A case study from Barclays Bank and Hitachi.
In 2014 Barclays Bank was facing a challenge with its corporate banking clients using its digital banking channels. Reliant on only one option where a PIN was needed to login andmake transactions, clients were frequently losing their PIN numbers as well as sharingthem with the result that it was difficult to verify that the right person was authorisingand making payments. Equally importantly at this time was that the banking industry was seeing a rise in malware based fraud attacks on corporate digital channel users. This malware was enabling fraudsters to capture PINs and passwords by logging keystrokes or monitoring the user’s computer screen. A solution was needed that would eliminate these problems – biometric technology. As Ravi Ahluwalia, General Manager, SecurityBusiness Group EMEA, Hitachi Europe explains, “the objective was clear: it was absolutely making sure that the person making the transaction was the right person and was authorised to do so.”
Getting the right partner to deploy a solution was critical and Hitachi was selected due to a number of points. Ray Hockley, SeniorPre-Sales Solution Manager, SecurityBusiness Group EMEA, Hitachi Europe takes up the story. “We have strong technology and expertise in this field and we’re very open to doing co-creation work with large customer sand partners. We were able to clearly demonstrate this to Barclays through the success levels in testing – getting people enrolled by using our Finger Vein reader. The combination of finger vein technology with PKI and smartcard technology is very powerful and was the first of its kind. This innovation was very effective and much better than what theBarclays team had seen with other biometrics.”After witnessing the performance and reliability of Hitachi’s Finger Vein reader,Barclays deployed these devices to several thousand of its clients. The results were outstanding. As well as achieving the objective of ensuring that the right people were carrying out transactions, a customer survey carried out with the group reported a 100 percent customer satisfaction rating. Not only were payments being made securely and correctly but customer convenience had also been significantly improved by removing the need to remember yet another PIN in a world where everyone has to remember so many passwords and passcodes.
“The introduction of this biometric technology was very important, especially at a time when fraud attacks and account takeover attempts were increasing” explains Shameet Shah, Head of Digital Client Security for Barclays Corporate Banking. “The finger vein solution provided us and our clients with the perfect balance between security and usability. No PINs/passwords to forget, share or be stolen, coupled with the ability to approve high value transactions just by using your finger.”
So what do organisations need to consider when they are deploying biometric technology?
Ray shares his insight: “Reliability and track record of the supplier is key – the solution needs to work. We’ve experienced a case with a recent customer in Russia where the original solution deployed simply didn’t work. So they asked us to deploy our solution which has also received 100 percent customer satisfaction. From a security perspective it’s also essential to check how the biometric template is captured and stored – this is one of our strengths, particularly for corporate banking. I also recommend that you look at the ability of the supplier to implement its technology indifferent ways, for example working as a co-creator.”
The Future
With Barclays set to deploy further Finger Vein readers to its customers, including a new mobile version for use on the move, Hitachi has recently launched its latest product using hand gesture technology, allowing users to authenticate with a simple wave.