No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Featured

Evolution of Dynamic Biometrics: Disrupting the Fraud Prevention Landscape

A Next-Gen Solution for Rising Identity Theft and Fraud

by Sujata Dasgupta
September 17, 2020
in Featured, Financial Services, Fraud
illustration of face in profile measured by biometric scan

In the last six months, practically everything has gone digital, creating a mountain of new digital data for fraudsters to mine. Sujata Dasgupta discusses the rise in dynamic-biometrics-based identity verification, the next step in fraud prevention for the financial services industry.

The world today is powered by digital technologies, from financial services to health, entertainment, education, travel and e-commerce – every service is available online! With the growth of online activity, there has been a proliferation of digital profiles created by consumers of varied services. Increased online activity creates an increasing amount of digital data about customers: their credentials, devices, locations, activity behaviors, payment methods and so on.

As more data circulates in the cyber world, the risk of this data falling into the hands of fraudsters rises, with the data possibly being sold on the dark web to a larger network for various kinds of fraud. Identity theft enables fraudsters to commit a wide variety of fraud across the entire customer life cycle. Examples include:

  • New account onboarding fraud, where fraudsters use stolen identity documents and data to open new accounts in a bank, with malicious intent.
  • Account takeover, where fraudsters use stolen ID and credentials of legitimate bank customers to take control of their online banking facilities and wipe away their funds and credits.
  • Payment fraud, where fraudsters use stolen ID and cards data of legitimate bank customers to make purchases for themselves online, thereby making the bank customer liable to fund such purchases.
  • Synthetic ID fraud, where fraudsters use the stolen identities of legitimate customers and augment them with fake information to create synthetic customer profiles. Bank accounts are then opened using the synthetic profiles and credit is obtained and never repaid. No real person gets caught for such fraud, as nobody with the profile exists in real life.
  • Loan fraud, where fraudsters use stolen identities of legitimate customers with high creditworthiness to obtain loans from banks (e.g., auto loan, home mortgage or business loan) with the intention to never repay and make the legitimate customer liable.

Emergence of Biometrics in Fraud Prevention

In the traditional model of financial and other services, there was always a face-to-face interaction between customers and service providers. Authentication of legitimate customers was done by verifying signatures and photographs. With the emergence of online services, the absence of physical interaction necessitated customer authentication using credentials that could identify the online user as the legitimate customer. Such authentication used a combination of the two factors: what we know (user ID, password, secret question) and what we have (dynamic PIN token/card, phone for OTP).

However, with the growth of online payments and other services, cybercrime also started growing. Using methods ranging from phishing attacks and malware injection on individual customer devices to hacking data centers for a much higher volume of personally identifiable information, cybercriminals have gained access to data on both authentication factors. Our online credentials no longer safe – possibly they are all available on the dark web already, making our bank accounts highly vulnerable to fraud!

Thus, the first generation of biometric authentication was born, and online identity verification moved from two-factor to multifactor authentication, the new factor being who we are (static biometrics like face scan, fingerprint, voice and iris scan). Facial image recognition and fingerprint scans were steadily accepted as the biometrics of choice and were quickly adopted by various financial service providers for digital identity verification.

From Static to Dynamic: Next-Generation Biometrics for Advanced Authentication

While financial institutions have been adopting advanced technology for fraud prevention, the same advanced technology is being exploited by fraudsters to fool the systems by using various techniques to spoof, mask and tamper with authentication requirements.

Static biometrics also could not provide secure authentication for long, as fraudsters designed high-resolution images and masks of legitimate customers to get through facial recognition. Fingerprints were also stolen and reconstructed on imitation devices shaped like fingers, thus committing fraud despite multifactor authentication checks being in place. The ease with which such biometrics were spoofed called for more complex biometrics to be designed for a stronger authentication mechanism!

The second generation of biometrics was conceived to address this challenge – dynamic biometrics involving real-time movement of face (for facial recognition) and fingers (for behavioral biometrics). This includes several layers of verification in a complex authentication process without adding friction to the customer experience. Digital identity verification reached a new level with higher security, as the early adopters have been witnessing reduced identity-theft-related fraud after implementing dynamic-biometrics-based authentication.

Dynamic Biometrics: The AI Edge

Dynamic-biometrics-based identity verification aims to ensure that the legitimate customer whose biometrics are being used is present and authenticating for himself, as face and finger movements cannot be spoofed using photos, masks and artificial fingers. Face recognition works through selfie videos, with customers turning their head in a certain direction, or facial expressions, like eye blinking as instructed on the screen, speaking the digits displayed on screen and so on. Finger-movement-based behavioral biometrics consider the specific finger used, pressure applied on screen, area of finger touching the screen, keystroke dynamics, typing speed and so on.

Artificial intelligence (AI) has been the technology backbone of dynamic-biometrics-based authentication. Facial recognition uses the creation of 3D face maps, leveraging convolutional deep neural networks. Liveness detection is used to determine movements, ensuring presence of the customer live. Voice recognition and voice-to-text analysis verifies the spoken words as per screen-based instructions. Finger-movement-specific attributes are detected using sensor and behavioral biometrics.

With technology making rapid strides, there is a lot of research and development ongoing in this space. Dynamic biometrics is being recognized as indispensable for digital identity verification, and a combination of facial recognition with behavioral biometrics could be the next-gen fraud prevention mechanism against identity theft.

Adoption of Dynamic Biometrics for Fraud Prevention: The Way Forward

The banking and financial services sector has been undergoing a huge shift in the operating model, which gained momentum with the rise of challenger banks, also called digital banks, as they do not have any physical infrastructure and operate on digital channels only. This prompted the legacy banks to also compete by turning to digital, as the current generation of customers seem to prefer this channel over visits to the brick-and-mortar one! And more recently, COVID-19 triggered an acceleration of this digitization process, as lockdowns and social distancing discouraged physical interactions.

The consequence of increased online activity was an increase in identity fraud, as trends from the last five years suggest. This made it imperative for financial institutions to turn to dynamic-biometrics-based enhanced authentication solutions. Adoption of such solutions has been on the rise in the following areas:

  • New account onboarding, to ensure that only prospects with legitimate identification are onboarded, filtering out the fraudulent ones. Even with stolen ID documents, fraudsters are most likely to fail the dynamic biometric checks!
  • Online banking, to enable only the rightful customer to access his account and conduct transactions, both financial and nonfinancial, through online channels. Selfie-video-based or behavioral-biometrics-based login is a step toward password-less account logins.
  • Payments. Whether digital or at point-of-sales, dynamic-biometrics-based approval of card payments, replacing the PIN/OTP method, is also gaining acceptance.

Dynamic-biometrics-based authentication may slowly make password-less online identity verification a reality across all services. As matching accuracy of such solutions increase and identity-theft-based fraud plummets, adoption will see a sharp rise. It may not be too long to witness such success stories – the journey has already begun!


Tags: Banking
Previous Post

IsoMetrix Releases New Solution To Manage ESG Risks

Next Post

Navigating Business Uncertainty in a New Hong Kong

Sujata Dasgupta

Sujata Dasgupta

Sujata Dasgupta is the Global Head of the Financial Crimes Compliance Advisory Services at Tata Consultancy Services Ltd. and is based out of Stockholm, Sweden. She is an experienced industry consultant in banking risk and compliance (R&C), with a demonstrated history of working in banking, IT services and consulting, having worked for global banking clients in all major financial hubs, viz. New York, London, Singapore, Hong Kong, Frankfurt and now Stockholm. She also authors articles on risk and compliance in international banking R&C journals. Sujata can be reached on LinkedIn at www.linkedin.com/in/sujata-dasgupta-69473a20/.

Related Posts

North American – 14th Third Party Risk Management And Oversight For Financial Institutions

North American – 14th Third Party Risk Management And Oversight For Financial Institutions

by Aarti Maharaj
November 28, 2022

This marcus evans conference will showcase best practices to strengthen third party risk management frameworks, through procurement of new vendors,...

Credit Risk Discipline Tools – Implementing 14 Tools for Credit Risk Management

Credit Risk Discipline Tools – Implementing 14 Tools for Credit Risk Management

by Aarti Maharaj
November 3, 2022

This webinar will help you to build, implement, and maintain strong credit culture. This course offers 14 tools to test...

amazon web services

Dark Clouds: Capital One Proves Financial Institutions Can’t Rely on Providers for Security

by Michael Volkov
September 7, 2022

Going by the online handle “erratic,” a former Amazon software engineer conducted an extensive hacking scheme that gave her access...

boats stuck at low tide

Lifting All Boats in the Investment Banking Ecosystem Means Scaling the Trust Layer

by Federico Baradello
August 17, 2022

The U.S. government places extensive regulations on investment banking and related activities, including the use of technology. And while this...

Next Post
hong kong and china flags against blue sky

Navigating Business Uncertainty in a New Hong Kong

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT