An SPA Position Paper (Abstract)

Historically, a lack of interoperability and standards has hampered the adoption of biometrics by the finance sector. But that’s beginning to change. In the last decade, the biometrics industry has worked hard to deliver more standardized approaches to support the development of efficient, interoperable and safe components to sustain biometric authentication and identification systems.

Biometrics for payment applications

However, while biometric technology has become mainstream in public sector applications – like demonstrating identity in the areas of travel documentation, citizenship or residency, or granting access to secure locations – the financial services sector lags behind.

The introduction of biometric payment cards represents an important step forward for the finance industry. Indeed, it opens the way to new, enhanced methods of fraud protection for issuers and cardholders alike – offering the additional security and identity verification needed by the finance sector needs.

Here, combining biometrics with PIN codes or other knowledge-based authenticators delivers a valuable third layer of authentication. All of which helps to boost consumer confidence levels and diminish the opportunities for repudiation or fraud. And, as remote banking becomes increasingly important for the delivery of financial services to customers, biometric verification makes it possible to authenticate customers early on in a remote banking session.

What’s more, the addition of biometric functionality to an EMV card makes it possible to extend financial services to previously hard-to-serve populations – including individuals unused to PINs or passwords and those who lack official credentials – and eliminates the risk factors associated with cross border e-banking.

But the introduction of biometric payment cards is not without its challenges, and requires the careful consideration of a number of issues, including:
evaluating the best biometric trait to utilize
is it best to undertake ‘on card’ or ‘off card’ verification?
designing the data capture and cardholder enrolment process
and finally, the storage, retrieval and data protection of a cardholder’s personal biometric attributes.

Assuring application security and maximizing performance are key requirements for the implementation of a successful biometrics card payment platform. And issuers will be unwilling to ‘rip out and begin again’ when it comes to existing infrastructure investments.
The SPA believes the time is right to introduce biometric card payment technology. International standards covering every step of the process are now in place, making extended cardholder verification an achievable reality. What’s more, ‘match-on-card’ fingerprint verification enables issuers to take advantage of existing EMV architecture while minimizing the financial impact of introducing biometric authorization to existing and new customers.

In its Biometrics for Payment Applications position paper, the SPA reviews this subject in more detail; outlining the issues, opportunities and potential use cases for biometrics in financial services.

Alongside a comprehensive evaluation of the key design challenges that need to be addressed when developing an efficient biometric system, the SPA provides a review of the core ISO standards and addresses the data protection case.

Crucially, the paper sets out the SPA’s vision on how financial ‘match-on-card’ fingerprint verification represents the best way forward for the financial services industry. Providing a secure, scalable, high performing and low cost route for the introduction of biometric authorization that delivers significant commercial benefits for all.

For more information, read the full paper at www.smartpaymentassociation.com.