Security often requires adding an action to a person’s life. Whether that means remembering a new PIN number or holding onto an additional card reader device, it’s never seen as natural. However, what if security involved something that certain consumers already did every day?
HSBC has just announced security verification via a selfie for certain customers. A self-portrait shot can be taken and then verified using facial recognition software.
Richard Davies, HSBC’s head of global propositions for global banking, said: “Through simplifying the ID verification process, we’ll be able to save our business customers time and open accounts quicker.
“We also expect the convenience and speed of a selfie to become the verification method of choice for our customers, who no longer need to visit a branch to complete the process.”
While HSBC isn’t the first financial player to suggest this method, USAA Bank, MasterCard and Alibaba have previously announced plans; it is the most recent big British bank to make a serious stride forward. Lloyds Banking Group had announced a similar platform in 2015.
However, is this a modern way to secure your finances or is it a gimmick?
Lu Zurawski, Solutions Practice Lead, Consumer Payments EMEA at ACI Worldwide
It appears that the banking industry may be ready to branch away from rigid PINs and password challenges, with the move towards “selfie pay” the latest hook in “biometric banking”. The use of physical unique identifiers appears to be slowly catching up with the more traditional payment tokens like cards and mobiles.
These new techniques based on biometric information will certainly be easier for some consumers to use, and they could also help banks streamline their processes whilst keeping a cap on fraud.
These are interesting times; if banks are to accommodate the preferences of target customer segments, they will have to offer a wider choice of Identity Verification mechanisms, as not everyone will be comfortable with selfie photography as a natural part of the banking experience. This move away from ubiquitous, one-mechanism for all, could end up being quite confusing and potentially counter-productive if fraudsters devise new social engineering scams as a result.
There is a palpable feeling of change – perhaps in the not too distant future, customers will chose their favourite identity verification provider completely separately from their choice of credit card, bank account or alternative payments provider.
Chris Hill, Commercial Technology Partner at Kemp Little
HSBC’s use of a selfie for identification purposes is welcome news for the mobile payments industry. It has long been an archaic fallacy that the best or only way to identify an individual is the use of a passport and utility bill, or that the customer’s physical presence in-branch is necessary.
The capabilities of a smartphone – its ability to hear and see you and transmit that information in real time – are in the vast majority of cases an adequate substitute for that physical presence, and this move will doubtless bring far greater convenience to customers.
There are of course some risk areas – how do you know for certain that the base document used as the comparator picture for the selfie is itself genuine? What if a different selfie is intercepted by hackers along with a copy of the underlying document?
But the key point is that the transmission of this ID information over a mobile data network is actually no more risky than an in-branch meeting with presentation of physical documents: in fact, if the right verification technology is deployed against the right datasets, it might even be safer. We expect other financial institutions will follow suit – especially digital banks without a branch infrastructure.