5 minute read
Is MiFID II still fit for purpose in a postCOVID financial landscape?
Why facial recognition is a way to tackle fraud and be a hero for Financial Services
Facial recognition is a divisive technology. Some see it as an everyday mechanic to open their phone or pay for shopping, whereas others see it as an invasion of their civil liberties – another step closer to an Orwellian society tracking their every move.
When it comes to financial services and the technology specifically, again, there seem to be differences of opinion in terms of acceptance. Using facial recognition is now commonplace for verification purposes, in terms of ensuring the correct person is logging on to their internet banking via two-factor authentication. Using this extra layer of biometric information is a way for banks to ensure accounts are safe and sensitive information has not been stolen. However, whilst this is seen as a positive, it also presents more questions. Why, if banks are storing this biometric data and using it on a daily basis, do they not use the technology further? Why not use it to match customers as they walk in the door to local branches? This not only saves time as they don’t need to confirm their identity, but can also help staff manage who might be the best person to help them with their query. Considering retail banking is now about experiences and consultancy, leveraging technology which can enable this efficiently makes sense.
Privacy and data are an issue for two-factor authentication
This concept does in fact bring us onto another key point surrounding the technology – data usage. As banks use facial recognition more, they house more personal data – but there are no frameworks or regulation by which to process this information. We know that organisations such as the National Institute of Standards and Technology (NIST) and Fast IDentity Online (FIDO) Alliance are looking to develop frameworks that could be adopted at a national level, and no doubt provide strict governance as to how banks store and protect their customers’ data. However, until then, there is no specific information. In the UK, we know that guidelines are coming as to how the Police and private sector companies should apply facial recognition as a technology, but we are lacking specific regulation around biometric data aside from the GDPR and Data Protection Acts. For the technology to provide more business benefits, the data it harnesses needs to be defined and protected.
In-branch approvals could be dissuading customers
Another issue the pandemic really has brought to the fore for financial service firms is that banking in particular is still very manual – many providers require a face-to-face meeting to set up new accounts. Some, newer brands such as Monzo are able to open accounts based on a selfie, but in the UK it’s still in-branch driven. However, with facial recognition, this could change. This year, increasing numbers of regulators including countries such as Hong Kong, Greece and Mexico have authorised remote account openings. This acceptance that this digital and touchless approach works could soon move to the financial heavyweight countries, and facial recognition could be a key enabler in ensuring the correct person is in fact opening the account. Keeping staff safe should be of paramount importance to financial service firms, so why not leverage technology which supports this?
It’s not just in-branch that we could see the technology deployed as a force for good, too.
Banks and retail can both benefit from leveraging facial recognition
Banks will have seen spend patterns shift from in-store to online, which often prompts extra verification methods, with two-factor now commonplace when checking out. When consumers do return to physical stores, facial recognition could help provide this confirmation as a way of preventing fraud, especially considering credit card use will decrease in the future, as easier, more secure payment methods will be adopted. For example, when checking out, facial identifiers could be analysed to check it is in fact the correct person and card holder. If one were to then lose a card, they can rest assured knowing their card can’t be used in stores that validate payments via face-rec technology. With the number contactless payments increased due to the pandemic, thieves could easily tap away hundreds of pounds before the card is blocked. Facial recognition could prevent this.
Additionally, it also decreases the likelihood of shoplifting. Employees and managers can be notified when someone with a proven track record of crime is flagged in the system, thus enabling them to guarantee they are not susceptible to additional crimes or shrink losses.
It should also be mentioned that this specific use of data can be GDPR compliant. All that is accessible in the database is an image of a face – no name, no transactional history or private information. Data that is stored is that of known criminals, or those who have opted in to being on watchlists (such as due to alcohol or gambling addiction); and is vetted to ensure no one is entered maliciously or in error. Faces can also be blurred out so operators only see faces which might present a threat – such as a known shoplifter – placed on a watchlist to alert retailers to potential loss. The images are indexed through a procedure that is irreversible, decentralised, and stored on edge devices - fully safeguarding consumers’ private information. Even further, although technology can initially identify a person, it requires human confirmation to guarantee the information is correct before any actions can be taken.
Correct application will speed adoption
From the above, it’s clear to see how banks and financial institutions could benefit from leveraging facial recognition, via reduced risk, enhanced customer service and loss prevention. Customer sentiments towards inperson interactions and technology’s role in society is changing, so my view is, as long as the application of the technology is transparent and legal, then why shouldn’t it be used to enhance operations? Facial recognition has the chance to revolutionise commerce – notably surrounding fraud, so it makes sense to allow the technology to do a lot of heavy lifting, safe in the knowledge there is always a person there to make the final decision but in a way which ultimately respects peoples’ privacy and personal data. We are entering a brave new world in which we will need technology to help free humans up to add value where required. Whilst facial recognition may seem like a step towards a Stalinist state, it is anything but, and it’s how financial institutions choose to apply it which will make or break its success.
Rob Watts CEO Corsight AI
