EMEA TECHNOLOGY
Why facial recognition is a way to tackle fraud and be a hero for Financial Services Facial recognition is a divisive technology. Some see it as an everyday mechanic to open their phone or pay for shopping, whereas others see it as an invasion of their civil liberties – another step closer to an Orwellian society tracking their every move. When it comes to financial services and the technology specifically, again, there seem to be differences of opinion in terms of acceptance. Using facial recognition is now commonplace for verification purposes, in terms of ensuring the correct person is logging on to their internet banking via two-factor authentication. Using this extra layer of biometric information is a way for banks to ensure accounts are safe and sensitive information has not been stolen. However, whilst this is seen as a positive, it also presents more questions. Why, if banks are storing this biometric data and using it on a daily basis, do they not use the technology further? Why not use it to match customers as they walk in the door to local branches? This not only saves time as they don’t need to confirm their identity, but can also help staff manage who might be the best person to help them with their query. Considering retail banking is now about experiences and consultancy, leveraging technology which can enable this efficiently makes sense.
136 | Issue 22
Privacy and data are an issue for two-factor authentication This concept does in fact bring us onto another key point surrounding the technology – data usage. As banks use facial recognition more, they house more personal data – but there are no frameworks or regulation by which to process this information. We know that organisations such as the National Institute of Standards and Technology (NIST) and Fast IDentity Online (FIDO) Alliance are looking to develop frameworks that could be adopted at a national level, and no doubt provide strict governance as to how banks store and protect their customers’ data. However, until then, there is no specific information. In the UK, we know that guidelines are coming as to how the Police and private sector companies should apply facial recognition as a technology, but we are lacking specific regulation around biometric data aside from the GDPR and Data Protection Acts. For the technology to provide more business benefits, the data it harnesses needs to be defined and protected.