Monthly Archives: July 2015

What’s the Best Form of Biometric Security for Banks?

Biometric Update logoWriting for Biometric Update – the leading online source for breaking news, analysis, and research about the global biometrics industry – Enacomm CMO David Anderson explains in an expert guest article why voice biometrics technology may be a better choice for banking security than fingerprint or facial recognition. In the piece, “All forms of biometric authentication are not created equal,” Anderson notes that biometrics security technology is now being more widely used thanks to the proliferation of smartphones with high-quality microphones and cameras that make the process easy. While ease is a priority when choosing between biometric identification methods, he says, effectiveness is just as important.

Touch biometrics is often one of the least reliable forms of biometric authentication, as fingerprint scanners can be easily duped. From the article:

For the pros, making fingerprint dummies is relatively easy. Tsutomu Matsumoto, a security researcher at Yokohama National University, created a way to fool biometric scanners 80 percent of the time by taking a photograph of a fingerprint left on a wine glass, for example, and re-casting it in molded gelatin. Nine out of 10 fingerprint readers can even by tricked by manipulated Play-Doh from your local department store, as proven by hackers. What’s more, it’s possible for cyber-criminals to intercept fingerprint data from Internet-enabled biometric scanners as it’s sent to the computer server for processing.

More reliable than touch, facial recognition has close to a 98 percent success rate. However, fraudsters have been able to find cracks in the technology. According to Anderson:

In recent years, facial recognition technology has greatly improved its accuracy and is nearing a 98 percent success rate. Discovered methods of deception, user error and the fact that facial scanning can be faulty in direct sunlight make up the two percent gap. Hackers have been able to reverse engineer the biometric information stored in (not-so-)secure databases to print photos that dupe most face scanners. Security researchers at companies like MasterCard and USAA believe blinking is the best way to prevent a fraudster from holding up a picture of the individual being impersonated to fool the system.

More accurate than fingerprint or facial recognition, voice authentication has a 99.99 percent success rate. According to Anderson, it should be a top security choice for financial institutions, particularly when it comes to important, high-dollar transactions. From the piece:

A voice print is a sophisticated model against which future voice utterances are compared, using complex algorithmic processing. There is no physical “voice” or sound recorded on the computer. One cannot reverse engineer a voice biometric template or print to create a spoken voice.

Anderson goes on to emphasize that, “Because there is no single, perfect solution, it is recommended that multiple verification methods be employed by financial institutions.”

Click here to read the full article on Biometric Update’s website. To learn more about Enacomm Voice Authentication (EVA), go here.

The Latest Battle between Security Technologists and Law Enforcement

This week, a new report authored by 15 cybersecurity and computer science experts warned that the FBI’s goal of gaining “exceptional access” to tech companies’ encryption systems could pose an even bigger risk than anything fraudsters or terrorists could cook up. The Computer Science and Artificial Intelligence Laboratory Technical Report—issued by MIT—is titled “Keys Under Doormats: Mandating insecurity by requiring government access to all data and communications”.

The report was a grenade from technologists and privacy advocates in their ideological war with intelligence and law enforcement leaders. The group of security technologists intentionally issued the 31-pager the day before FBI Director James Comey and Sally Quillian Yates, the deputy attorney general at the Justice Department, testified before the Senate Judiciary Committee.

Comey fired back in a LAWFARE op-ed that there are lots of good things about universally strong encryption (e.g., expanded privacy and protection from cybercriminals), but the benefits must be weighed against the potential risks of making it harder for the government to access the digital communications and data of likely wrongdoers.

Scott O’Connell of the Telegram & Gazette paints a picture of the U.S. government’s concerns:

Somewhere in cyberspace, ISIS operatives are busy planning something and the Federal Bureau of Investigation’s concern is that thanks to today’s stronger encryption technology, it’s increasingly difficult to figure out what that something is.

Here’s to hoping that both sides continue their efforts to come together and reach a balanced solution through fair-minded and healthy discussion, as encouraged by Comey.Keys under Doormats - Meme

Freedom and Security in Cyberspace with Multi-Factor Authentication

Today, with nearly every aspect of Americans’ everyday lives tied to the Internet, online security has never been more important to protecting our freedoms. When it comes to personal banking, Mercator Advisory Group reports that 86% of U.S. adults now manage their bank accounts electronically. However, only half of smartphone owners with a bank account did at least one mobile banking transaction last year, according to a report from RateWatch. Nearly two-thirds of those who did not use mobile banking cited security concerns, and RateWatch contends that mobile banking will only increase if those concerns are addressed. When it comes to banking transactions, passwords are not enough – and The White House agrees.

Earlier this year, the federal government released a Fact Sheet tied to its Summit on Cybersecurity and Consumer Protection. From the release:

“As a nation, the United States has become highly digitally dependent…But this dependency also creates risks that threaten national security, private enterprises and individual rights. It is a threat not just here in the United States, but one that everyone, everywhere who is connected to cyberspace faces.”

President Obama has been committed to strengthening our country’s cybersecurity since he first took office, but cyber threats “have grown more diffuse, acute, and destructive”. Fraudsters take advantage of the reach and anonymity that cyberspace presents.

Banks are top targets for cybercriminals. Multi-factor authentication, which means that a user’s identity is verified for a transaction or login using more than one method of authentication, is critical to protecting financial institutions and their customers. Enacomm offers new authentication technology that does not rely solely on a password, but instead employs Knowledge-Based Authentication (KBA) and biometrics. Enacomm’s mobile eKBA uses a layered, dynamic approach – versus older static methods – and integrates fraud detection, validation and authentication into a single process, while Enacomm Voice Authentication (EVA) authenticates and protects customers using voice biometrics with a 99.99 percent success rate.

Combining KBA with biometrics creates a robust defense against fraudsters. Enacomm’s security technology for financial institutions is compliant with FFIEC guidance, the federal Fair Credit Reporting Act, the USA Patriot Act, and the Gramm-Leach-Bliley Act, and it’s aligned with The White House’s new Cybersecurity and Consumer Protection Initiative.

To learn more, reach out to the Enacomm team at 1-877-860-0025 or sales@enacomm.net.

4th of July - meme