The future of identity in banking - deepsense.ai
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
The future of identity in banking
Table of contents Introduction 3 Balancing the identity management 4 equation What is Unique Identity….and why is it 6 so valuable? The time is right 9 Reaping business benefits from 10 Unique Identity Unique Identity in practice 12 Why Accenture? 14 2 | The future of identity in banking
Quick question. Which organizations
are the biggest buyers of identity
management technology and
services? If you answered central
government or police agencies,
you’d be wrong. Now spending
over US$1 billion a year on identity
management solutions, banks have
been the leading investors in
identity management solutions
for decades1.
This reflects the pivotal role of identity authentication in the
financial services industry, where the ability to establish and
verify the identities of customers and employees is fundamental
to maintaining customer trust, as well as the security
of transactions.
Now, however, rapid growth in digitization, new technologies
and new user behaviors are revolutionizing the ways in which
banks interact with their customers and employees and, in the
process, changing identity management obligations forever. As a
result, banks are starting to re-evaluate their role in the identity
supply chain.
At a time when industry convergence and disruptive innovation
around payments and commercial services are so intense, this
is a high priority. By capitalizing on their investments and
experience in this area, banks recognize that identity can be
about much more than security alone. Crucially, financial sector
organizations in some countries are seizing far broader business
benefits by exploiting new identity sources, biometrics and
advanced analytics technologies to increase customer insight
and service relevance, while reducing fraud, waste and abuse.
Banks in the United States and Europe are, however, lagging
behind. Few of the major players there have adopted biometrics
to a significant degree, with the market preferring to wait for
a first mover to legitimize the technology. As we show later in
this paper, that first mover may well have arrived (with Apple’s
2012 acquisition of Authentec).
3
Balancing the identity
management equation
Irrespective of these wider But protecting against these attacks is
just one part of the identity management
developments, security remains
equation. In a digital world, with data
a vital concern for banks. Digital surging in volume and velocity, and
banking is on the increase—and customers accessing financial services
from multiple platforms, identities are
so are the vulnerabilities that it
becoming increasingly complex and
creates. In most mature market expensive to manage. To put this
countries over 50 percent of in perspective, identity and access
customers are signed up for management now represent 30 percent
or more of a large financial institution’s
online banking2 and at least total information security budget4. And
25 percent of respondents to the costs are rising all the time.
the 2012 Norton Cybercrime
How to balance the need for vigilant,
Report3 regularly access their active cyber defense with the pressure
bank accounts online. The same to achieve greater operational efficiencies
report showed that over 40 and drive additional business benefits
from the massive investments that are
percent of online consumers
being made in this area? We believe the
either use weak passwords answer lies in banks moving decisively
and/or are not changing their to build on their already strong identity
management capabilities. As this point
passwords regularly enough.
of view explains, this means taking
And perhaps most significantly advantage of the stronger and more
of all, consumers are failing efficient identity management systems
to recognize how cybercrime that are now available—systems that can
deliver what we term “Unique Identity”.
is evolving to target mobile
platforms and networks. This Accenture is already proving the value
means cyber attacks—ranging of Unique Identity in some of the world’s
largest identity management schemes.
from sophisticated techniques to Highlighted later in this point of view (see
simple social engineering—are an “Why Accenture”), these use cases show
ever-present threat for banks how Unique Identity can be used to
enhance security and boost efficiency,
and their customers. while simultaneously increasing user
satisfaction and improving service levels.
4 | The future of identity in banking
5
What is Unique Identity....
and why is it so valuable?
With customer interactions now spanning
physical, online, social and mobile channels,
banks urgently need new capabilities that
will enable seamless, holistic and robust
identity recognition over time, and across
all encounters. This is driving the adoption
of Unique Identity systems.
Traditional identity management systems
have been built around the least volatile
types of user information (such as biographic
details and PINs). Unique Identity systems
are different. Based on a process of
continuous enrolment and vetting, they
use accurate and flexible capabilities
to establish a single identity for each
individual based on:
• What the customer knows (password,
PIN, security code)
• What the customer has (identity card,
bank card)
• Who the customer is (biometrics spanning
physical/behavioural features)
Mandated by the regulators5, As well as being vulnerable to security
• Where the customer is (mobile number,
breaches, challenge/response authentication
and motivated by best practice, geo-location, IP address, social
methods are inefficient. Because personal
banks have been offering multi- identifiers such as PINs and security codes network site)
layered authentication for years. are so easily forgotten, up to 30 percent
of all support calls to banks’ call centers Shown in Figure 1, Unique Identity is the
Until very recently, this has been collection of data that, taken together,
are password reset requests. Handling
achieved through username and each one costs an average US$25 in uniquely describes an individual. As
password recognition schemes. labor costs6. the foundation of trust for everyday
interactions, it exploits new identity
Though relatively cheap and straightforward Nor do the weaknesses end there. These sources and analytics technologies during
to implement, these approaches are approaches also fuel customer frustration— enrolment and authentication to increase
inherently insecure as a means of a major concern when banks are striving insight and service relevance, while reducing
authenticating user identities. Based to differentiate their operations through fraud, waste and abuse.
on an “all or nothing” approach, they improved customer service. Results from
afford no protection once they have been a recent survey by the Ponemon Institute7
compromised—a risk that is exacerbated put this into perspective. Canvassing the
when so many consumers write down views of consumers in the United States,
their PINs and passwords and/or use the UK and Germany, this found that 70 percent
same ones across multiple environments, of respondents in the US and UK are
from online transactions, to ATMs and dissatisfied with password-controlled
call-center conversations. access, and over 80 percent want to see
better authentication being deployed.
6 | The future of identity in banking
Figure 1. What is Unique Identity?
Unique Identity Components
The combination of various Unique Identity Components...
What a person What a person What a person
HAS... KNOWS... IS...
EXAMPLES: EXAMPLES: EXAMPLES: What a
person What a
Access badge Password Fingerprints
IS... person
Smart card Passphrase Face image
HAS...
Security token PIN number Iris images What a
Mobile phone Sequence Vein images person
ID document “Secret” facts Voice prints KNOWS...
The CONTEXT within which this information is captured ...in a given context...
EXAMPLES:
Geo location IP address Links to others
...makes us uniquely identifiable!
7
8 | The future of identity in banking
The time is right
Three trends are combining to 3. Availability of “Unique
make effective Unique Identity Identity as a Service”
more achievable than ever before: Banks can now opt for flexible, scalable
and easy-to-integrate identity capabilities,
1. Continually improving with Unique Identity solutions available
“as-a-Service”, delivered on-demand via
biometric recognition private or public cloud infrastructures,
technologies and products tailored to specific needs and consistent
Multiple biometric modalities are now on with local privacy requirements (see
the market at accessible prices. Enabling “Why Accenture”).
automated recognition of individuals
based on their physiological and/or Now is the time to act. And in doing so,
behavioral characteristics, these range banks will be able to leverage the high
from “harder” biometrics (such as level of trust already placed in them by
fingerprint, vein and iris recognition) their customers (underlined in the recent
to “softer” modalities (including face, Ponemon survey, where banks stood
voice, keystroke and signature recognition). out as the most trusted organizations
As the sophistication of these technologies across all sectors for the quality of their
rises, and the cost of implementing them online validation12).
continues to fall, the number of deployed
biometrics solutions is growing fast. Valued In the following section, we present some
at US$5 billion in 2010, the global biometrics of the broader business benefits provided
market is growing at a CAGR of 18.5 by Unique Identity, before highlighting the
percent, and is predicted to reach US$17 ways in which banks are applying these
billion by 20178. solutions to transform their identity
management capabilities.
2. Increasing public acceptance
of enabling technologies
Provided that banks take proactive steps
to address concerns about privacy 9, they
can expect most of their customers to
be enthusiastic about the introduction of
biometrics modalities. In a 2011 Twitter
survey by Nuance Communications10, 77
percent of participants said they would be
comfortable using voice biometrics if it
meant tighter security. Another poll by
Unisys indicated a 72 percent acceptance
rate for banking biometrics amongst
customers; the findings showed that they
trust fingerprint biometrics over photo
identification, PINs, or handwritten
signatures to verify their identities
when using credit cards, or requesting
personal information11.
9
Reaping business benefits from
Unique Identity
Identity used to be all about • Enhance the end-user experience
through faster, more transparent
security. Now it has evolved identity recognition, and through
to the point where, properly improved personalization. For example,
implemented, it can bring a when a customer calls the bank from
their mobile, the Unique Identity system
broad set of business benefits uses contextual information (such as
to banks. These benefits caller identity) and voice biometrics to
strengthen authentication and reduce
are particularly timely in the burden on the customer to explicitly
an environment where the prove their identity. Or in another
identity requirements (such situation, where customers use their
tablets for online shopping, instead
as “Know Your Customer” and of being redirected to a verification
identity verification) being site, they are instantly authenticated
through a combination of home IP
imposed on the industry are
address, device identity and face
increasingly onerous—from a recognition (via the tablet’s camera).
bank and customer perspective. • Improve resistance to fraud and abuse
by assuring that users are genuine, and
By helping customers to assert their entitled to the services they are claiming.
identities more conveniently and more Examples include customers presenting
securely, Unique Identity can: their biometric identifier (finger, hand,
etc.) at the automatic teller machine
• Drive efficiency improvements by (ATM) or point of sale. Now commonplace
speeding identity recognition, and in some countries, notably Japan, where
automating processes that currently vein recognition technologies are widely
require human supervision. For example, used in ATMs (see section below “Unique
banks can accelerate client onboarding Identity in practice”), this enables
by capturing biometric identity documents customers to be instantly recognized
(such as face and voice recognition) and authenticated before a transaction
in the branch when starting a client is processed.
contact. For all subsequent branch
• Promote inclusion by helping customers
interactions, some or all of these
in emerging economies—where people
biometrics can be used to painlessly
often lack the necessary identity
authenticate the customer.
documentation and/or access to bank
branches—to conveniently assert their
own identities (through fingerprint
recognition, for example) and/or take
advantage of new channels such as
branchless banking and mobile
payment solutions.
10 | The future of identity in banking11
Unique Identity in practice
Many banks are already realizing Call centers/phone banking Customer onboarding
powerful benefits from Unique Consumers typically favor voice recognition We are seeing more banks use biometric
Identity solutions. Some of the over all other types of biometrics , and technologies to capture Unique Identities
14
this modality has already been widely at contact initiation. In countries where
most common use cases include: adopted by banks. Solutions include governments are launching national
customer authentication technologies identity schemes, banks can use the
for call centers, as well as interactive voice identity credentials held on identity cards
ATMs technologies allowing customers to access to accelerate onboarding, as well as
The use of biometrics at ATMs to improve a bank’s database via telephone keypad providing strong authentication for
ease of use and limit fraud is already or by speech recognition (expediting customer transactions. In Malaysia, for
widespread. Fingerprint, finger-vein and interactions including balance enquiries, example, the government’s national
palm-vein readers, the most commonly credit card payments, changes to PIN codes identity scheme gives each citizen a
deployed solutions, are relatively easy and payments to third parties). In one recent biometric smartcard, MyKad, a multi-
to integrate into existing authentication example, Barclays Wealth & Investment functional card that can be used for
paths. These can be particularly valuable Management deployed a voice biometrics identity verification, remote access to
in emerging market situations, promoting solution to securely and automatically public services, low-value payments and
financial inclusion in areas where customers confirm customers’ identities15. The automatic ticketing. One Malaysian bank,
may be less financially literate. In Nigeria, technology compares the customer’s Easy by RHB, uses MyKad readers and a
for example, the government recently voice to their unique voiceprint on file, paperless account opening process to
launched a landmark pilot program, rolling silently signalling the operator once the enable its customers to open new accounts
out 13 million MasterCard-branded national identity has been verified. Since deployment in just 10 minutes.
identity smart cards with biometric and began, customer feedback has improved
electronic payment capabilities13. As well significantly, with 93 percent of customers
as using the cards to withdraw cash from
Mobile-enabled solutions
ranking the bank nine out of 10 for speed,
ATMs, cardholders can deposit funds on ease of use and security. Other examples Mobile banking solutions are increasingly
the card, receive social benefits, and include one of Australia’ largest retail banks, in demand (according to Juniper Research,
pay for goods and services. Meanwhile which has improved security and customer there will be over 1 billion mobile banking
Mexico’s Banco Azteca has been using satisfaction by rolling out voice biometrics customers by 201716). However, because
picture- and fingerprint-based payment to all personal banking customers; it is mobile security in most financial institutions
systems to promote financial inclusion for also planning to use mood detection is still far behind the solutions that have
unbanked customers. Examples in developed technologies to enable angry customers been developed to prevent and mitigate
markets include Japan’s Mizuho Bank and to be handled more quickly. Outside PC-based attacks, mobile transactions are
Bank of Tokyo-Mitsubishi, which have, the financial sector, voice biometrics particularly vulnerable to cyber attack. To
respectively, deployed finger-vein and technologies are increasingly being deployed address this situation, smartphone and
palm-vein ATMs to provide more secure by telecommunications companies to tablet applications are being developed
authentication and combat fraud, and BPS improve customer satisfaction and prevent that use voice biometrics as part of a
Bank in Poland, the first bank in Europe fraud. A number of clients are considering multifactor authentication process for
to secure its ATMs with biometrics based deployment of voice biometrics to help secure mobile banking. In one recent
on finger-vein technology, in addition to their customer care agents enforce Unique deployment, a top-three global US financial
PIN codes. Elsewhere, in Brazil, Bradesco Identity amongst customers, as well as institution launched a voice biometric
Banco was the first bank in the western establishing “voice watchlists” of known application simultaneously in 40 countries17.
hemisphere to use biometrics as a means fraudulent customers. This can reduce The first voice biometric application to
of identification at ATMs, installing palm financial losses from social engineering have obtained global regulatory approval,
vein technology on 20,000 of its ATMs. and customer identity fraud, as well this uses voice biometrics as part of a
as improving efficiencies through multifactor authentication process for
call time reduction and streamlining securing commercial banking automated
authentication processes. clearing house (ACH) payments and
wire transfers.
12 | The future of identity in bankingOnline/desktop verification
Technologies in this area are moving on
from at-home readers to biometrics
techniques, including fingerprint recognition
(via biometrics readers, such as those
integrated into some laptops and
smartphones, or distributed by the
banks), face recognition (via webcam)
and keystroke dynamics. Fingerprint
recognition technologies are already
widely used by banks. United Bankers
Bank, for example, has eliminated password
sharing by enabling bank clients to log in
using fingerprints instead of passwords
and PIN codes The Los Angeles Firemen’s
Credit Union is another. Instead of having
to remember up to 10 different passwords,
employees of this institution now use a 2012 acquisition of Authentec, a company Beside the business benefits banks are
biometric fingerprint access system for specializing in fingerprint scanning already realizing from Unique Identity
single sign-on to all systems. Over time, technology. More widely predicted to solutions, there are real opportunities
we expect to see banks achieving online be the “first mover” moment that will to generate additional returns on their
verification through a combination of legitimize more widespread adoption of investments in biometric technologies.
“weaker” biometrics (voice, face, keystroke biometrics by US banks. Designed to work Examples include Citigroup leveraging
authentication) and contextual information with near-field communication (NFC) its advanced capabilities in identity
(geo-location, device identification)—all technology, Authentec’s solution allows verification to provide the US Department
of which can be captured without the need users to unlock their phones and turn on of Defense with a secure travel card
for any additional hardware. the NFC transmitter with a single swipe solution, and Royal Bank of Scotland’s
of the finger across the smart sensor. TrustAssured which provides registration,
Merchant payments Payment is made by tapping the phone certification and validation services
on the point-of-sale (PoS) terminal. to corporate clients as a managed
The ability to pay using biometrics (where Meanwhile, in France, a group of banks, identify service.
customers are enrolled into the system, IT firms and retailers has trialed a point-
put credit into their account using kiosks of-sale system that combines fingertip
and credit cards, and pay using their fingers) biometric readers with contactless cards.
is gaining in popularity. Biometric payments Developed by Natural Security—a biometrics
bring added flexibility and speed to specialist owned by banks, retailers and
customers, increase customer loyalty Ingenico—the system was piloted for six
to the merchant, and boost transaction months by a group of banks including
flow for the bank. Biometric payment Banque Accord, BNP Paribas, and Crédit
systems have been successfully used in Agricole. In another example, Italian
Europe for years. And momentum is building bank UniCredit has market tested a new
in the US market. Seven thousand shops biometric payment system using infrared
there already offer these systems to sensors at PoS terminals to recognize the
around two million customers—a trend geometry of veins in users’ palms. Sensors
that many commentators believe will gain capture the image created by hemoglobin
rapidly in momentum following Apple’s when struck by an electromagnetic impulse
and translate that information into a
unique numeric code.
13Why Accenture?
As a leader in biometrics Unique Identity as a Service Proprietary solutions for banks
technologies, Accenture Provided through our Unique Identity Our Unique Identity solutions include an
Service Platform (UISP), this is our primary intuitive and rapid enrollment process
has helped banks and other
offering, with a design grounded in (capturing biographic information, identity
organizations to deploy Accenture’s more than ten years’ experience documents, ICAO-compliant facial images,
a wide range of Unique in delivering identity solutions to clients fingerprint, iris and digital signatures).
worldwide. It draws on the latest thought UISP is designed for easy integration with
Identity solutions, increasing leadership to implement Emergent Identity— PoS and merchant facilities to create an
security, driving efficiencies the progressive enriching of knowledge end-to-end secure payment solution.
and delivering targeted about an individual’s identity as it evolves
over time. Offering flexible, scalable and
business benefits. Continuous investment
easy-to-integrate identity capabilities,
it helps our clients to resolve identities in innovation
We have an unsurpassed track record in across multiple encounters and systems. We are committed to investing in
delivering the largest identity management Customized to the financial services innovation through Accenture Technology
systems in the world, including US-VISIT, industry, UISP can be used wherever Labs, our global network of dedicated
UID of India, and EU BMS. Key facts about there is a requirement for Unique Identity research and development organizations.
each of these landmark solutions are solutions—either as a deployed solution, or This commitment has seen us turning
shown in the sidebar on page 16. “as-a-Service”, on demand via private or technology innovation into business
public cloud infrastructures (according to results for over 20 years. We also have
We have also developed a range of client needs and consistent with local a dedicated Unique Identity technology
proprietary solutions, assets and tools privacy requirements) group that specializes in prototyping
in this area. These include:
and developing identity solutions, and
a Unique Identity Community of Practice
numbering over 200 members.
Figure 2. Accenture’s Unique Identity Services
Client System Unique Identity Service Platform
Business queries: Identity 1 2 3
Is this Person X? resquests
in Pre-Enrol Verify 1:1 Update
Whose biometrics (face,
fingerprint, iris…) are Enrol Identify 1:N Merge
these? Identity
Is this individual genuine? responses Retrieve Split
out
Have we seen this person
Validate Archive
before?
External identity sources
14 | The future of identity in banking15
Accenture’s Background in
Unique Identity
Accenture is unique in having delivered the largest
Identity Management systems in the world, including
US-VISIT, UID of India, and EU BMS.
European Commission European Commission
Biometric Matching System Biometric Matching System
• European Commission’s general purpose multimodal biometric
matching system
• First implementation is to support the introduction of
biometric visas in Europe
• Implemented over a 3 year period starting in 2007
Outcomes:
Now used live by 27 countries, 3500 consulates and over
10,000 border posts worldwide.
On the way to containing 70 millions records, designed
to accommodate over 100,000 transactions per day.
Unique Identification Authority of India
Unique Identification Authority of India
Unique ID Program Unique ID Program
• Ability to scale to 1.2 billion Indian residents
• Solution is an open multi-modal biometric architecture with
high efficiency and reduced vendor lock-in
• Defining the best practices for biometric capture
Outcomes:
Largest biometric storage with 10 fingerprints (4-4-2),
two iris images, one face image and demographics.
376 million enrollments since deployment.
False acceptance rate < 0.04%. False reject rate < 0.06%.
16 | The future of identity in bankingUS Department of Homeland Security (DHS)
US Department of Homeland Security (DHS)
US Visitor and Immigrant Status Indicator
US Visitor Technology
and Immigrant (US-VISIT)
Status Indicator
Program Technology (US-VISIT) Program
• Accenture helped create and deliver a world class program—
US-VISIT
• US-VISIT biometric entry procedures
- 115 airports, 15 seaports and in secondary inspection areas
of 154 land ports of entry
• US-VISIT exit procedures are operating at 12 airports and
2 seaports
Outcomes:
World class scale: 140+ million people.
World class speed: 400,000 transactions/day.
329M transactions processed (over 135,000 wanted criminals
identified).
UK BA, BAA—London Heathrow Airport
UK BA, BAA—London Heathrow Airport
Self-Clearance for EU ePassport Holders for EU ePassport Holders
Self-Clearance
• Introduced automated e-Passports gates at Heathrow and
Stansted Airport
• Both airports represent 54% of all incoming passenger
traffic to the UK
• Featuring advanced anti-tailgating solution (single gate with
detection portal)
Outcomes:
Highly-positive passenger experience and feedback.
Over 7 million transactions since deployment in 2010.
Transaction time < 10 seconds.
1718 | The future of identity in banking
Find out more End notes
If you would like to know more about 1 See www.banktech.com/risk-
Accenture’s leadership in Unique Identity, management/tipping-point/229625350
and the benefits this can bring to your 2 Eurostat, National Statistics Agencies
business, please contact:
3 See http://now-static.norton.com/now/
Alastair Partington CBP en/pu/images/Promotions/2012/cybercrime
Unique Identity Lead—Emerging Report/2012_Norton_Cybercrime_Report_
Technologies Innovation Master_FINAL_050912.pdf
Accenture (UK) Ltd 4 www.banktech.com/risk-management/
alastair.partington@accenture.com tipping-point/229625350
5 See Federal Financial Institutions
Anton Pichler Examination Council (FFIEC) guidelines
Banking Research Director
Accenture (UK) Ltd 6 See www.networkworld.com
anton.l.pichler@accenture.com 7 http://www.bankinfosecurity.com/
users-want-new-forms-authentication-
a-5692
8 TechSci Research, “Global Biometric
Systems Market Forecast & Opportunities,
2017,” July 2012
9 See www.accenture.com/gb-en/Pages/
service-biometrics-privacy-positive-
match.aspx
10 See www.nuance.com
11 See www.planetbiometrics.com/
article-details/i/310/
12 http://www.bankinfosecurity.com/
users-want-new-forms-authentication-
a-5692
13 See www.finextra.com/News/FullStory.
aspx?newsitemid=24801
14 http://www.bankinfosecurity.com/
users-want-new-forms-authentication-
a-5692
15 See www.finextra.com/News/FullStory.
aspx?newsitemid=24800
16 See www.juniperresearch.com/view-
pressrelease.php?pr=377
17 www.businesswire.com/news/home/
20130416006470/en/VoiceVault-voice-
biometric-financial-services-mobile-app
19About Accenture Accenture is a global management consulting, technology services and outsourcing company, with approximately 275,000 people serving clients in more than 120 countries. Combining unparalleled experience, comprehensive capabilities across all industries and business functions, and extensive research on the world’s most successful companies, Accenture collaborates with clients to help them become high-performance businesses and governments. The company generated net revenues of US$28.6 billion for the fiscal year ended Aug. 31, 2013. Its home page is www.accenture.com. Copyright © 2013 Accenture All rights reserved. Accenture, its logo, and High Performance Delivered are trademarks of Accenture.
You can also read
