Channels

11:35 AM
Mike Strange
Mike Strange
Commentary
50%
50%

Identity Management Will Get a Mobile Makeover by 2017

In the first of a two-part series, we explore how mobile will change user authentication and risk management in financial services.

The proliferation of mobile devices has led to a new consumer paradigm -- many consumers think and act in a “mobile-first” way. We check our cellphones before breakfast. They act as a portal to our relationships through social media apps. They organize our day, entertain us, and help us improve our health and manage our money. There are dozens of new use-cases every day. In financial services, our devices are moving from simple information services (example: checking your balance) to transaction providers (example: mobile deposit) or more complex solutions, such as mobile wallets, mobile payments, or mobile photo account opening. All of these are available today, with adoption growing.

A key building block to this trend is a high-quality method of determining identity. We must know who is requesting financial services to satisfy classic Know Your Customer (KYC) measures and thwart potential fraud. Traditionally, we have cobbled together a variety of factors to verify identity, including identity documents, background checks, out-of-wallet questions (such as, What street did you grow up on?), and other documentation. Online, we have added CAPTCHA, IP restrictions, authentication, and other techniques.

[For more on how mobile is changing the security landscape, check out: Are Mobile Payment Apps a Boon for Both Customers & Fraudsters?]

Mobile changes all of that. New data and techniques are available that, independently and in conjunction with classic techniques, represent the new era of identity management. As always, adding measures that manage risk can compete with the constant pressure to reduce friction. The good news: Mobile can help with that too.

So, with that as background, here are the first two of four trends I believe will set the direction of mobile identity and make a significant impact by 2017:

Facial verification
All smartphones have cameras, and we are used to using them. This has created the opportunity to leverage facial recognition as part of identity validation. Assuming the user experience is designed to be simple and compelling, consumers would take an identity “selfie” to validate. This, coupled with a photo/scan of the driver’s license creates a high confidence of identity and that the person was present at the time of the account enrollment. Done right, this creates the magic combination -- managing risk while simplifying the process.

This week, Amazon announced the Fire phone, with five cameras (four of which face the user). While the adoption of this device is yet to be seen, it is an indicator of a broader trend -- that computer-vision-enabled mobile phone cameras are becoming mainstream. By 2017, today’s commonly-accepted selfie will come of age and become more automated. Facial verification will be a mainstream method of identity validation.

Device awareness
We carry our smartphones everywhere. We protect them with fancy cases, since we intend to keep them for long periods of time. We have long-term relationships with carriers. Therefore, verifying our devices should be a useful measure of identity, and the stability of our phones should add confidence that our transactions are not fraud. Our industry should make use of device reputation and device location as information that can be correlated to risk. As with most risk factors, we should not rely on them exclusively, but as part of a larger risk-management framework.

Whether the impact will be great or small, there is no doubt that facial recognition and device location have the potential to change identity management drastically. What do you think? Are these technologies really game changers, or will their impact be relatively unnoticed? Leave your thoughts in the comments below, and stay tuned for next part two of this article, where I will examine behavioral awareness and the convenience of imaging.

Bio: Mike is an experienced mobile technology leader. Prior to joining Mitek, Mike was CTO of Green Dot, where he led the strategy architecture and implementation of their reusable mobile platform to serve the underbanked. Mike also served as a director at Neudesic, ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
anon8893269626
50%
50%
anon8893269626,
User Rank: Apprentice
7/16/2014 | 1:09:34 PM
Facial recognition Security
I am a huge fan on making things simpler and eaier for consumers, including myself. I worry about facial recognition though, our phone keeps images stored for lengths of time, all someone would have to do is use a photo already on the phone to get instant access to someone's bank accounts. Apple's new lock out system on all phones would make me more willing to try out facial recognition for banking identity management. 

Sincerely,

Misty

www.ABMobileApps.com
Jonathan_Camhi
50%
50%
Jonathan_Camhi,
User Rank: Author
7/16/2014 | 2:44:47 PM
Re: Facial recognition Security
I think more than relying on one type of technology or authentication method, the key to securing mobile will be in layering different technologies and methods on top of each other. For instance, couping facial recognition with fingerprint or voice recognition and geo-location.
Byurcan
50%
50%
Byurcan,
User Rank: Author
7/17/2014 | 9:27:22 AM
Re: Facial recognition Security
It is very clear that, whether we like it or not, things like facial recognition or other forms of biometrics will soon become commonplace in authenticating mobile devices. 
Jonathan_Camhi
50%
50%
Jonathan_Camhi,
User Rank: Author
7/17/2014 | 11:49:02 AM
Re: Facial recognition Security
I think people will much prefer using biometrics to having to remeber passwords and usernames as they do now.
Byurcan
50%
50%
Byurcan,
User Rank: Author
7/21/2014 | 9:46:58 AM
Re: Facial recognition Security
That probably will end up being the case.
Mstrange1234
50%
50%
Mstrange1234,
User Rank: Apprentice
7/23/2014 | 5:20:31 PM
Re: Facial recognition Security
Byurcan, agree with your comment about biometrics becoming commonplace.  The forces that drive these kinds of trends are strong.  I continue to see many examples where convenience is chosen over security by many.  Mobile phones have become an extension of who we are, with many (including me) checking their phone >100 times per day.  It is not a huge emotional leap to rely on facial recognition as a method of authentication.

Another challenge is the identity validation needed during remote (mobile) enrollment.  Signing up for a bank account, prepaid card, mortgage or credit product are examples.  I believe that the use of mobile identity will be a key factor here, and growing in the future.

Mike
Greg MacSweeney
50%
50%
Greg MacSweeney,
User Rank: Author
7/22/2014 | 9:38:48 AM
Re: Facial recognition Security
I also don't like the idea of phones using facial recognition either, but if it is secure and it means I don't have to remember another complex password, I'm all for it. I can only remember so many passwords with Capitals, numerals, and special characters. I'd rather use my brain to store important information, like my wife's birthday, or wedding anniversary. :)
Byurcan
50%
50%
Byurcan,
User Rank: Author
7/22/2014 | 11:04:17 AM
Re: Facial recognition Security
I am wholly against it. Most people will say it's paranoid to make the jump from biometrics for mobile phone authentication to some kind of big brother government, but it's not that big leap to make. First, they'll get us comfortable with the technology, then soon the government will install monitoring devices in our homes to make sure we're using the right kind of light bulb.
Kelly22
50%
50%
Kelly22,
User Rank: Author
7/22/2014 | 2:40:06 PM
Re: Facial recognition Security
I'm torn on the issue myself. The idea of not having to remember a million usernames and crazy passwords is appealing, but I'd have to be convinced of the security first. The key may be layering multiple security technologies (fingerprint/voice recognition, geo-location, etc.), as Jon mentioned below. 
Mstrange1234
50%
50%
Mstrange1234,
User Rank: Apprentice
7/23/2014 | 5:14:53 PM
Re: Facial recognition Security
Thanks for the comment.  There are obviously lots of tradeoffs, and the security-vs-convenience struggle will continue on.  There are many people who will prefer convenience, and technology as a useful enabler.  Others will be more cautious.  I think the key is for the industry to adopt some core standards of practice (and technology) that reasonably protect the consumer.
aaronAshfield
50%
50%
aaronAshfield,
User Rank: Apprentice
7/17/2014 | 10:47:18 AM
SAT Mobile ID: Locks after You
SAT Mobile ID offers advanced authentication solutions on Windows, iOS and Android based mobile devices. The solution installs in minutes and provides single sign-on across all enterprise applications. www.SecureAccessTechnologies.com
Register for Bank Systems & Technology Newsletters
White Papers
Current Issue
Bank Systems & Technology - August 2014
Modern core systems are emerging as the foundations of effective channel integration and customer engagement initiatives.
Slideshows
Video
Bank Systems & Technology Radio
Archived Audio Interviews
New IT Models for New Financial Services Challenges