With static passwords losing more and more effectiveness as an authentication method, biometric identification is regaining momentum after years on the sidelines. A recent major example of this resurgence is Apple Inc.’s introduction this month of its new iPhone 5S, which features a fingerprint sensor to unlock the device.
The popularity of smart phones, indeed, is making biometric technologies like voice and facial recognition more practical. A vendor in the latter camp is Palo Alto, Calif.-based Jumio Inc., which this week introduced a feature for its NetVerify authentication product that compares a photo on an ID card with the user’s actual face as both are presented to a phone or PC camera. The feature, called Face Match, checks data points from both images to render a confidence score, which banks or merchants can use to either authorize or decline a transaction.
Marc Barach, chief marketing officer at Jumio, says Face Match is just now emerging from its beta phase and is in various stages of implementation with “a couple dozen” clients. There is no charge to activate Face Match beyond the subscription fee for NetVerify, says Barach. He declines to discuss pricing for this service.
With Face Match, NetVerify's technology can not only document the genuineness of an ID card, but check that the person holding it is the same as the person pictured on it, says Barach. “Up to this point, we’ve been extracting information from ID cards, for example passports or driver’s licenses, and we wanted to strengthen [verification] by adding [an additional authentication] factor, a biometric,” he says. With this new feature, “we can make sure it’s not only a valid ID, but not stolen,” he adds.
Clients can determine whether they want to apply Face Match to all transactions or only to those deemed high-risk. While there may be times when a user won’t have ID with him, Barach says, “We’re not seeing a significant number of cases where the customer doesn’t have a photo ID present.”
Still, initial clients for the new service are likely to be banks rather than merchants, says Julie Conroy, a senior analyst at Boston-based researcher Aite Group LLC who follows security technology. “Merchants are still very wary of imposing any form of friction in the user experience, and the [Face Match] use case is pretty intrusive,” she tells Digital Transactions News via email. “I do see potential for facial recognition technology, but I think we’ll first see it in online banking, where the stakes are higher, and the consumer has more of an incentive to participate in the fraud-fighting effort.”
For merchants, Conroy argues fingers rather than faces will likely win out. “I think we’re getting closer and closer to a time when biometrics as an authenticator will be more mainstream thanks to the many opportunities offered by mobile devices,” she says. “In the merchant environment, the mitigation techniques need to be much more transparent to the end user—if there is a biometric that represents low-hanging fruit in this environment, I think it will be the finerprint.”