Biometric Authentication and Banking
Financial service firms have consistently been leading the charge in adopting biometric authentication. Why? Ease of use, enhanced security, and cost savings.
However, they have mostly done this with customer-facing services: Banking apps were some of the first to embrace granting access via fingerprint, and one of the most common uses for mobile fingerprints is to authenticate mobile payments. But now large financial institutions are looking to expand the advantages that biometrics offer, bringing security and convenience to internal operations as well.
Biometric authentication replaces what we know, information that can be guessed, stolen, shared, and forgotten, with what we are, intrinsic properties tied to our identity. It’s only natural that we would use it to secure access to sensitive personal and financial data.
That’s why one multinational Swiss bank is deploying biometrics for accessing its Microsoft Active Directory (AD) and Citrix environments.
Complex Isn’t Better
There are many reasons to switch to biometrics for authenticating into AD and Citrix environments. End users inevitably fail to use best practices for password security, with 73 percent of consumers reusing the same ones over and over again. Or, they use easy to remember and easy to guess phrases. And even strong passwords can be cracked by a dedicated hacker given enough time.
More recently, firms have embraced two-factor authentication (2FA) to mitigate these problems, but 2FA introduces some issues of its own. Hardware tokens are easily forgotten at home, lost, or broken, increasing the cost of resetting user credentials for the bank. SMS and one-time password (OTP)-based tokens eliminate these problems but are interceptable by hackers using man-in-the-middle attacks or similar tactics.
All of these methods are cumbersome and costly, making them a problem for administrators and end users. Which may be why 58 percent of consumers say they are comfortable using biometrics today, according to the University of Texas at Austin’s recent Consumer Attitudes About Biometric Authentication survey. It’s not just for consumer-facing activities either. The marriage of security and convenience is driving deep into the workplace as well.
One Bank’s Mission to Secure Data
The risks inherent in passwords and the costs of 2FA are just some of the reasons why this Swiss bank is deploying biometric authentication across its organization. Previously, employees used a combination of username/password and a token or swipe card to access sensitive customer data and systems. This combination of credentials is not only cost prohibitive, but extremely inconvenient for employees to use on a daily basis. Logging into the bank’s Citrix environment on-premises required a password and swipe card. If employees were off-premises they needed a password, swipe card, and token. While each additional item increased security in a way, each was also another thing which could be lost or stolen.
Biometrics offer a significantly different user experience. By integrating biometric authentication into its identity and access management (IAM) infrastructure, the bank simplifies login to a single-step process, regardless of if the employee is on-premises or remote. This improved user experience, as well as the cost savings benefits, are why 63 percent of IT decision makers are implementing biometric authentication.
