How Biometrics in branches is saving banks millions
The long-standing partnership between top South African retail banks and the Department of Home Affairs is helping to reduce fraud through the use of biometrics.
In terms of the partnership, which was officially signed by the South African Banking Risk Information Centre (SABRIC) on behalf of the banking industry and the Department on 16 March 2010, banks are enabled to access the Home Affairs National Identification System (HANIS) to confirm the identity of clients or prospective clients through biometric fingerprint matching – HANIS traditionally uses fingerprints to provide secure identification for all South Africans for a host of government citizen services.
More recently, the Minister of Home Affairs, Malusi Gigaba, announced that seven banks are currently using the HANIS verification service to prevent fraud.
He estimated that the collaboration agreement potentially prevents the loss of some R322 million a month, or over R3 billion per year.
Transaction volumes are rising, and now total 2.5 million a month.
In September 2015, Visa Inc. introduced a new specification to use biometrics with chip card transactions.
The specification can enable fingerprint, palm, voice, iris, or facial biometrics.
This first-of-its-kind technology framework is designed to work with the EMV® (Europay, MasterCard, Visa) chip industry standard to help ensure open, globally interoperable solutions.
This is a clear sign that the biometric direction the local banks are taking is becoming a preferred customer verification methodology.
Biometric verification is intended to prevent fraud as well as make it easier to pay securely – it’s simpler for a customer to place one fingerprint than to input a 5 digit PIN and press proceed – 1 touch versus 6 speeds up processing times and takes away the headache of remembering your PIN, or having someone who knows your PIN be able to use your bank card.
The architecture Visa has designed enables fingerprints to be securely accepted by a biometric reader, encrypted, and then validated.
The specification supports “match-on-card” authentication where the biometric is validated by the EMV chip card and never exposed or stored in any central databases.
Issuers can optionally validate the biometric data within their secure systems for transactions occurring in their own environments, such as their own ATMs.
Currently, around 40 000 fingerprint sensors are in use within the South African banking industry, and not only in the branch environments.
Most banks have started investigating the use of biometrics in their ATM, Retail Point of Sale and internet banking to secure transactions with their customers, following the emerging need over the past years to secure the identity of their customers at transaction points.
The VISA card announcement has certainly added more support to the industry needs.
“While the figures are difficult to quantify, it’s clear that this is a great case study for the use of biometrics to combat crime and save the economy considerable amounts of money,” says Nick Perkins, Divisional Director: Identity Management at Bytes.
“However, none of these benefits would be achievable without the right biometric technology.
To work in the real world, a solution like this must be able to deliver instant response, and that’s why Lumidigm fingerprint sensors from HID Global are the preferred technology of most of the local banks.”
Perkins explains that Lumidigm multispectral imaging technology leads the industry because it can capture fingerprint patterns under the skin.
This means that, unlike conventional optical fingerprint readers, Lumidigm sensors can read worn or damaged fingerprints, and can cope with wet or dirty hands.
This capability delivers virtually error-free authentication with a single touch of a finger, in a continent where manual labour is common which generally leads to worn or damaged fingerprints.
“Banks cannot sacrifice customer experience to meet their need to improve security, so it’s very important that the authentication process is quick and accurate, and must be inclusive of all their customers,” he says.
The additional ability of the Lumidigm fingerprint reader to detect liveness and fake finger (spoof) attempts, as well as a secure endpoint technology for un-manned biometric interactions, such as ATM and Point of Sale environments, means the banks are assured that if their staff are not present to ensure biometrics are captured correctly, that the biometric solution will do all the checks and balances for them, and keep their customers money safe.
“With an even larger impact, the rollout of the new South African smartcard ID Cards, which are loaded with the citizen biometrices, means that there is a real need for a solution that can authenticate a person against the biometric details stored on the ID card’s chip, quickly and accurately,” says Perkins.
Bytes, with HID Biometrics, has recently launched a combination fingerprint and contactless card reader leveraging the Lumidigm technology.
The Lumidigm V371 offers among the best multifactor authentication in one neat device, says Nick Perkins, divisional director: Identity Management at Bytes.
Perkins also points out that the device can be used with any contactless smartcard to perform multi-factor identification.
It therefore has many other uses in high-security applications, where smartcards containing biometric information are issued, such as to secure customer verification against bank cards, or bank transactions themselves, and we are seeing the banks moving this way now.
Concludes Perkins, “Validating the true identity of an individual is key for our banking, retail, telco, healthcare and government clients to provide valuable services to their customers while at the same time reducing fraud—but the technology should be fit for purpose.”
Lumidigm is a registered trademark of HID Global.
This article was published in partnership with Altron Bytes.