Money 20/20 all about authentication: Here's how to focus
NEW YORK, N.Y. – When you attend a conference as large as Money20/20, it is easy to get overwhelmed by the number of companies offering a solution to the issue of the day.
In 2015 the popular topic was authentication. How do you make it safer? How do you make it more convenient?[caption id="attachment_25225" align="alignleft" width="300"]Behavioral biometrics can be more effective than physical, he added. Sensors can capture your unique walking style, or how you type – the travel time between keystrokes and how much force you press with are factors which in combination can contribute to a unique profile.
One solution was originally developed to coach skiers. A coach wanted to capture different skiing techniques and compare them with top performers as he sought to improve performance, Mr. Jorgensen said.
Cameras and recorders already present in phones can be employed to capture the owner’s face and voice, though Mr. Jorgensen acknowledged that raises profiling issues threatening widespread acceptance.
Encap works to enable the biometric solutions the market requests, Mr. Jorgensen explained, and those requests vary based on factors such as geography. Voice biometrics are favored in emerging markets because they are inexpensive and accommodate all literacy levels.
One challenge is to develop as detailed of a solution as possible at the beginning, because updates are prime opportunities for security breaches, Mr. Jorgensen said.
“From a security perspective you don’t want to do that too often.”
Mr. Jorgensen said there is a clear disconnect in how financial institutions in the United States employ mobile technology, and that is partially due to not understanding the limits of biometrics.
“People are fooled into thinking because it is biometrics that it is very secure, that because it is linked to them as a person but it is just one factor.”
“There needs to be multiple authentication processes,” Mr. Jorgensen said. “One piece linked to biometrics is theoretically no better than a password.”
Mr. Jorgensen explained the entire solution must be predicated on the device always being linked to your identity as the primary identification factor. Then you can layer in biometrics, contextual and behavioral information.
And while it is theoretically possible to hack into devices with strong security features, the harder you make it the more effective the solution is, Mr. Jorgensen said.
“Fraud is like any other line of business. Fraudsters will go where they get bang for their buck.”