Personal impressions

Some clients are considering biometrics as one tactic to manage the risk of fraud and privacy breaches, but barriers to adoption include the “creep-out factor” and the upfront cost.

Instead of simply relying on something like a password, some clients are using (or thinking of using) unique biological characteristics such as fingerprints, eyes, palms, faces and even voice patterns.

“Biometrics is one key technology that is becoming very disruptive,” says Ahmed Etman, managing director of security for Accenture Canada. “When you think of identity theft or impersonation, it’s very hard to impersonate someone or spoof the identity of someone with biometrics verification.”

Fingerprint identification is better at reducing the risk of fraud and information security breaches than passwords, Grand View Research Inc. says in a recent report.

“Many payment method providers are already trying to integrate biometrics into their offering,” reports Ernst & Young, citing Mastercard Identity Check Mobile and Apple Pay as examples.
Worldwide, the market for automated fingerprint identification systems was valued at US$3.26 billion in 2017, reports Grand View. That market is expected
to grow at a compound annual growth rate of 18% from 2018 through 2025.

“Rising security threats, demand for integrated solutions, and growth in online transactions are expected to boost market growth.”

Biometrics can help reduce the risk of having sensitive information such as intellectual property, source code, sales forecasts and personnel files fall into the wrong hands, claims Orsay, France-based United Biometrics.

One factor driving demand among banks and retailers is payment fraud, Accenture says in a recent report, Imprint your Future.

Worldwide, losses arising from credit and debit card fraud were US$21.84 billion in 2015 — and growing by more than 20% a year, Accenture reports.

Biometrics can also help reduce identity theft, says Anne-Marie Kelly, executive director of identity management and fraud solutions for TransUnion Canada.

Identity theft can take several forms, the Insurance Bureau of Canada reports. For example, some criminals seek personal information to impersonate consumerand access their bank accounts, get new credit cards in someone else’s name and make purchases.

If you do business with consumers over the Internet, having a user name and password is not enough to verify a person’s identity, Kelly says. Some companies are using multi-factor authentication. This combines something the user knows (such as a password) with something the person possesses, such as a fingerprint, iris or other unique biological characteristic. “Two-factor authentication is not as secure unless you have biometrics as part of it,” says Bob Cattanach, a lawyer who advises clients on cyber security and compliance.

Barriers to adopting biometrics may include a prohibitive cost or the equipment isn’t yet scalable. For example, if your client wants to use biometrics to control access to a building or rooms, the upfront cost on biometrics is greater than it would be for conventional key cards.

Another barrier is what Cattanach calls the “creep-out factor.” This describes a situation in which users are concerned that the data containing their biometric information will somehow be misused. To overcome consumers’ misgivings, businesses have to start doing things a little bit differently.

For example, for insurance companies to start adopting some of these capabilities, they also have to build a trust relationship with the client, as Etman says. “We deal with your data, your private data, we are reliable, and we know what we are doing.’”