Identity theft is costing South Africa as much as R1-billion per year and has increased by more than 200% in the past six years. It is clear that consumers need an easy to manage security solution, but is biometrics the way forward?
Growing cyber risk has ushered in the need for watertight methods of protecting personal data. According to the South African Fraud Prevention Service, identity theft is costing the country at least R1 billion per year and has increased by more than 200% in the last six years.
Demanding and tech-savvy users continue to exert extreme pressure on companies to solve the convenience versus security conundrum. This is where a seamless customer experience and data security intersects.
In today’s mobile world it is increasingly important to have secure, on-the-go authentication. As a result, many experts feel that biometrics offers the best hope.
A new research report by analyst group BIS, forecasts the global biometric market to grow from $10.08 billion in 2014 to $25.31 billion in 2020.
This steep growth projection is helping to fuel innovation that is evident in how biometrics modalities continue to spread across the human body. It started with fingerprints in the late 1960s and progressed to facial recognition. Today the list includes vein, palm, iris, voice, gait, DNA, handwritten signatures and tattoos.
The new wave of biometrics technology is gesture related and personalised through a combination of wearable technology and geo-location as well as sci-fi inspired implants and ingestible tokens. Facial emotion recognition technology is patent-pending and is pipelined for consumer use. Though these have appeared in films for many years, they are largely unproven in the real world.
A bad rap
Despite its association to the tourism industry’s recent reduction in visitor numbers, biometrics in South Africa is enjoying real-world resurgence.
Speaking at the Biometrics in Financial Services conference, Nick Perkins, divisional director for identity management at Bytes Systems Integration believes the reason is that we have arrived at a time where we need a new solution. “The existing card and pin authentication model has not been replaced because it is simple. The problem is that it’s no longer secure and is being exploited,” says Perkins.
Essentially biometrics is the measurement of a human being through their physical characteristics. Physical biometrics is turned into electronic biometrics when an algorithm converts an image of a biometric subject into a mathematical string that can be best described as coordinates and descriptions of unique identifiable features.
These algorithms then compare a “fresh capture” to the “reference template” which is warehoused in a database. The storage of templates instead of images helps to secure biometric data.
The many biometrics modalities on offer may hold the key to its wider adoption. South African biometrics experts agree that today it is not good enough for banks and other companies to rely on one form of authentication.
PayU COO, Johan Dekker, believes a solution lies in multi-factor authentication.
“The dual-factor authentication model strives to have two of three verifications in place at all times. A pin code is what you know, a smartcard is what you have and a biometric characteristic is what you are. A one size fits all approach would not provide enough adaptability, security and redundancy in the event of an access breach,” says Dekker.
Much work to be done still
Authentication is not the only aspect of biometrics that requires smoothing out. Biometric data can be stolen, lost or otherwise compromised while being stored. Unauthorized access to biometric storage devices through corporate sabotage by disgruntled employees is a growing threat to privacy. So too, is the misuse of a biometric, given that the biometric itself cannot be changed. Once compromised it will continue to be an issue for the life of the donor, as opposed to a password which can be easily changed.
Independent identity verification expert, Dawid Jacobs, highlights a key focus area and potential driver of biometrics today.
Says Jacobs, “The emphasis is on customer experience and how quickly they can be helped. This creates allowance for potential problems which escalate over time, specially with acceptable losses. In my view there is no such thing as acceptable losses due to identity theft. The individual needs to be put back in control of their Identity.”
The rush to ensure users are happy and safe is keeping leading tech companies busy.
MasterCard is currently piloting its new biometrics app, MasterCard Identity Check, which is set for a widespread launch in 2016. The app combines facial or fingerprint recognition as well as the recent human obsession, selfies. It remains to be seen whether Mastercard have solved the problems associated with lighting and background. All fingerprint scans remain on your device and facial scans are linked to the cloud so that templates will transmit and remain safe on MasterCard’s servers.
Apple has applied to use a facial recognition system for photo distribution. This calls into question the company’s pro-privacy stance should it decide to use cloud-based processing or storage of private user info. Apple was also recently granted a US patent that covers a new technology that enables users to unlock future iPhones by…wait for it…taking a selfie.
Closer to home, Standard Bank has debuted its biometric banking app. Capitec has fingerprint details of all 6.2 million of its customers and has linked its biometric database to the Department of Home Affairs’ database, enabling it to verify customer identity. The rollout of Biometric ATMs by FNB is imminent.
Dawid Jacobs is building an independent database of certified living and deceased fingerprint identities. He aims to provide SA companies with full audit trails and to be fully compliant with POPI, ISO and all relevant legislation.
Jacobs says, “The more companies know about their customers and the more they collaborate the less pressure is on state law enforcement agencies who do not have the tech or the capacity.” This will complement the FICA endorsed Know Your Customer initiative which also endeavours to prevent identity theft and money laundering.
Mustapha Zaouini, PayU’s MEA CEO sums up the reality for all users. “The issue of protecting individual data will only grow in importance. In order to reap the convenience benefits users must prepare themselves for more disciplined and multiple information security practices in this brave new world.”
How we use phones to avoid human contact
A recent study by Kaspersky Lab has found that 75% of people pick up their connected device to avoid conversing with another human being.
Connected devices are becoming essential to keeping people in contact with each other, but for many they are also a much-needed comfort blanket in a variety of social situations when they do not want to interact with others. A recent survey from Kaspersky Lab has confirmed this trend in behaviour after three-quarters of people (75%) admitted they use a device to pretend to be busy when they don’t want to talk to someone else, showing the importance of keeping connected devices protected under all circumstances.
Imagine you’ve arrived at a bar and you’re waiting for your date. The bar is busy, and people are chatting all around you. What do you do now? Strike up a conversation with someone you don’t know? Grab your phone from your pocket or handbag until your date arrives to keep yourself busy? Why talk to humans or even make eye-contact with someone else when you can stare at your connected device instead?
The truth is, our use of devices is making it much easier to avoid small talk or even be polite to those around us, and new Kaspersky Lab research has found that 72% of people use one when they do not know what to do in a social situation. They are also the ‘go-to’ distraction for people even when they aren’t trying to look busy or avoid someone’s eye. 46% of people admit to using a device just to kill time every day and 44% use it as a daily distraction.
In addition to just being a distraction, devices are also a lifeline to those who would rather not talk directly to another person in day-to-day situations, to complete essential tasks. In fact, nearly a third (31%) of people would prefer to carry out tasks such as ordering a taxi or finding directions to where they need to go via a website and an app, because they find it an easier experience than speaking with another person.
Whether they are helping us avoid direct contact or filling a void in our daily lives, our constant reliance on devices has become a cause for panic when they become unusable. A third (34%) of people worry that they will not be able to entertain themselves if they cannot access a connected device. 12% are even concerned that they won’t be able to pretend to be busy if their device is out of action.
Dmitry Aleshin, VP for Product Marketing, Kaspersky Lab said, “The reliance on connected devices is impacting us in more ways than we could have ever expected. There is no doubt that being connected gives us the freedom to make modern life easier, but devices are also vital to help people get through different and difficult social situations. No matter what your ‘connection crutch’ is, it is essential to make sure your device is online and available when you need it most.”
To ensure your device lifeline is always there and in top health – no matter what the reason or situation – Kaspersky Security Cloud keeps your connection safe and secure:
· I want to use my device while waiting for a friend – is it secure to access the bar’s Wi-Fi?
With Kaspersky Security Cloud, devices are protected against network threats, even if the user needs to use insecure public Wi-Fi hotspots. This is done through transferring data via an encrypted channel to ensure personal data safety, so users’ devices are protected on any connection.
· Oh no! I’m bored but my phone’s battery is getting low – what am I going to do?
Users can track their battery level thanks to a countdown of how many minutes are left until their device shuts down in the Kaspersky Security Cloud interface. There is also a wide-range of portable power supplies available to keep device batteries charged while on-the-go.
· I’ve lost my phone! How will I keep myself entertained now?
Should the unthinkable happen and you lose or have your phone stolen, Kaspersky Security Cloud can track and protect your device from data breaches, for complete peace of mind. Remote lock and locate features ensure your device remains secure until you are reunited.
Five key biometric facts
Due to their uniqueness, fingerprints are being used more and more to quickly identify and ensure the security of customers. CLAUDE LANGLEY, Regional Sales Manager, for Africa at HID Global Biometrics, outlines five facts about the technology.
How many times in a day are you expected to identify yourself? From when you arrive at work you are required to sign in, visiting your bank, receiving healthcare services… The list is endless. When a system knows who you are, you are able to do any number common, everyday activities. Your identity is unique and precious. It is also easily stolen and the target of many hackers across the globe. Technology is constantly evolving alongside the criminal element, always looking for ways to protect data and identity. One such solution happens to be biometrics and it is rapidly gaining traction in our increasingly complex modern world.
Reliable, secure and fundamentally YOU, unique biometric traits such as fingerprints are being used by banks, enterprises and consumers to verify identity. Biometric solutions offer significant identity protection because they use unique biological details to ensure an account is only accessed by the account holder, a door only opened by the owner. Here are five things that are little known about this technology…
- The uncut identity. Your fingerprint is unique to you. Nobody can use a copy of it to impersonate you. Good technology is capable of scanning down into the layers of the fingertip to differentiate unique elements of a person’s fingerprint, this data is then encrypted and used as a key to unlocking whichever physical or virtual door that the biometric system protects.
- The living proof. No, there is nothing to the stories of fingerprints being used without their owner’s knowledge or permission. Biometric solutions can use specific variables to determine if the finger used to access the system is that of a present, living person. A copy or a fake cannot be used to access a cutting-edge biometric solution.
- Easy and convenient. Queues and documents and paperwork may well be a thing of the past should biometrics take a firmer grip of government and banking systems. The process of registering is easy, and access to identity documents and records is yours alone.
- Security blanket. A thousand passwords and a hundred post-it notes stuck on walls and drawers. An excel file with a list of sites and applications and their corresponding passwords, all a thing of the past. Nobody needs to remember their password with biometrics, they only need to show up.
- Anywhere is cool. Schools, airports, networks, offices, homes, toilets, banks, libraries, governments, border controls, immigration services, call centres, hospitals and even clubs and pubs – knowing “who” matters and biometrics can quickly and conveniently confirm your identity where needed.