The Clearsale Blog

Are Biometrics More Secure Than Passwords?

Are Biometrics More Secure Than Passwords?

Customers are becoming increasingly accepting and trusting of biometrics, thanks to Apple’s fingerprint recognition system. It’s easy to see why.

Instead of remembering complex passwords, all customers have to do is use a thumbprint, their face or even their voice to open accounts and process transactions.

Not only are biometrics more convenient, but many perceive them to be a safer way to access accounts. In fact, in a recent Visa survey, 48% of respondents believe biometrics are more secure than traditional passwords and PINs. But whether biometrics truly do protect consumers and their sensitive data may still be a point of contention.

Evidence That Biometrics Increase Online Security

One of the reasons biometric identifiers hold such promise is that they’re unique to individuals. Compared with token-based systems (like driver’s licenses) or knowledge-based identifiers (like passwords), biometric identifiers can more securely and confidently confirm identity.

What’s more, a customer’s unique features aren’t limited to just the physical ones, like eyes, ears and fingerprints. Some companies are also successfully confirming a user’s identity based on behavioral biometrics, like the pressure customers use when typing, the way they hold their smartphones, their speech patterns, or even the way they swipe a mobile device. Each of these behaviors is just as individual as a person’s physical features.

Think about when a customer signs their name. It’s automatic — they don’t even think about what they’re writing. Typing a user name and password isn’t much different. A biometric fraud prevention solution will notice a change in cadence in how the name is typed or when there’s more backspacing and retyping than usual. Either could be an indicator that a fraudster is trying to access the account.

Here are three other reasons why biometrics can offer greater security for online transactions.

Secure Storage

Sometimes, it all comes down to where companies store the biometric data. When it comes to a user’s fingerprint, for example, Apple stores it locally on the device’s chip — not in the cloud. This makes it nearly impossible for fraudsters to remotely hack the fingerprint information.

Difficult to Replicate

When it comes to biometric voiceprints, for example, they’re really sets of mathematical algorithms — not the customer’s actual voice. So even if a fraudster does hack a system and obtain a voiceprint, the algorithm is virtually useless to a fraudster. The fraudster might try to replicate a voice, but most biometric technologies also have fraud detection systems in place that can identify recorded and synthesized voices.

And while fraudsters might try to use a high-resolution photograph to fool facial-recognition software, the software is one step ahead, requiring the customer to perform a movement — like blinking — to prove they are who they claim to be and not a printed facsimile.

Limited Risk of Exposure

If a customer’s Apple Touch technology were to be hacked, what does that mean for the customer’s use of their thumbprint as a biometric identifier? Tom DeWinter, manager of business development for Iris ID Systems Inc., says that if a user’s fingerprint data at Apple is hacked, it might be compromised only for Apple products — not for all biometrics using thumbprints.

Biometrics Still Carry Real Risks

But biometrics are still not foolproof. When it comes to facial recognition, for example, many variables — including camera angle, lighting, and facial expression — can affect the accuracy and security of biometrics. So while consumers may feel comfortable using facial recognition to unlock smartphones, they might not be comfortable using it to access confidential financial or medical records. Here’s why biometric usage may still be considered a risky proposition.

Biometrics Can Be Compromised

It’s hard to fake someone’s ear or eye — because it’s so uniquely identifiable to that person. But what happens if that biometric is compromised? Its security can never be reclaimed. After all, you just can’t swap out an ear or a retina.

Data Can Still Be Hacked

In 2015, a hacking incident at the U.S. Office of Personnel Management resulted in 5.6 million Americans’ fingerprints being stolen. While individuals who have their password-protected accounts hacked can usually just change their login information to secure their accounts, changing fingerprints on a biometric-secured account isn’t an option.

Biometric technology has the potential to not only simplify the customer experience, but also prevent customers’ sensitive financial information from being compromised by fraudsters. By helping authenticate the true account owner with physical and behavioral biometrics, e-commerce businesses can prevent their businesses and their customers from becoming a target and a victim of scammers.

It’s important for e-commerce merchants to understand the latest technology trends — like chat bots, voice searches and biometrics — that are changing the online shopping experience. Stay ahead of the curve by downloading our latest white paper, “The e-Commerce Technology Trends That Will Shape 2019”. We explain the trends you need to be implementing to meet your customers’ increasing demands for convenience and personalisation.

New call-to-action 

 

You may also like

[Industry Focus] Fraud Risk Profile for Nutraceutical and Drug Retailers

[Industry Focus] Fraud Risk Profile for Nutraceutical and Drug Retailers

As people become more conscious of what they’re putting into their bodies, there’s been an increased demand for high-quality supplements and healthful food and beverages. The result has been a..

3 Ways Tech Can Benefit Remote Teams

3 Ways Tech Can Benefit Remote Teams

Ecommerce businesses are used to an ever-evolving digital connection between them and their customers. But 2020’s COVID-19 pandemic has resulted in that digital connection making its way into the..

Shopping Habits by Gender: What’s Changed in 2020

Shopping Habits by Gender: What’s Changed in 2020

Do men hate shopping online? Are women more worried about fraud?

How Management Should Contribute to Fraud Protection

How Management Should Contribute to Fraud Protection

As companies grow, management often delegates business-critical tasks—marketing, technology, fraud prevention—to different departments. While it might seem to be an efficient way to get things..

“I Don’t Need Fraud Protection — My Business Isn’t at Risk!”

“I Don’t Need Fraud Protection — My Business Isn’t at Risk!”

As an e-commerce merchant, you know the risk of fraud, false declines and chargebacks. But maybe you think it won’t happen to you because you’re a relatively new — or small — e-commerce merchant,..

How Backtesting Can Improve Fraud Prevention

How Backtesting Can Improve Fraud Prevention

They say hindsight is 20/20, and that’s especially true for e-commerce merchants looking to increase their approval rates and decrease fraudulent transactions. It’s easy to look back at..

Is Fraud Risk Scaring You Away From International Shipping?

Is Fraud Risk Scaring You Away From International Shipping?

With cross-border shopping estimated to make up 20% of e-commerce in 2022, many merchants are right to consider expanding into other countries. So what’s stopping them from pulling the trigger?

Preparing Your E-Commerce Store for the Holiday Season

Preparing Your E-Commerce Store for the Holiday Season

It might still be summer on the calendar, but the holiday shopping season is just around the corner.  Are you ready?

Impact Analysis: Declined Transactions vs. Fraudulent Transactions

Impact Analysis: Declined Transactions vs. Fraudulent Transactions

Selling products and services online offers great opportunities for merchants, but it’s not without risk. Savvy cybercriminals use stolen personal data to defraud merchants, and sometimes, a..

Want to write
for our blog?

Please review our writers' guidelines
https://www2.clear.sale/press/clearsale-guest-blog-guidelines
and then email guestwriter@clear.sale with your pitch!

Subscribe to our blog