Fingerprints still too unreliable for banks

Error rate for fingerprint scanning still relatively high, says Cuscal CIO Brian Parker

Cuscal CIO Brian Parker

Cuscal CIO Brian Parker

Biometric technologies such as fingerprint scanning have not taken off in the financial services sector because they are still too unreliable, particularly as an identifier at banks’ ATM machines.

This is the view of Brian Parker, CIO at Cuscal, which provides payments infrastructure for 150 financial institutions and owns and operates the rediATM scheme, one of Australia’s largest ATM networks.

“Fingerprint technology has been around for a while [and] it’s getting better, but the error rate is still relatively high,” Parker says.

“The quality is probably enough for you identify yourself to a phone – but would you trust it as your primary identification mechanism when you don’t know the extent of how your fingerprint is being validated by a third party? I don’t know,” he says.

Organisations must tune biometric devices to their risk appetite, he says.

“So the more critical the signature is ... the more you put into the algorithms to validate it. This means that it doesn’t take much at all for your fingerprint to become unusable,” he says

“It can be a cut or something like that and suddenly it doesn’t work. I’ve heard of people who’ve actually been working, doing some manual labour, just enough to roughen it [their fingers up] and they don’t work.”

He said smartphone manufacturers set the tolerance down quite low on their fingerprint scanners so they are only looking for small amounts of patterns on an individual’s finger.

Use of other biometrics in financial services, such as iris scanning, is still a long way away, he says.

Read more: Fingerprint sensor in iPhone 5S is no silver bullet, researchers say

However, organisations across multiple sectors are exploring the use of several types of biometric technologies. The Australian Passport Office last November issued a tender for new biometrics technologies.

The organisation has been using facial recognition for its passport production process since 2005.

In 2012, ANZ Bank said it was exploring using fingerprint recognition technology to replace traditional PIN codes.

Parker said there an interesting discussion under way now about how secure a transaction has to be and how much organisations and consumers are you willing to pay for a certain level of security.

“If you’re protecting the front door or the control panel of a nuclear arsenal, you probably want to spend a lot of money on security to make sure it’s top grade and nobody can get through it.

"If you are trying to protect a $100 transaction on a card, would you apply the same grade of security that you would to get into that nuclear control room?

“That’s the catch-22 that we are in. You have to make a risk-based decision on everything you do. If you are happy to trust your phone access to a biometric which you know is not particularly robust, that’s fine.”

Follow CIO Australia on Twitter and Like us on Facebook… Twitter: @CIO_Australia, Facebook: CIO Australia, or take part in the CIO conversation on LinkedIn: CIO Australia

Follow Byron Connolly on Twitter:@ByronConnolly

Read More:

Tags Brian Parkeranz bankCuscaliris scanningbiometricsfingerprint scanner

More about ANZ Banking GroupFacebook

1 Comment

Jim

1

Perhaps the article got it backwards.

I have been using my fingerprints (thumbprint actually) for automated immigration clearance to enter/exit Singapore for about 10 years now. Very reliable.

When I enter/exit Australia the face recognition works about one in three for me. Not so reliable.

Comments are now closed

Bill shock measures extended to all telcos

READ THIS ARTICLE
MORE IN Careers
DO NOT SHOW THIS BOX AGAIN [ x ]