It’s a question more of us are asking our financial institutions: what biometric authentication do you offer? And when the answer is nothing, some of us are opting to change banks to get the latest authentication tools.
The reason: a search for greater security in an era of epidemic breaches and rampant identity theft. “Biometrics aren’t foolproof, but they are the best form of authentication available,” said identity theft expert Robert Siciliano.
All a criminal needs is a valid log in to begin stealing an identity. Everything gets much harder for the crook when the identity is protected by biometrics.
Besides, passwords are a broken system. Many of us set passwords that are just dumb. Password management company SplashData recently pointed to some of the dumbest in 2015 and among the highly popular are 123456 and also password. The problem: more cybercriminals are using automated attacks where a robot tries to penetrate an account. Have a valid email address, program the robot to try 123456, password, qwerty, football, and baseball and it may hit bingo.
That highlights the core problem with passwords: they are easy to guess. They also are easy to trick us into giving to criminals, in epidemic phishing attacks where scam emails - often seeming to be from your bank - prompt us to “re-validate” our log in, click here. Do that and the crook has your password.
You can’t give your fingerprint to a crook, and neither can you be tricked into providing it. (Sensors will detect if a fingerprint is not attached to a living body.) But does it actually make sense to ditch a bank that does not offer biometrics for one that does? Consumers have done similar before. 2014 research by consulting firm AlixPartners found huge growth in the number of us who indicated they switched banks, in part because they wanted better mobile banking. Many consumers also switched banks to get so-called remote deposit capture, where a snapped image of a check serves as a valid deposit.
Now the must have is biometrics. According to lawyer lawyer and Bentley University professor Steven Weisman, moving banks to embrace biometrics makes sense. “Biometric authentication is not only a substantial improvement, but it also indicates a greater commitment to security which hopefully is followed by the particular bank in regard to other aspects of its cybersecurity,” he said.
What Weisman is saying is that biometrics are cool to have and, as a bonus, by having biometrics, a bank shows it is really committed to customer security. Those are tempting reasons to switch.
Leading edge consumers already are on the hunt. Mark Johnson-Barbier, a security professional, said he had been about to switch banks to get better security, but his bank, USAA in San Antonio, rolled out improvements that kept him.
Where can you find biometrics? Start at the biggest banks. Chase, for instance, rolled out Apple’s Touch ID as a feature in its mobile banking app in July 2015. Arch rival Bank of America did likewise in September. PNC did it in September too.
Bank of America also offers fingerprint sign in for users of its Android app. More banks are said to be rushing to do the same although, for now, many more offer Apple’s Touch ID sign in. Android users will need to shop harder.
At least one bank - USAA in San Antonio - offers customers a choice of biometric tools. Touch ID, voice, and also face recognition are in use by USAA customers. The bank said it had over one million customers signed up for those services.
Pioneering small institutions - such as Affinity Federal Credit Union in New Jersey - have begun offering biometrics, usually Touch ID.
Many banks now also have pilots where limited numbers of consumers are using voice recognition to log in, at some institutions it is eyeball scans.