– Dryness of skin or air

– Water

– External skin damage and aging

§ Interoperability very high§ Intuitive use§ Liveness

– Some can stop simple fakes

– No updating

§ Mobile sensors available – Limited usability and security




Fingerprint — Multispectral

Considerations§ Captures external and internal fingerprint

– Capillaries in fingertip mimic external print – think vein

§ Designed for best possible image quality– Not impacted by dryness of skin or air

– Water enhances images

– Internal info used if external is damaged

§ Interoperability very high§ Intuitive use§ Liveness

– Uses internal finger data

– Field updatable

§ No mobile sensor




ApplicationsCustomers and Employees




Customer Authentication

§ Grow convenience and reduce fraud

§ Multichannel authentication– Online/mobile banking

– ATM transactions

– Teller

– Call center

– Safe deposit box




Employee Authentication

§ Enhance productivity and security– Log In

• Network logon• Call center/remote logon

– Transaction Verification• Customer records• Approvals

– Physical Access• ATM • Branch• Safe Boxes




System ImplementationData, encryption, architecture




Implementation § Where does the authentication take place?

– ATM/Teller – fixed or mobile or both– Bank Employees – fixed

• Citibank uses fingerprint for employee log on • Enhances customer impression that security is taken

seriously

§ Using a mobile phone’s biometric sensors?– Customer is trained…maybe– Major variation in spoof protection, if any– Authentication device is out of the bank’s control– Both authentication channels come from single

device




Implementation

§ Where does enrollment take place?– At the Branch– At the ATM– At Home

§ Where is the template stored?– Templates are like long PINs – its PI– Template on card or phone

• EMVco standard for biometric terminals released in March • Contactless - template on phone • Template on server




Implementation

§ The Backend – Match on ATM PC

– Match on sensor

– Match on server

– Encryption across all• Tamper resistance

– Match on phone




Match on ATM PC

Fingerprint sensor in ATM• Capture fingerprint

• Check liveness

• Generate template

Template in the clear over encrypted channel

Pro’s• Less cost vs sensor match

or server match• Enrollment template stays

inside ATM PC

Con’s• Risk of biometric DB hack• Risk of Man-In-Middle• Risk of ATM PC malware




Match on Server


• Check liveness


Live template sent to server in the clear

Pro’s• Central administration• Enrollment template stays in

the server

Con’s• If user retries at ATM, must

resend template (delay)• Risk of biometric DB hack• Man-In-Middle risk




Match on ATM Sensor


• Check liveness


Live template kept in sensor

Pro’s• Central administration• Match on Sensor avoids

malware on ATM• Only send template once, even

if user retries at ATM

Con’s• Risk of biometric DB hack• Man-In-Middle risk




Match on Server (Encrypted)


• Check liveness


Live template encrypted and sent to server

Con’s• If user retried at ATM, must

resend template (delay?)• Crypto cost & complexity

Pro’s• Central admin & ATM network• Crypto prevents Man-In-Middle• Crypto protects biometric DB• Anti-tamper: zeros crypto keys




Match on ATM Fingerprint Sensor (Encrypted)


• Check liveness


Live template stays in the sensor

Pro’s• Central admin & ATM network• Send template once, even if user

retries at ATM• Crypto prevents Man-In-Middle• Crypto protects biometric DB• Anti-tamper: zeros crypto keys

Con’s• Crypto cost & complexity• Slightly longer process time




Match on Phone

Phone’s biometric sensor• Capture fingerprint

• Check liveness


Live and stored templates stay in the phone

Pro’s• Simplifies backend• User chooses modality and is trained• User controls template

Con’s• Varying degrees of spoof protection• All authentication channels in one

device and beyond control of the bank

• Untrusted enrollment

PANTokenized




Installations




Installations

§ Does anyone have a pilot or implementation in progress?

§ Can it really scale?– Pilots are just pilots

• Lots of transactions needed to understand the performance• Need to test over time




Over the Phone: Voice§ Voice recognition replaces passwords

§ Telephone and online banking customers — call centers

§ Example: Barclays – Digital profile of the customer’s voice

created using data from just three phone calls

– “Incredibly popular”, with the time taken to verify identity falling from 1.5 minutes to less than 10 seconds.

– Rolled out to 12m retail banking customers

https://www.theguardian.com/business/2016/feb/19/hsbc-rolls-out-voice-touch-id-security-bank-customers




On the Mobile Device: Face / Eyes

§ Mobile: customer uses their own device

§ Smartphone camera performs biometric acquisition

§ Example: Wells Fargo– Eyes: Customer centers their

eyes on the screen then look to the side to image the veins

– Face + voice: Customers centers their face on the screen then reads numbers

http://www.latimes.com/business/la-fi-cutting-edge-eyescan-20160306-story.html




At the ATM: Iris

§ Iris recognition at ATMs

§ Card and PIN replacement

§ Example: Qatar National Bank– Card and PIN replacement

– Non-contact / sanitary

http://www.gulf-times.com/story/453789/QNB-first-bank-in-Qatar-to-launch-Iris-scan-techno




At the ATM: Palm Vein

§ Palm vein recognition at the ATM

§ Example: Bradesco– 700m transactions in Brazil

https://www.nytimes.com/2017/02/13/business/dealbook/banks-look-to-cellphones-to-replace-atm-cards.html




At the ATM: Finger Vein

§ Finger Vein recognition at the ATM

§ Example: Planet Cash ATM network (Poland)– 1730 Wincor Nixdorf and Diebold

ATMs

§ Example: Japan– 75,000 finger vein scanners have

been shipped for use in ATMs in the country

http://www.zdnet.com/article/giving-cash-machines-the-finger-new-polish-network-ditches-bank-cards-for-vein-scanning/, http://www.leadersinsi.de/zbiom/




At the Teller/Network: Fingerprint

§ Fingerprint authentication– Access to network for

employees

§ Replaces need for password

§ Example: USA – Major Global Bank– Thousands of sensors deployed

– All branches




At the ATM: Multispectral Fingerprint

§ Fingerprint authentication at the ATM

§ Can be PIN replacement or cardless

§ Example: Brazil– 4 billion transactions a year– 85,000 ATMs– Bradesco is the only bank that

doesn’t use multispectral fingerprint authentication




Summary

§ Convenience can be as valuable as fraud reduction

§ Image capture and liveness are critical for any biometric

§ No silver bullet – give them choice

§ Biometrics are replacing an EPP – make it as secure

§ Pilots need to be large to understand true performance

§ Some technologies have proven they can scale – others have not




Questions?

Bill SpenceVice President of Sales, U.S. and Western Europe — Biometrics

HID Global

Mobile: +1 408 891 4091

[email protected]

Documents

Understanding the Potential of Biometrics - Europe... · 2017-06-16 · – We need security…we crave convenience • Drives customer loyalty and captures new ones! Enhance productivity