CONTINUE TO SITE »
or wait 15 seconds

Article

Biometrics: The key to secure, convenient ATM transactions

There are no longer valid technical reasons why we should continue to expose ourselves to crime through the use of dated security systems and practices.

August 20, 2015

by Phil Scarfo, vice president of global marketing for biometrics, HID Global

After years of anticipation, biometrics is now proliferating throughout the worldwide banking infrastructure. As its security and convenience continue to improve the user experience, biometric authentication is also now enabling banks and retailers to offer a host of additional services and benefits.

Securing ATMs, streamlining the user experience

Traditionally, ATM security the world over has relied on two-factor authentication that includes something the user has (a card or token) and something the user knows (a PIN). Unfortunately, we've all come to realize that this approach is increasingly vulnerable to fraud from card loss, theft, and skimming.

Moreover, with the growing multitude of digital credentials, identities and passcodes we need to store on ID cards, tokens and smart devices, we face an even more fundamental problem: None of these digital identities is bound or linked to the actual person. Every new digital identity we create represents yet another detail to manage and, worse yet, a potential threat to our true identity.

The challenge for those who are charged with protecting our true identity and real assets is to strengthen transactional authentication without making ATMs or other systems impossibly hard to use. Biometrics solves the problem while providing the only true means of linking digital identities to "you" and determining "who" is actually using the system.

While several biometric modalities have been tried at ATMs and other self-service kiosks, fingerprint-based biometrics has become the most widely used because of its ease of use, performance, interoperability, ability to thwart imposters, and lower cost.

The ability to work reliably under difficult real-world conditions, ensure proof of presence and prevent the use of fake fingerprints or biometric "spoofs" are all essential components of any successful deployment.

'I'm not dead yet'

HID Global has addressed these challenges with Lumidigm sensors featuring multispectral imaging technology. These sensors use multiple sources and types of light along with advanced polarization techniques to reach all the way down to capillary beds and other subdermal structures to collect truly relevant fingerprint data. The technology also includes field-updatable liveness detection capabilities to ensure that real human tissue can be identified as authentic within a fraction of a second — an important consideration at the ATM.

When managed correctly and coupled with intelligent encryption-enabled and tamper-resistant devices, biometric authentication is secure and requires no more than the touch of a finger to assure a financial institution that an authorized accountholder is actually present at their ATM.

For many public sector banks, this assurance has an additional benefit — it confirms that the user is still alive. This was very important for Argentina's Banco Supervielle, whose kiosks are used to distribute pension benefits from the Administración Nacional de la Seguridad Social.

The bank had a significant problem with fraudsters trying to claim their deceased relatives' pension benefits. To combat the problem, the bank began rolling out fingerprint authentication with multispectral imaging technology in October 2013. ANSES has since released executive resolutions for the broader deployment of biometric authentication using multispectral imaging technology.

Flexible use cases

Since no one security measure alone is 100 percent fraud-proof, the concept of layering remains a core principle of any security solution. Combining fingerprint authentication with a second factor (or multiple factors) can provide even greater security — especially at a time when we are incorporating an expanded set of personal devices such as smartphones, wearables, watches and smart cards into a growing identity and access management ecosystem. The ability to authenticate a secure credential — stored on one of these devices and linked back to the biometric identity of the person — enables a whole new set of transaction capabilities across a broad range of applications and services.

ATM provider Itautec (acquired by OKI in 2014) has employed a card-plus-fingerprint approach using multispectral imaging technology on tens of thousands of ATMs that support hundreds of millions of transactions per month for one of Latin America's largest private banks. With multispectral fingerprint technology, some bank customers even enjoy cardless access for selected, limited-value transactions, thus offering the convenience of making their finger the only required personal "key" or "wallet" for withdrawing cash at an ATM.

As bank cards migrate from mag stripe to chip for higher security, we have the opportunity to incorporate biometric information directly into the smart device itself, allowing for both the card and the person to be authenticated. The very real ability of biometrics to intelligently manage digital credentials on items such as cards, phones and wearables — and to bind these credentials to their legitimate users — is becoming an increasingly important and viable prerequisite for delivering complete identity solutions.

Ultimately, multimodal solutions will combine multiple biometrics with multifactor user credentials in addition to GPS and time factors. This will enable the kind of seamless authentication that will be attractive not only to the financial services industry but also to many other vertical markets and government-based applications where identity and security really matter.

Making sure the 'who' is 'you'

We all have only one true identity and this identity must be protected. The ability to securely link or bind a growing set of digital identities to ourselves with biometrics will not only simplify life but also make it more secure.

Intelligently coupling what we have with who we are is a much better way forward in today's complex digital world. There are no longer valid technical reasons why we should continue to expose ourselves to ID theft through the use of dated security systems and practices.

Biometrics ensures that the myriad digital credentials that can make us vulnerable to criminals will now be under our control. And it also allows anyone who accepts credentials from their user to know "who" is asserting these claims. For in the end, the real identity truly matters to both.

photo istock

Related Media

Innovation

Branch Transformation
Advanced ATM features: 5 to include
ATMIA 26th Annual US Conference
How AI will disrupt, enhance ATMs
Innovation
Bank digital signage: 4 ways to use
Brochure
7D (MX7600DA): Hyosung’s proven, reliable, full-function ATM
Presented by Hyosung

Security
Examining biggest ATM security issues and 4 strategies to prevent them
Security
Banking privacy: 5 benefits for banks, customers
Security
Protecting an ATM's hardware, software by slowing down criminals
On-Demand Webinar
A Masterclass in ATM Security: Global Best Practices and Trends
Presented by Diebold Nixdorf
Recent Posts
UC Berkeley selects BMO as official bank
Chime intros card with 1.5% cashback
TD Bank bringing dog treat ATMs to 14 locations
Coinbase fights back against bank's claim of stablecoin deposit erosion
Diebold Nixdorf named one of Time's World's Best Companies


©2025 Networld Media Group, LLC. All rights reserved.
b'S2-NEW'