Security
October 07, 2024
4 min to read
- Copy link
- Share on X
Behavioural Biometrics: The Future of Financial Security
Before we dive into behavioural biometrics in fintech and what they mean for payments, it’s important to first define what these are. We often hear ‘biometrics’ and assume this means fingerprint or facial recognition. This is partly true, but not what we mean by behavioural biometrics…
Behavioural biometrics vs physical biometrics
Behavioural biometrics are more exciting and elaborate than physical biometrics (which are things like fingerprint and facial recognition, iris-readers and voice activation technologies). Behavioural biometrics are essentially how we use technology, an intricate reconstruction of the way we use devices and access data.
This can include analysis of how we type and use a keyboard, the way we hold our phone screen (landscape or portrait), the interactions we make with swipe and touch on a screen, how long we dwell on a specific site or even a particular part on a single web page at a time. We may not realise it, but if all of this data were to be mapped out then this would influence an individual’s behavioural biometrics.
Right now, think about how you’re reading this blog. Are you scrolling with your thumb on a phone screen? Is it one of several tabs open on your browser, and you’re quickly scrolling down? And are you a fast reader, who will only take minutes to complete this blog before closing it and moving on? Small elements like that all piece together to an individual’s digital representation.
Using behavioural biometrics in payments
We know how important identify verification is to online safety and keeping our money secure. Many banks and payment firms will be in touch if you, or someone with your card, suddenly attempts to make a large transaction that’s out of character. Behavioural biometrics is an evolution from this rather simplistic step, into something much more advanced.
Behavioural biometrics are nearly impossible to replicate. Someone may have your card and details, but can they truly mimic the way you act with your digital devices? Could a criminal perfectly mimic the speed at which you type or use a touchscreen? Hardly. And the technology is improving all the time. The National Institute of Standards and Technology found that between 2014 and 2018 biometric accuracy increased by 96% to 99.8%. Imagine what it’s like now.
These behavioural biometrics are then backed up with device-based indicators such as IP addresses and geolocations. Risk assessment rules can be applied to each transaction, ensuring an appropriate authentication level is always proposed.
Behavioural biometrics represent a new level of intuitiveness from technology. While many are talking about AI – and there is certainly scope for machine learning with behavioural biometrics – systems’ greater understanding and recognition of users can deeply enhance operations.
The advantages of behavioural biometrics are:
- Faster transactions. In the same way contactless has made transactions quicker, behavioural biometrics removes the authentication steps and can mean smoother processes and much shorter queues.
- Compatible with existing infrastructure. Incorporating behavioural biometric processes doesn’t require any additional investment.
- Greater security than passwords. As we’ve touched upon, a criminal may be able to figure out your PIN or password, but they can never replicate your mannerisms and how you use technology for an extended period.
- Tougher fraud defence. In the same way behavioural biometrics make it harder for criminals to get into your accounts with your password, this can also stop them pretending to be you when attempting to make a transaction. This can also make it easier for people to prove who they are – rather than remembering numerous security questions potentially set months ago!
What next for behavioural biometrics?
This poses exciting applications for the future of financial security with behavioural biometrics. Often used with physical biometrics, it is now possible for payment firms to know if the person entering a password is indeed that user. HSBC is an example of a major player that is engaging with this technology. The firm has partnered with Callsign, a behavioural biometrics specialist to identify users based on their inherent characteristics. More will surely follow, and it will be fascinating to see this trend unfold.
To get more insights from the Cardaq team as they’re published, sign up to a newsletter below:
Don’t miss out on fintech insights, company milestones, and expert tips