IBM on Tuesday offered its vision of the future of financial services, complete with biometrics, state-of-the-art branch offices, enterprise risk-management systems, and advanced customer interaction.
IBM demonstrated a "cancelable" biometrics system, in which a prearranged transformation algorithm intentionally distorts a person's biometric data, such as a fingerprint, rendering the original biometrics useless for identification purposes. The biometrics project was conceived out of a need "to make replacing biometrics as easy as replacing credit cards," said IBM researcher Nalini Ratha during a presentation at IBM's Industry Solutions Lab in Hawthorne, N.Y. One of the most valuable properties of biometrics -- its invariance -- also is its biggest drawback: If a credit-card number is compromised, a bank can simply issue another card, but with biometrics, replacement is impossible.
Under the IBM system, when a bank enrolls a new customer, it will capture the customer's biometrics, such as a fingerprint scan, run it through the transformation algorithm, and store the new, transformed biometric records in its database. Should this information be stolen, either through a phishing attack or by hacking, the bank cancels the biometric data on file and issues a new set of data by running the transformation algorithm once again. The process can be repeated as often as needed.
The process is irreversible. Even if a hacker were to obtain the transformation algorithm and the transformed biometric data, the original, unaltered biometrics couldn't be reproduced.
IBM also demonstrated its Everywhere Interactive Display, which turns surfaces in a retail store into interactive kiosks. The system can project images onto walls or the floor of a bank branch. By touching a button on the image, for example, a customer can bring up information about a new financial product. Three large U.S. banks are evaluating the system, which has been tested by Germany's Metro Group retail chain, said Mark Greene, general manager of IBM's global banking unit.
IBM detailed an enterprise risk-management framework intended to help financial institutions cope with a stream of regulations such as Basel II and the Sarbanes-Oxley Act. The central themes of the IBM approach are that risk and compliance need to be managed centrally, and that operational risk, such as the likelihood of losses due to unpredictable events such as natural disasters, needs to be modeled using probabilistic means. IBM tested the risk framework during its own Sarbanes-Oxley compliance process, which involved almost 10,000 financial-control points.
IBM also showcased a customer-relationship-management project called Smart Customer Interaction, featuring a "semantic engine" capable of generating highly targeted scripts for customer-service representatives. The system models human needs, goals, and behavior, said IBM scientist Doug Riecken. It differs from traditional rules-based systems by providing greater "fluidity" of movement across the data accumulated on a customer, thereby generating more precise questions for a service representative, he said. The system has been tested by HSBC Group plc in its small- and midsize business divisions, and is due to be tested by another international bank in the fall.