Mobile Fingerprint Authentication Alone May Be Inadequate for User Identification and Risk Management

Mobile customers are demanding more and greater choice and convenience for authentication instead of passwords. Mobile app providers need to balance delivering on these expectations with effectively mitigating fraud risk. For many companies, an easy and seemingly logical starting point is device-based fingerprint authentication (DFA), leveraging the native fingerprint capture capabilities of iOS and Android devices. However, this single “point” approach has drawbacks and can even open the door to unanticipated fraud risk:

• in 2015, only 29% of mobile phones sold world-wide were equipped with a fingerprint sensor, according to statista.com. Consequently, DFA can only accommodate a minority of mobile device users.
• Some users will not be able to use DFA due to job-related fingerprint wear, age, cold or damp fingers, and other reasons, so the percentage of users able to use DFA is reduced even more.
• With fingerprint-only solutions, the enterprise cannot be assured of the identity of the person they’re authenticating. DFA solutions only confirm that the person attempting authentication is someone whose fingerprint is registered on the device. Given that newer iPhones can register up to five different fingerprints, you can’t be sure that the individual authenticating is actually your customer.

DFA was designed as a simple and convenient login authentication mechanism for mobile apps. When context shifts from low-risk mobile applications to higher-risk activities, such conducting mobile payments, DFA alone is insufficient to help mitigate fraud risk.

A platform approach enhances mobile user satisfaction and reduces fraud risk

Convenient and secure authentication for mobile users is best achieved using a platform approach. Daon’s IdentityX? Platform for mobile biometric authentication gives users their choice of biometric modality for authentication, such as face, voice and fingerprint. IdentityX also has the capability to combine modalities for step-up authentication, which significantly increases authentication assurance and security. Unlike DFA, a platform approach enables future proofing—the ability to add biometric modalities and enhancements to keep pace with future requirements and threats.

As hacking and criminal access to customer information becomes more prevalent, taking additional measures to enhance multi-factor authentication (MFA) is critical. Biometric authentication is helping to improve security, reduce fraud and enhance the customer experience. Daon’s platform approach is an optimal solution to help meet current and future MFA objectives and counter security threats. Additional information on IdentityX can be obtained at https://www.daon.com/identityx/.