British bank TSB has made a bold step forward by introducing iris recognition to its mobile banking app as an authentication feature.
From September, customers with the latest Samsung Galaxy S8 will be able to access their account by simply looking at their phone. The software, which will remove the need for passwords or memorable questions, was added as a feature to the latest model earlier this year, alongside face recognition and fingerprint scanning capabilities.
“Iris recognition allows you to unlock your TSB mobile app with a simple glance, meaning all of those IDs, passwords and memorable information become a thing of the past,” said Carlos Abarca, TSB’s Chief Information Officer.
“As well as a more customer-friendly approach to identification, iris recognition is also the most secure method of authentication available today. We want our mobile app customers to continue to have a fast, easy-to-use experience; iris recognition delivers that and, when combined with our other security measures, an unparalleled level of cyber security.”
And while the technology world might get excited about such developments, reaction from the general public demonstrates there might be a bit of friction. As you can see from the tweets below, there are reservations over the security of such a feature.
Realistically, no security features are 100% secure and should not be sold as such. If someone really wants to, they will be able to coerce a password out of a customer, but there will always be people who are intimidated by new ideas. Your correspondents father, for instance, still does not trust contactless payments on London Underground. What is worth noting is that this is an opt-in feature. Should the customer not want to use it, it is easily disabled.
Perhaps another reason for the friction is the claim from German hacking group the Chaos Computer Club, which has said it was able to trick Samsung’s iris scanner with a photo used to make a dummy eye. This is certainly a story which would feed the fear of new ideas, but what is worth noting is the definition which would be needed in the photo would have to be incredibly high.
This iris scanner looks for 266 unique characteristics in an individual’s eye, whereas finger prints only look for 40. It isn’t incredible plausible to get a photograph that detailed without the individual realising what you are doing.
Biometrics have been a talking point in the industry for what seems like decades, though progress has always been faltering. There have been a few breakthroughs in recent years, facial recognition in airports is a positive step forward, though the smartphone could be the catalyst which takes biometrics into the realms of reality. It does sound like something out of a sci-fi movie, but the power of such devices and the cloud should be able to tackle the challenges.
One of the final barriers will be public awareness; if the level of education in the general public is not high enough, adoption will never happen. Contactless payments were met with a similar level of scepticism, but the industry conquered that hurdle. Technophobes will always be around, but biometrics has finally made its first step towards reaching its full potential.