The UK retail bank TSB Bank is set to be the first European bank to issue biometric security in the form of iris scanning for its banking app.
Due to go live in September, the feature will be available to those with a Samsung Galaxy S8, and it will be the only security barrier required to log in to an account.
While TSB will offer the first use case of iris scanning within European banking, Samsung has made the technology available in the release of the aforementioned latest model of its flagship smartphone.
Biometric security is quickly becoming familiar worldwide, with fingerprint scanning made common by its widespread use in products from Apple, for example.
A recent study conducted by Mastercard and the University of Oxford found that 93% of UK consumers were willing to switch to biometric security if it meant ditching passwords.
Passwords have proven extremely weak, while users are also expected to remember longer and more complex sequences. It is also expected that we refresh these long passwords on a regular basis.
Richard Parris, CEO, Intercede said: “Is TSB’s use of retina ID as a means of authentication for its customers a step in the right direction for cybersecurity? The question on many people’s lips will be “is it really that secure?” Biometrics is fast becoming the de facto security measure for a wide range of business and consumer applications. Biometric authentication is not entirely immune to potential attack and therefore should not be relied on as the sole means of verifying a user.”
The voice recognition security measure used by HSBC was recently beaten in a high profile test carried out by a BBC journalist and his twin brother, with one twin accessing major features of the other’s bank account after being allowed seven attempts to get past the biometric security layer.
“Biometric security is no longer the stuff of sci-fi films; as consumers flock to scan their faces to unlock their phones, or use their fingerprints to pay for items in a shop, both the individual and the consumer need to ask the question – ‘can I be hacked right now?’ The onus is on the business to provide the appropriate security to protect the customer and the consumer needs to be aware of the data they are sharing and how they can better protect themselves from the prying eyes of cyber criminals,” said Parris.
READ MORE: HSBC biometric security tricked by BBC
Etienne Greeff, CTO and Co-Founder, SecureData said: “The person using the authentication data has a big responsibility to store the data in a secure fashion. If we think about a ‘normal’ breach, for example when a password is hacked, it’s easy to reset your password or change the security settings. It’s also relatively easy to recover from one of these threats. If you’ve lost money from your online bank account at the hands of opportunistic cyber criminals, it’s likely you’ll be able to claim it back from your bank.”
“The implications of biometric security hacks can be much more severe as a result, and businesses are being forced to consider how they are protecting consumers’ genetic data through the imminent GDPR initiative. It’s good to see businesses like TSB looking to replace passwords, which are flimsy and easily breached, but hackers are wise to biometrics and it won’t stop them from trying to get their hands on your data,” said Greeff.