Professional Documents
Culture Documents
Biometric
Security for
Mobile Banking
By Loretta Michaels
Forward
By Dr. Allen L. Hammond
Washington, DC 20002 USA tel +1 202 729 7600 fax +1 202 729 7610 http://www.wri.org
World Resources Institute gratefully acknowledges generous financial assistance from Vodafone, PLC for the
research presented below.
Markets + Enterprise
White Paper
Foreword
Innovations in Financial Services for the Poor
Dr. Allen L. Hammond1
Over the past 30 years, the rise of microfinance has unbanked people and the servers capable of process-
helped many Base of the Pyramid (BoP) households ing many billions of tiny transactions; and second, the
to improve their livelihoods and even, in some cases, startup mobile transaction companies that are figuring
to climb out of poverty. Microfinance is increas- out innovative ways to use those networks.
ingly becoming a commercial activity with significant
involvement by banks. And with an industry-wide The following report, Biometric Security for Mobile
client base of approximately 80 million borrowers, it’s Banking, addresses a key barrier to an impending
clear that Muhammed Yunus deserved his Nobel Peace technology-driven revolution in financial services for
Prize. But the need for access to financial services by the poor. This forward provides some context for the
BoP households is both much larger than 80 million report and its findings by describing technology trends
customers and more varied than micro-savings and and their potential implications for access to financial
micro-lending. services.
I believe that the next truly transformative innovation Enabling Technology Trends
in financial services for the poor is now visible. That There are several technology and business trends
innovation is mobile phone banking—already fully worth mentioning here. One is the build out of mo-
commercial in the Philippines, in South Africa, and in bile telecom networks, arguably the most remarkable
Kenya, and gathering momentum virtually everywhere (and largest) recent technological phenomenon on the
in the developing world. While banks may play an im- planet. There are already more than 1.5 billion mobile
portant role in this activity, the real catalysts are likely phones in use in developing countries, and that num-
to be technology owners and experts. Specifically, ber is likely to reach 2.5 billion within the next 5 years.
two parties will be key to the coming mobile banking More than 80 percent of new customers worldwide
revolution: first, the mobile telecom companies that will come from developing countries, and since nearly
own the networks capable of reaching several billion everyone in developing countries who is not part of the
Forward: Innovations in Financial Services
Markets + Enterprise for the Poor
White Paper Dr. Allen L. Hammond
BoP already has a mobile phone, that growth will come rapidly, and is expected to equal that of today’s PC
almost entirely from adding BoP customers. within about 5 years. Thus, mobile phones are becom-
ing inexpensive, Internet-enabled, multimedia-capable
Growth is still explosive—in India, mobile compa- computing devices—with a replacement market ap-
nies are adding more than 8 million new customers a proaching 1 billion phones per year. So it’s not hard to
month and plan to build more than 30,000 additional think of them as portable banking terminals.
cell towers in the coming year. Mobile companies in
Africa plan to invest $50 billion to expand their net- Of course, conventional mobile phone networks don’t
works in the next five years2—double the rate of invest- yet cover many rural parts of developing countries,
ment of the past five years. Impending privatizations and may never do so. The costs of installing a mobile
of government-owned phone companies in countries network (usually more than $100,000 per cell tower,
with large, unserved rural populations, such as Viet- including diesel generators) may simply be prohibitive,
nam, are attracting many interested bidders. especially where sparse populations and low incomes
mean that a positive return on investment will be a
A recent empirical study of low-income consumers’ long time in coming.
spending patterns showed that the share of BoP house-
hold expenditures on ICT services (largely mobile Such high costs lead us to a third technology trend,
telephony) rises 8-fold between the lowest and the which may prove important, especially for BoP finan-
highest income segments of the BoP. This is a far more cial services—the growing capability and very low
dramatic increase than any other sector and a clear costs of advanced fixed wireless networks—especially
preference that underscores the huge latent demand Wi-Fi or WiMax networks4, but including advanced
remaining to be tapped3. This is especially the case in VSAT networks. These technologies are based on open
Asia and Africa, where BoP populations and markets standards, attract many manufacturers, and hence have
are dominantly rural and not yet well served by mobile declined in cost very rapidly. They also are optimized
networks. for data—they are broadband networks capable of
carrying a much higher volume of Internet or data
A second trend is the increasing technological sophis- traffic than are the proprietary cellular networks com-
tication of mobile handsets, even as prices decline. monly deployed by mobile telecoms. That makes them
Virtually all basic handsets now include voice and ideal for a wide range of services, including Voice over
data capability and significant memory; many are Internet Protocol (VOIP), commonly called Internet
multimode (capable of working over more than one telephony—and it may turn out that these advanced
frequency band); cameras are increasingly a common networks are especially well suited as a way to extend
feature, even for low-end handsets. Some high-end mobile telephony into more remote, rural areas.
handsets include Wi-Fi capability, and there appears
to be no technological reason why Internet-enabled Trends in Action: The Case of Vietnam
mobile handsets (e.g., multimode handsets with a World Resources Institute, in partnership with USAID
Wi-Fi radio) cannot easily be made available to low- and AUSAID, a provincial government, and a mobile
end customers as well (one estimate is that the cost, telecom company—as well as Intel and other equip-
in quantity, of adding a Wi-Fi chip to a handset will be ment vendors—has recently deployed just such a
less than $5 per phone). Wi-Fi/VoIP network in a poor, rural part of Vietnam5.
The pilot uses advanced mesh Wi-Fi technology to link
Moreover, costs of entry-level handsets continue to together a group of rural villages, and advanced Wi-Fi
decline: $30 GSM phones are common, and a $20 backhaul technology to link those villages to existing
handset is planned for release in India later in 2008. optical fiber. It provides voice service using VoIP on
The processing power of handsets is also increasing Wi-Fi-enabled phones and Internet access to telecen-
Forward: Innovations in Financial Services
Markets + Enterprise for the Poor
White Paper Dr. Allen L. Hammond
Forward: Innovations in Financial Services
Markets + Enterprise for the Poor
White Paper Dr. Allen L. Hammond
Two basic kinds of mobile banking models have been and they are eagerly looking for value-added services
deployed: bank-centric models that work under the to offer those customers. From that perspective, mo-
banking license of a single bank and will work on one bile banking looks like a killer application—one that
or frequently multiple mobile telecom networks; and will drive phone usage and increased individual phone
telecom-centric models that work on a single telecom ownership (you might share your phone, but you are
network but are compatible with multiple banks or less likely to share your wallet).
banking networks.
Mobile Transactions
Wizzit (a start-up company) in South Africa uses Mobile banking provides a way to offer a wide range
a bank-centric model that can work with multiple of financial services. In addition to cash management,
mobile networks; the Smart money network in the loan and bill payments, direct deposits of salaries or of
Philippines is also bank-centric, but works only on receipts from retail sales or other commercial transac-
the Smart Telecom mobile network; and m-Pesa in tions, mobile networks can also offer remittances and
Kenya is bank-centric, but works only on the Vodafone money transfers and, either directly or via a linked
(Safaricom) mobile network. G-cash, deployed on the debit card, facilitate cash-less consumer purchases. In
Globe Telecom mobile network, is a telecom-centric Kenya, Vodafone found that some m-Pesa customers
model that works with multiple banks. These models were using the system to provide a safe way to carry
have been discussed elsewhere and I will not elaborate funds from one location to another—they would
on them here. But it is perhaps useful to note that deposit cash to the system, and then draw it out again
Vodafone expected some 200,000 customers at the upon reaching their destination. Typically, both bank
end of the first year of operation of its m-Pesa system branches and a wide range of retail shops provide
in Kenya, but found itself dealing with long lines of cash-in and cash-out locations, where mobile banking
eager customers that resulted in 200,000 customers in customers can exchange cash for digital credits or vice-
2 months and more than 1 million customers in less versa. In the Philippines, Smart money customers are
than a year. There is no shortage of demand for mobile notified of a remittance from a relative overseas via a
banking services. text message and can pick up their cash at any McDon-
alds or at a large number of small convenience stores
These models may well be rapidly replicated. Globe or kiosks or have it credited directly to their debit card.
is franchising G-cash to other mobile companies; Given the large and rapidly growing volume of both
Wizzit plans to do the same; Vodafone is planning international remittances (estimated at $300 billion/
to replicate m-Pesa on other Vodafone networks in year) and domestic money transfers, and the hazards
developing countries. Other models will appear. All of carrying cash in many parts of the developing world,
Mexican banks, for example, have signed onto a com- this broad range of services will find ready markets.
mon platform for m-transactions and will shortly begin
deploying mobile banking services. There is move- In addition, mobile phones can provide a marketing
ment toward mobile banking in Nigeria, Pakistan, and and sales platform for additional financial services,
a number of other countries. We are probably entering such as insurance (life insurance, health insurance,
an era of rapid experimentation and competition, from and crop or weather insurance), since they can read-
which the winning models will emerge. ily provide information on or answer questions about
specific products, in local languages. (Such informa-
I believe that it is plausible that the next 5 years will see tion is especially easy to provide with the VoIP systems
1 billion unbanked people gain access to financial ser- described above as part of village Wi-Fi networks,
vices via mobile phone banking. Mobile telecom com- since they can be programmed into the VoIP switch-
panies in developing countries already understand that es—e.g., they are automated software-based products,
their growth is dependent on serving BOP customers, even if delivered as voice). Moreover, the transaction
Forward: Innovations in Financial Services
Markets + Enterprise for the Poor
White Paper Dr. Allen L. Hammond
records including payment or remittance records of a Many central banks in developing countries have
customer’s mobile phone account may prove a kind yet to establish rules for mobile phone banking, nor
of substitute credit rating that could qualify a mobile have they set in place some version of the transaction
banking customer for a micro-loan—applied for, ap- security system described above. And because mobile
proved, paid out, and eventually repaid over the mobile banking is still in its infancy, serious criminal attention
platform. Both of these (still hypothetical) examples to defeating these systems, for example by hacking SIM
illustrate how mobile transactions could dramatically cards so as to “establish” fake accounts or take over le-
lower transaction costs, compared to conventional gitimate accounts, has probably not reached the levels
banking methods, thus making BoP financial services likely to occur eventually. Building capacity in central
more affordable to customers and more profitable to banks and spreading awareness of safeguards and how
banks. they need to be implemented is important to accelerate
the spread of mobile banking.
Barriers to Mobile Banking
A key barrier to the rapid expansion of mobile banking Biometric ID and Enhanced Transaction Security
is lack a familiarity with the technologies and business There may also be a significant role for technology in
models on the part of both banks and telecom compa- improving mobile transaction security, as the follow-
nies, and the necessity of establishing partnerships that ing report makes clear. There has been a lot of work on
involve both kinds of companies. As awareness spreads biometric identity systems in recent years. The report
of the success of mobile banking efforts and of the surveys that work and assesses its relevance for mobile
details of specific models, however, these hesitations banking. In particular, it identifies a biometric technol-
are beginning to disappear. Competition and the fear ogy approach that has already been incorporated in
of being left behind will increasingly spur innovation. some mobile handsets—a sophisticated, but low-cost,
fingerprint sensor.
A more significant barrier is regulatory approval,
especially by central banks and sometimes by telecom Use of this approach for mobile banking would work
regulatory authorities7. Central banks – along with the something like this: When a customer initiated a
U.S. Treasury Department – are concerned that mobile mobile banking transaction, the handset would request
banking provides adequate protection to customers that the user register his or her fingerprint on the sen-
and to the banking system itself against fraud, money sor, and the handset would compare the fingerprint to
laundering, and other criminal activities such as the one already stored in the phone (and, as a backup,
transfer of funds by terrorist organizations. At pres- also stored on the bank mobile transaction server). The
ent, security for mobile banking transactions rests on handset would then send the transaction request and
several parallel approaches: device-based security, such the result of the fingerprint comparison—in effect, a
as the unique SIM card within each mobile handset biometric ID authentication—to the bank server for
that identifies the customer who owns the phone; approval and execution of the transaction. That would
know-your-customer requirements, especially for the replace the device-based security safeguard (the SIM
retail cash-in/cash-out points that are usually required card) with something much more robust and harder
to have a traditional bank account and establish their to defeat. As the report makes clear, the technology to
identity to the bank in order to open the account; and implement such a system is available now.
pattern recognition software that tracks transactions to
ensure that limits on the size and frequency of trans- In summary, there is a confluence of technology trends
actions does not exceed regulatory limits that might leading to viable solutions that can enable very wide-
suggest money laundering activity. The weakest link is spread access to financial services. Demonstration of
device-base security. these technologies and the related service models will
help to accelerate commercial adoption, overcome
Forward: Innovations in Financial Services
Markets + Enterprise for the Poor
White Paper Dr. Allen L. Hammond
FOOTNOTES
1)Dr. Allen L. Hammond is Vice President for Innovation and Senior Fellow,
Markets & Enterprise Program at the World Resources Institute.
2)Tom Phillips, GSM Association, cited in Balancing Act, Issue # 378 (London, 2007).
3)The Next 4 Billion: Market Size and Business Strategy at the Base of the Pyramid
(International Finance Corporation and World Resources Institute, Washington DC,
2007).
4)Wi-Fi is the wireless standard already widely deployed employed in hotspots
and in homes and offices; WiMax is its more sophisticated (and expensive) cousin,
designed to handle the multiple reflections of wireless signals encountered in urban
environments and to provide slightly longer range. Its complexity and cost are at
present a disadvantage in rural areas of developing countries, compared to Wi-Fi,
although costs are expected to continue declining.
5)The pilot referred to here is one of several similar pilots in Vietnam; other similar
models have been deployed in Mongolia and Sri Lanka.
6)The advanced mesh WiFi access points being used in the Vietnam pilot can con-
nect at high speeds to a normal laptop within a “cell” extending at least 1 kilometer
from the access point, except where line-of-site is blocked by hills or tall buildings;
with a small extension antenna plugged into the laptop, the cell radius is 2 kilome-
ters. This range often makes it possible for a single access point to cover a village or
a rural neighborhood extending over several square kilometers. With the appropri-
ate antenna, the units can connect to the next cell—e.g., the next village coverage
zone—located between 1 and 10 kilometers away. As many as 10 such cells can
be linked together in a chain, sharing a single fiber link or VSAT connection to the
Internet. Such advanced technology thus facilitates affordable connectivity for rural
BOP populations--connectivity that may otherwise be prohibitively expensive.
7)CGAP, Regulating Transformational Branchless Banking: Mobile Phones and other
Technology to Increase Access To Finance, Focus Note 43 (cgap.org/portal/site/
cgap/BranchlessBnaking/FN43).
Markets + Enterprise
White Paper
Loretta Michaels8
The provision of basic financial services to unbanked ket, especially for border control, physical access and
populations, and the growth of mobile phone net- fraud prevention. To date these biometric systems
works, are both widely acknowledged as having broad have largely been complex and expensive to build and
economic benefits. The logical extension of these operate, and have thus been limited in their imple-
growth areas is to converge the two to allow innovative mentation. As technology improves, the ability to use
approaches to rural banking and payment systems. In biometrics for individual applications, particularly in
order to do so, countries need to pursue both broader mobile banking, is of great interest to financial institu-
coverage of cellular networks, and better connectivity tions seeking secure means of signing up rural custom-
in the form of affordable mobile phones and easier ac- ers.
cess to financial and other types of services.
The purpose of this document is to provide an intro-
The economics of extending high-cost cellular net- duction to biometric technologies, and in particular
works into rural areas cannot usually be justified look at those biometric technologies that would be
without high voice and data traffic forecasts. One way portable to mobile platforms. The intention is to un-
to address low-cost coverage is via WiFi technology, derstand and evaluate how biometrics might be used
which is the subject of another WRI project9. Beyond for mobile banking and payment systems, and to iden-
basic coverage, however, is the need to link users to tify the best approach to take given the current state of
useful financial services via easy-to-use handsets and the technology and the nature of most rural markets in
simple applications. the developing world.
For the banking sector to provide financial services in The Biometric Process
rural areas, the issues they face include not just cover- Biometrics is typically defined as a means of uniquely
age and connectivity, but also basic familiarity with recognizing humans based upon one or more intrinsic
banking systems, from training and education in the physical or behavioral traits. Physical traits refer to
use of bank accounts to the provision of adequate what you are, as opposed to what you know, and in-
security measures for users unfamiliar with PINs and clude such things as fingerprint, face, retina, iris, hand
passwords and who often have few formal identifi- geometry, and DNA. Behavioral traits reflect what
cation documents. It is the security issue that is of you do, and include such actions as signature, gait, and
particular importance to financial institutions, not just keystroke. One biometric trait that is considered both
in developing countries but worldwide, led by growing physical and behavioral is voice.
concerns about money laundering and terrorist financ-
ing, fraud and consumer protection. Regardless of the type of biometric that is used, the
process involved when conducting biometric authen-
An area of rapid development in security systems is tication is generally uniform (see figure below). The
the use of biometrics. While fingerprints have long user will first enroll themself in the system by provid-
been used in law enforcement, other types of biomet- ing multiple samples of the relevant biometric, which
rics have largely been the stuff of research and science are then converted to digital, mathematical “templates”
fiction. However, rapid advances in biometric tech- and stored for future reference. Once the user is suc-
nology, largely driven by national security concerns, cessfully enrolled, they’ll gain biometric access to the
have brought several biometric solutions to the mar- system by presenting a “live scan” of the biometric
Biometric Security for Mobile Banking
Markets + Enterprise Loretta Michaels
White Paper
trait, which is then compared to the reference template. known as the False Accept Rate, or FAR) measures the
The comparison of templates takes the form of either percentage of invalid users who are mistakenly allowed
identification, which means that the live scan is com- into the system, while the False Non-Match Rate
pared to many templates to ascertain who the user is (FNMR, or the False Reject Rate, FRR) measures the
(aka a 1:N comparison), or authentication, where the percentage of valid users who are mistakenly rejected
live scan is compared to just one template to confirm by the system. While it would seem intuitive to set
that the user is indeed who they say they are (a 1:1 both measures as close to zero as possible, in reality
comparison). The determination of whether or not there are tradeoffs made depending on the purposes of
the two templates match will depend on the levels of the biometric system. For example, access to a nuclear
accuracy demanded by the system administrator (the weapons site would demand absolutely no false match-
threshold level). This may seem oddly flexible for a es, but will correspondingly result in a higher number
security system, but in fact no biometric system is of false rejections of valid users, which will then need
completely foolproof in returning a 100% total match. to be resolved via other means of verification. While
Rather the systems will indicate that the templates cor- military authorities will probably deem this type of
respond to a certainty level of, say, 95%. It’s up to the inconvenience to valid users an acceptable price to pay
administrator of the security system to decide how ac- for nuclear security, other organizations may demand
curate they demand the match to be, and set the system more user-friendly systems for their employees or
accordingly via the threshold level. The distinction customers, say for access to an office building elevator
between identification and authentication is important or all-day passholders at a theme park10. Because the
when evaluating biometric systems, as the systems will levels determined for both FMR and FNMR involve
require different threshold levels, not to mention vastly a tradeoff in the system design, most scientists who
different storage and processing systems. After all, con- are looking to compare biometric verification systems
firming that I am who I say I am is very different from will in fact look at the level at which the FMR equals
trying to determine who I am in the first place, and the the FNMR, otherwise known as the Equal Error Rate
former should be easier than the latter. (or EER). Other measures that are looked at when
evaluating biometric systems are the times required for
It’s also important to understand the different per- enrollment and verification, and the Failure to Enroll
formance metrics of a biometric system, as these (FTE) rate, which would reflect how often users are
will impact what sorts of threshold levels are needed unable to enroll at all due to any number of reasons,
depending on the purposes of the security system. As including illness and physical injury.
their names imply, the False Match Rate (FMR, also
10
Biometric Security for Mobile Banking
Markets + Enterprise Loretta Michaels
White Paper
Another element to consider when designing a bio- on system design and user training. Decisions about
metric system is whether the template comparison, which type of system to build should be based upon
or matching, will occur locally, for example on the what types of authentication will need to be done,
mobile handset or the door keypad, or centrally using a 1:1 or 1:N, how the system will be used, what level of
separately located database. The obvious implications backup and communications links can be built, and
of this choice are the need for storage capacity and how the entire system needs to integrate into existing
communications links between the biometric scan- information management systems.
ner and the host system. Local matching will require
less processing power, but will also mean a limit to For purposes of replacing PINs and passwords for
the number of reference templates that can be stored mobile banking transactions, biometric authentication
for comparison purposes. As a result, local matching via local matching should suffice in terms of security, as
is generally though to be better suited for 1:1 authen- the bank’s purpose will be to verify whether the user is
tication, requiring a yes or no decision about a single who they say they are rather than identify them in the
template match. Depending on the type of system first place. In keeping with the latest financial security
being implemented, some experts also believe that standards, banks may want to employ two-factor iden-
local storage and verification of reference templates are tification, whereby two criteria are used to verify the
better for preserving the privacy of personal data. The customer’s identity, but this is entirely feasible with the
fact that many biometric systems use each successive mobile phone. One solution is to register the handset,
live scan to enhance and improve the reference tem- usually via the user’s cellphone number, and link it
plate on the local device is another reason to consider with a particular individual account holder, and then
local matching systems. send this information along with the biometric confir-
mation to the financial institution’s processing systems.
Larger, centralized matching systems have their own
benefits, of course. For one thing, they will have Many Kinds of Biometrics
greater storage and processing power available to the There are many types of biometrics being studied
system, and are therefore able to provide both 1:1 and today, some of which are already being commercially
1:N authentication, which is necessary for some sys- implemented in certain applications. Physiological
tems such as law enforcement and surveillance. This traits that are used for validating a person’s identity
greater capacity and capability, however, will necessar- include fingerprints, faces, retina and iris, voice, hands
ily involve the storage of multiple reference templates, including knuckle, palm and vascular patterns, DNA
which will impact system hardware and software and other more experimental traits such as odor,
needs. There is also the need to constantly monitor the earlobes, sweatpores and lips. Behavioral traits include
host and its communication with scanner units such signatures or specific signs, keystroke patterns, voice,
as mobile handsets, plus database management and and gait. While fingerprints have been in use by law
backup requirements. enforcement for more than a century, the rest of the
biometric traits listed here are far more recent and in
To date, no research testing has been done to compare some cases still considered very experimental. An in-
accuracy levels between local and centralized biomet- depth review of all the various biometric technologies
ric matching systems, although there’s little reason to is beyond the scope of this paper. Rather, what we are
believe that there would be major quality differences. interested in is which of the biometrics can be consid-
Rather, biometric experts agree that the performance ered portable to some type of mobile device, specifi-
of any system will depend more on the quality of the cally a cellphone. The biometrics that lend themselves
scans that are taken, which in turn depends upon most to the small form-factor inherent with a cell-
environmental issues such as noise, illumination or phone are facial recognition, voice recognition, iris
dirt, and on usability issues, which in turn will depend recognition and fingerprints. (Signatures and sign rec-
11
Biometric Security for Mobile Banking
Markets + Enterprise Loretta Michaels
White Paper
ognition are proving to be reliable authentication tools, neuronal motivated dynamic link matching. However,
but they require larger and more sophisticated screens in recent years, a newer facial technology has emerged,
than would be found on most cellphones nowadays, 3D facial recognition, that isn’t affected by illumination
so they are excluded from this analysis.) The issues to and is showing accuracy rates up to ten times better
consider in evaluating these measures include accuracy, than older algorithms11.
reliability, acceptability, susceptibility to fraud, ease of
enrollment, usability, environmental effects, hardware Facial recognition is cheaper and easier to use than iris
and software size, and cost. or retinal scans, in part because it’s less invasive and can
generally use low speed, low resolution cameras, but it
Facial Recognition gives a higher false negative rate than other biometric
A facial recognition system uses a computer algorithm technologies because of the need for tightly controlled
to identify or verify a person from a digital image or a environments. A facial recognition system is sensitive
video frame. This is done by comparing selected facial to such criteria as head position and angle, movement,
features from the image and comparing them against a lighting and other factors, including the use of different
cameras for enrollment and verification. In addition,
facial recognition has certain weaknesses that limit its
usefulness for fraud prevention. It cannot distinguish
identical siblings, it can be defeated by pointing the
camera at a high-resolution video monitor playing a
video of an authorized user, and can also be defeated
by the use of a severed head. And of course there may
be religious or cultural prohibitions against facial pho-
tographs in some regions of the world that will limit its
voluntary uptake by target users.
reference template usually stored in a facial database. A basic facial recognition system can probably use a
While it’s much newer than fingerprint technology, standard camera phone of 1 Mg or more, while tem-
it’s gained wide usage in some security applications, plate size can range from 1000 to 2000 bytes. (See
particularly CCTV systems and some border cross- chart on page 8 for comparison of biometric tem-
ing controls. Facial recognition emphasizes features plates.)
that are less susceptible to alteration, like eye sockets,
cheekbones, and the sides of the mouth, and as such is Voice Recognition
resistant to many of the changes associated with most Virtually all North Americans are familiar with speech
plastic surgery and to changes that come with aging. recognition, having come across it when trying to
Traditional facial recognition algorithms include Ei- phone most companies nowadays. Voice recognition
genface, Fisherface, the Hidden Markov model and the differs from speech recognition, in that voice recogni-
12
Biometric Security for Mobile Banking
Markets + Enterprise Loretta Michaels
White Paper
tion analyzes how you say something, versus what mance can also vary according to audio signal quality
you say in speech recognition. Each person’s voice is as well as variations between enrollment and verifi-
unique, due to differences in the size and shape of their cation devices, and with variations in environments
vocal cords, vocal cavity, tongue and nasal passages. (inside versus outside, variations in background noise,
The way an individual speaks is also determined by the etc.). Voice changes that occur as a result of time, in-
complex coordination of their lips, jaw, tongue and soft jury, cold or illness can also be an issue. Finally, voice
palate. Voice and speech recognition can in fact func- recognition can be defeated by playing back a high
tion simultaneously using the same utterance, allowing fidelity recording, which would obviously be of great
the technologies to blend seamlessly: speech recogni- concern to financial institutions.
tion can be used to translate the spoken word to an ac-
count number, while the voice recognition verifies the While voice recognition benefits from ease of usage,
vocal characteristics correspond to those associated high user acceptance, and no need for new hardware,
the impact of environmental issues upon performance
renders it of low to medium accuracy, which is not
likely to meet the security needs of most financial
institutions.
Iris Recognition
Iris recognition is a newer method of biometric
authentication than analyzes the features that exist in
the colored tissue surrounding the pupil, such as rings,
furrows, freckles and the corona. Iris patterns possess
a high degree of randomness, with each iris having 266
unique identifiers as compared to 13-60 for other bio-
metrics. These iris patterns, which differ even between
identical twins, are apparently stable throughout ones
with that user’s account. Considered both a physi- life (although they will change within hours of death,
ological and a behavioral biometric measure, voice rec- preventing the use of dead eyes). The iris features
ognition has good user acceptance and requires little and their location are used to form what’s called the
training to use. However, while popular, low cost and IrisCode T, which is the digital template of the iris,
capable of working over any phone, it’s less accurate with an average template size of 512 bytes.
than other biometric systems and can entail lengthy
enrollments requiring multiple voice samples to attain
a usable template. Spectrographic voice images are
used to create a relatively large template, between 2 and
10 kilobytes. There are many vendors of voice recogni-
tion systems, along with many proprietary technolo-
gies, and though no systems have been commercialized
on handheld devices, processing can be done on a cen-
tral server that is easily accessed via a mobile phone, so
no new hardware should be needed.
13
Biometric Security for Mobile Banking
Markets + Enterprise Loretta Michaels
White Paper
14
Biometric Security for Mobile Banking
Markets + Enterprise Loretta Michaels
White Paper
Fingerprint capture technology is easily accommo- though, the biometric is used to supplement, rather
dated on a cellphone, with sensor sizes ranging from 12 than replace, the normal security systems already in
mm x 5 mm to about 1.5 cm x 1.5 cm, and low power place for online and mobile banking. In Japan, Soft-
and processing requirements. The fingerprint template bank Mobile (formerly Vodafone) and NTT DoCoMo
itself ranges in size from about 256 bytes to 500 bytes. both offer Sharp handsets that use Face Recognition,
Chart 1. below summarizes the main characteristics of from biometric vendors such as Oki and Neven Vision.
the biometric technologies discussed in this paper. Several handsets on offer at all the mobile operators
have Fingerprint sensors, including those from LG, Fu-
Market Activities in Mobile Biometrics jitsu, Samsung, Panasonic and Sharp, using fingerprint
Currently, most biometric applications around the technology from AuthenTec and Atrua. In addition,
world tend to focus on national security and law Oki Electronics has come out with a proprietary cell-
enforcement activities, as well as physical access to phone that contains Iris Recognition software that uses
sensitive or restricted facilities. As understanding the phone’s own camera. (Whether this phone has had
of the technologies and their performance levels has to be retrofitted with infrared filters is not clear.)
improved, more sectors of the economy are looking In China, handset vendors are starting to introduce
at the use of biometric systems for identification and handsets with fingerprint technology, including Yulong
authorization. The technology and financial sectors in and Qiao Xing Mobile (CECT). And in Korea, KTF
particular are interested in the use of biometrics, partly has introduced several phones using AuthenTec’s
to improve their customers’ user experience by saving fingerprint solution, including those from Pantech,
them the hassle of having to constantly re-enter pins, Motorola and LG.
passwords and account numbers. For those parts of
the financial services world who are seeking to expand While Europe hasn’t been as active in this area, there
their customer base into previously unserved areas, was an EU collaborative research program started in
inconsistencies in the availabilities and types of official 2004 called SecurePhone that produced a high-end
identification present challenges to opening up new ac- PDA prototype using face, voice and signature-based
counts. Biometric identification is one way of address- biometric authentication systems on a SIM card. More
ing those challenges. recently, Swisscom Mobile has embarked upon a trial
using Atrua’s fingerprint sensors on a Toshiba phone.
Asia is leading in the use of mobile biometric activity12.
Most current cellphone-based biometric applications In India and parts of Africa, governments and financial
are being seen in Japan, South Korea and, increasingly, institutions have started using biometrics to enroll ru-
China, where biometrics are used to unlock handsets ral populations for social benefits and banking applica-
and/or applications on the handset. In all these cases,
15
Biometric Security for Mobile Banking
Markets + Enterprise Loretta Michaels
White Paper
tions. In these cases, the reasons for the use of the bio-
metrics are to provide identity verification and prevent In South America, Bolivia led the way in the use of bio-
fraud. While these applications are generally being metric ATMs, having been introduced in 1999 by the
provided via mobile ATMs, smart-cards and “roving” Prodem FFP bank. Targeting low-income communi-
service agents, rather than via cellphone, the concepts ties and entrepreneurs offering a wide range of savings,
are similar and proving usable in these markets and, credit and money transfer services, Prodem rolled out
critically, acceptable to financial regulators. a large urban and rural network of branches and smart
ATMs (now at 90 branches and 52 ATMs). To over-
In India, the government has embarked on a rural em- come barriers such as illiteracy, they created a solu-
ployment guarantee program, guaranteeing people 100 tion employing smart cards, fingerprint recognition
days work a year if they are poor. However, the system, technology and smart ATMS, as well as stand-alone,
which uses job cards and involves many intermediaries, voice-driven ATMs in local languages with color-coded
has been rife with fraud. In the Indian state of Bihar, a touchscreens. In fact, Prodem was a finalist for the
project has begun to set up a biometric system of iden- 2005 Gateway Development Prize for its innovative
tification for job cards, after which all payments will approach, which went on to provide the framework for
be deposited directly in the bank accounts of the poor, later initiatives in India and elsewhere.
thus checking leakages. One challenge to this scheme
is that banks have been notoriously reluctant to open South Africa is another place where the use of bio-
small accounts for illiterate users who cannot handle metrics is growing, largely for identification purposes
paperwork; and many poor people have to travel 50 (having started in the mining industry years ago).
miles to get to a bank branch. Capitec Bank is using biometrics for providing low-
cost banking services to unserved populations, largely
In response, a few major Indian banks (Canara, An- via kiosks and smart-cards, while the government is
drha, ICICI), as part of a mandate by the government using fingerprint recognition for the delivery of pen-
to address the vast unbanked populations in the rural sion benefits to its citizens. As the use of biometrics
areas, have recently introduced fingerprint-enabled grows in South Africa, so does the number and size of
ATMs, both mobile and low-cost fixed. Customers South African biometric vendors designing solutions
are enrolled and given a smart-card that holds their specific to African needs. One such vendor, Net 1
account information as well as their biometric identifi- Technologies, designs smartcard and banking systems
cation. They then swipe their smart-card on the ATM, aimed specifically at unbanked populations. Their
and present their finger or thumb, which is compared system uses secure smartcards that operate in real-time
against the information contained on the smart-card but offline, unlike traditional payment systems offered
for authorization. Simplified voice instructions and by major banking institutions that require immediate
color-coded touchscreens walk the user through the access through a communications network to a central-
various banking transactions, while a service represen- ized computer. This offline capability means that users
tative is always on-hand to provide additional support of Net1’s system can enter into transactions at any time
if necessary. While these trials were introduced to with other card holders in even the most remote areas
much fanfare in early 2007, and appear to be working so long as a portable offline smart card reader is avail-
well according to preliminary press, there have not yet able. Net1 was recently chosen by the Central Bank of
been follow up reports indicating whether the banks Ghana to develop biometric smart-cards for use in that
themselves consider the trials to be commercial suc- country’s ATMs and POS.
cesses. However, such efforts are not just a response to
the government’s mandate, as Citigroup has launched Conclusions
a similar project in India, making clear that they intend As biometrics continues to advance scientifically and
to make a profit doing so. technologically, its use and acceptability as a means of
16
Biometric Security for Mobile Banking
Markets + Enterprise Loretta Michaels
White Paper
security and authorization across various sectors also bank’s online banking system, an approach that will
grows. In particular, the financial industry is increas- often require costly systems integration (and result in
ingly interested in the use of biometrics to help in the an undesirable one-off solution), or it could interface
ongoing fight against money laundering and terrorist with a separate mobile banking platform. The mobile
financing, fraud and consumer protection. At the same banking platform would act as a “black box” interme-
time, as the provision of standard infrastructure lags far diary between the cellphone and the bank, receiving
behind the rollout of cellular services in most devel- the identity and biometric authorization data from the
oping countries, interest in the use of mobile phones user’s handset and, once verifying the information,
to access rural populations and provide banking and sending a pre-authorized signal to the banking system,
information services is exploding. using standard ISO banking protocols, telling the bank
to go ahead with the transaction at hand. In fact this is
Biometrics would be a useful solution to the issue of how many mobile banking systems work today, taking
security for mobile banking in developing countries, information from the handset and translating it in one
particularly to address the unique needs of the un- form or another for use by banks and payment proces-
banked in rural areas. Technically, the use of biomet- sors.
rics is entirely feasible in mobile applications. The
accuracy of biometric identification systems is as good As is often the case with new technology applications,
if not better than most traditional banking security sys- the biggest issue facing mobile operators and banks
tems, and the software and transmission requirements when trying to evaluate biometrics for mobile bank-
of several biometrics technologies are certainly within ing will not be the technology, per se, but rather the
the realm of possibility for most of today’s cellular net- business case around building the technology into the
works. The main issue to address with any biometric application13. Questions such as who owns the cus-
system is that the performance will only be as good as tomer, who builds and operates the mobile banking
the quality of the data captured, so that environmental platform, who pays for the cellphone, and who handles
controls and user training are of paramount impor- all the implementation, training and customer-service
tance. related issues all need to be addressed to understand
the overall attractiveness of a biometric mobile bank-
For purposes of mobile phone banking, fingerprint ing application.
recognition appears to be the best technology to use
today. Fingerprints are already being used for several FOOTNOTES
rural banking applications around the world, with ac- 8)Loretta Michaels is a consultant with extensive experience in telecoms and mobile
payments, particularly in the developing world.
ceptable performance and security results. And while 9)See Forward.
there is a requirement for incremental hardware and 10)Disney World was, until 2007, the largest user of biometric systems in the US. It
used fingerprint scanners from Lumidigm, a company set up with financial backing
software to accommodate fingerprint sensors on the from the CIA, NSA and DOD.
handset, the use of fingerprint recognition technol- 11)National Institute of Standards and Technology (NIST) 2006 Facial Recognition
Vendor Test (FVRT).
ogy is being used in several mobile phones today by a 12)Appendix A: leading vendors addressing mobile phone biometric technologies.
13)Appendix B: issues for consideration when designing a mobile banking system.
wide range of handset vendors. As for use in cellular
networks, the size of fingerprint templates, which can
range from 250 to 500 bytes, can easily be transmitted
via today’s GSM and CDMA data networks, allowing
for systems that can provide matching both locally and
centrally, depending on the application requirements.
17
Biometric Security for Mobile Banking
Markets + Enterprise Appendix A: Biometric & Handset Vendors
White Paper
Appendix A.
Biometric & Handset Vendors with
Mobile Products in Market
Neven Engineering, Inc. (trade name: Neven Vision) Santa Monica, CA.
Neven Vision was founded in 2003 by a group of people who had worked together on a biometrics company
18
Biometric Security for Mobile Banking
Markets + Enterprise Appendix A: Biometric & Handset Vendors
White Paper
(Eyematic Interfaces, Inc.), but in the last few years had changed their focus to applying that technology to mo-
bile visual search. Their service offerings include image-driven mobile marketing services, visual mobile search,
comparison shopping and m-commerce, enhanced photo messaging, secure data access and field identity verifi-
cation. Customers include NTT DoCoMo (for authenticating transactions), the U.S. government (including the
LAPD for identifying gang members), and Coca-Cola (for mobile marketing campaigns). Neven Vison holds
a number of patents on face recognition, image recognition and video recognition, including the “image base
enquiry system for search engines for mobile telephones with integrated cameras,” image-based search engine
for mobile phones with camera,” and “single image based multi-biometric system and method.” In August 2006,
it was purchased by Google, to be incorporated into Google’s Picasa product line to improve organization and
search of personal photo albums. Google hasn’t made any specific announcements on how it intends to use the
mobile technology it acquired with the purchase, although the fact that Google will be participating in the FCC’s
spectrum auction indicates that it does plan some type of mobile offering.
Other leading face recognition vendors (currently without cellular solutions): L-1, Bioscrypt, CrossMatch,
SagemMorpho, Datastrip, Labcal
Other leading iris recognition vendors (currently without cellular solutions): Irisguard/Iridian (now owned by
L-1), LG Iris, Panasonic
Fingerprint
Samsung, LG Electronics, Fujitsu, Hitachi, Motorola, Pantech, Toshiba, Panasonic, Kyocera, CECT, Yulong
Face
Sharp
Iris
Oki (proprietary)
19
Biometric Security for Mobile Banking
Markets + Enterprise Appendix B: Key Issues to Consider
White Paper
Appendix B.
Key Issues to Consider in Designing a
Biometric Security System in Mobile Banking
- Who does customer belong to - mobile operator or bank?
- Who pays cost of new and/or upgraded cell phone hardware? How are cell phone batteries kept charged
(solar?)
- How will customers enroll in system? Physical presence required, plus processes for verifying initial identify
claims
- Should debit cards be issued in conjunction with service for use in urban ATMs?
- Need exception handling for both enrollment and verification; 1-800 # for problems, with secret questions for
when customer can’t verify biometrically?
- To what degree will biometric match decisions be incorporated into existing interfaces for banking, payment
and clearance systems?
- Cash handling network and use of field agents, retail agents, mobile ATMs
- Software requirements for cell phones not prohibitive; software and backup requirements for mobile banking
systems and linkages to bank network to be determined
- Processing requirements - need basic data network (shouldn’t need 3G as long as you’ve got a secure tunnel to
the bank)
20