Authors and Contributors: Sankar Krishnan, Executive Vice President, FSSBU; Alok Gupta, Principal, Capgemini Consulting; and Claire Wu, Associate Consultant
In the age of the ubiquitous selfie, it was only a matter of time before the financial services industry began adopting the human body as a safe and unique password. “Biometrics” refers to the collection and use of biological data and behavioral characteristics. As more global financial activity becomes digitally-based, many banks are considering biometric identification controls to combat fraud, make transactions more secure, and to enhance the customer experience.
Account hacking/fraud, coupled with the fact that the average consumer has 17 passwords to remember (and forget) have laid the groundwork for the biometric revolution. Historically, password authentication has not scaled well; and the more digital services a consumer uses (even beyond banking), the more passwords they must remember.
Biometric solutions also help to enhance security and customer convenience. As part of banks’ digital journey — and quest to give better access and control to customers — biometric solutions can save users time and make their lives easier.
A Growing Trend
Easy-to-forget passwords and PIN codes are being replaced by new and improved authentication across multiple areas:
Figure 1: Types of Biometrics
And since Apple introduced its incredibly usable biometric identification in 2013 with iPhone’s home button fingerprint sensor, the appetite for biometrics has expanded rapidly:
Figure 2: Biometrics in Financial Services by 2020
Impact for Financial Services
The adoption of biometrics authentication will most likely impact the financial services companies in three major business areas: customer experience enhancement, loss preventions, and cost reductions through enhanced customer loyalty and Customer Lifetime-Value (CLV), as well as operational effectiveness and efficiencies.
Customer Experience Enhancement
Ease of sign-in and identification, convenient payments and transactions, enhanced security, and better fraud protections due to biometrics are expected to provide augmented customer experience and ideas for new products and services. Call center voice authentication can improve customer experience significantly. This is particularly critical for engaging millennials, who will be 84 million strong, and 75% of US workforce by 2025. Capgemini’s research has shown that banks are not engaging millennials as well as their demographic cohort. Globally, millennials are expressing increasing interests in biometricsFor example – the Visa New Zealand Millennial Survey found that 62% of millennials are interested in using biometrics for payments for security, convenience, and more importantly for the “cool factor” consideration.
Simultaneously, FinTech firms are exerting greater influence over customers, as nearly two-thirds of customers across the globe are using products or services from Fintech firms, according to Capgemini research. Clearly, there are areas of opportunities, as the capability to seize the biometric opportunities to enhance digital offerings is one of the keys in winning the unconventional but inevitable battle on attracting banking customers and sustaining customer loyalty.
Figure 3: Biometrics Sign-in and Identification Use Cases in Financial Services
Figure 4: Biometrics Payments Use Cases in Financial Services
Figure 5: Biometrics Uses for Customer Experience Enhancement
Loss Prevention and Cost Reduction
Meanwhile, using biometric authentication measures can provide benefits in preventing revenue loss. Enhanced and more secure authentications bring better information protection, and hence superior cybersecurity measure and fraud detection. Biometrics authentication has taken some great leap forward from purely identification purposes with examples such as multi-factor, risk-based authentication, incorporating more comprehensive and advanced algorithms for enhanced security and user risk assessment. For instance, Royal Bank of Scotland partnered with BioCatch to implement behavioral analysis on customers by creating “unique user profiles” by capturing “500+ points of behaviors such as hand-eye coordination, pressure, hand tremors, navigation, scrolling, and other finger movements”. Such defense is able to recognize BOTs, RATs, malware, and other malicious account takeover attacks, while detecting anomalies in behavior throughout the entire log-in session via continuous authentication.
Another example is Citibank’s partnership with NICE on voice authentication for customer calls, aiming at both enhancing call center customer experience and reducing call center costs with shortened average handle time (AVT) by 40 seconds with reduced time to verify caller identities. It will also further improve security to address losses related to call center fraud from social engineering, which have risen 14% since 2013 to 65 cents per fraudulent call in 2015. Benefits will also be realized with not only preventing financial loss related to data breach, e.g. data recovery costs, reputational losses, potential losses when customers switch to other cards as current cards being compromised, etc., but also reducing costs of call center operations handling password recovery, fraud complaints, and resolution processes, as well as costs of replacing new cards e.g. manufacturing, shipping, etc. For instance, for a 1-million-customer financial organization, the total potential annual call center cost for password reset could potentially range from approximately $3 million to $8 million, not to mention the millions of potential financial loss due to the loss of customer trust and relationships as a result.
A Shift in Customer Journey
From the perspectives of customers, biometric products and services will bring various enhancements in the customer journey. Users only need to tap fingers on cellphone home buttons instead of typing in complex passwords to sign in into apps; with “selfie pay”, other than inputting credit card numbers and security codes, one can simply use the front camera on his or her smartphone to take a selfie to authenticate a transaction; also with biometric card, registered users will only need to verify their fingerprints at retailer’s terminals to pay, in replacing of the much less secure signatures; and lastly, with behavioral biometric technologies for fraud detection, customers do not even need to notice that various touchpoints during their log-in processes are being learned for authentications in the future to enjoy the benefit of enhanced security.
In a nutshell, these positive improvements in customer journey enabled by the biometrics will for sure contribute to improving the overall customer experience, which can ultimately translate into enhanced loyalty, customer value, and revenues.
Implications for Strategies
Biometrics is undoubtedly an invincible trend in the financial services industry, and expected to impact multiple business areas; therefore, financial services organizations also need to start early to create appropriate and effective strategies.
First, leaders and managements need to recognize and incorporate biometrics as part of organizations’ digital transformation process and urge organizational and culture adaptations, followed by the needs to prioritize business goals when identifying types of biometrics desired and suitable for the objectives. The next step is to conduct thorough analysis on current and required resources to identify potential gaps in infrastructure, talents, experience, capabilities, etc., before considering possible solutions and partnering vendors. Then, same as implementing other technological tools, it is important to launch test drives to collect data on user experience, costs, security, etc. before expanding to larger groups after improving compatibility and customization of the biometric tools. And finally, metrics for performance and success measurements should be created, e.g. cost assumptions, target-settings, reviews, iterative improvements, risk management, and most importantly, ROI assessments, which will serve as frameworks to potential future expansions to include multiple devices and more functionalities.
In terms of adopting the right types of biometrics, it makes sense to start with the most widely-applied technologies in some of the easy business cases, e.g. fingerprints/facial/eyeprints for mobile app sign-ins, launching Apple Pay compatibility, etc. Firms can also experiment with hardware such as fingerprint-authentication ATMs and payment terminals, as these areas are some of the most developed and mature, with many vendors available to select from. When it comes to fraud detection, it is hence worthwhile to consider adopting the multi-factor, risk-based approach, and partner with some vendors for behavioral biometrics to achieve the goal of enhanced security. After all, thorough readiness and gap analysis of current business structures and needs will help determine the best options.
Meanwhile, although biometrics can serve as a major opportunity to expand banks’ revenues, risks and challenges still exist in the mounting privacy and security concerns on biometrics adoptions, e.g. securities of data collection, storage, and utilities by corporations. Therefore, it is paramount to devise comprehensive governance policies, standards, and procedures as overarching compasses in the adoption process to address such concerns.
In addition, the use of biometrics, especially mobile biometric authentications provided by tech providers such as touch IDs, poses threats on diminishing financial institutions’ functionality of consumer ID preservation through KYC (Know Your Customer) verification. If such is the case, it will for sure have an impact on the choices of financial organizations on the types and vendors of biometrics to be used, increasing adoptions of tools that will preserve valuable customer data points within financial companies’ current database.
In short, technological development and biometrics are bound to have profound impacts and bring various implications for financial institutions. It is hence best to stay on top, prepare, and adapt to future changes to remain a sustainable, critical, and impactful industry player.
 Statistics from Mobile & Wearable Biometric Authentication Market Analysis & Forecasts 2017-2022, conducted by Goode Intelligence, an UK-based, independent business research and analysis company.
 Statistics from Millennial Disruption Index.
 World Retail Banking Report 2016 published by Capgemini.
 Statistics from Visa Millennial Survey.
 Statistics from Millennial Disruption Index, Bain, and Ernst & Young.
 Statistics from 2016 Call Center Fraud Report published by Pindrop, a phone-printing technology provider.
 Estimation based on model developed by Nok Nok Labs, an authentication company.