CONTINUE TO SITE »
or wait 15 seconds

News

Biometrics-based ATM authentication — without a hardware upgrade

The solution requires no retrofitting of ATMs, and it establishes secure two-way SSL communication between the ATM and a biometric open protocol standard-compliant bank server.

February 20, 2015

Hoyos Labs, a digital infrastructure security company, was at the ATMIA US conference this week, demonstrating a new biometrics-based ATM that will eliminate the need for ATM cards and PINs.

Banks can embed the Hoyos software into their mobile banking apps to seamlessly allow customers to use biometric information — facial, periocular, fingerprint, iris — to authenticate their identity and access their bank account. The customer simply downloads the mobile banking app onto a smartphone to link the ATM with bank accounts — no additional hardware needed.

Importantly, the technology does not store PINs, passwords or bankcard numbers on the smartphone at any time, so the probability of a person having personal financial information stolen is nearly nonexistent.

HoyosID-enabled software, which requires no retrofitting of ATMs, establishes a secure two-way SSL communication between the ATM and a biometric open protocol standard-compliant bank server.

BOPS, an IEEE standard developed by Hoyos, comprises a set of rules that govern secure communications among a variety of client devices —mobile phones, desktop computers and ATMs, among others — as well as a trusted server managing the biometric data captured by those devices.

"Our technology will change the way that banks service customers, because people will no longer have to carry their bank cards or remember their PINs to safeguard their financial material and access their accounts," said Hector Hoyos, CEO of Hoyos Labs. "Every time that bank customers use ATMs, they are at risk to be skimmed, as 50 percent of ATM fraud now originates from cards that are skimmed at bank-owned ATMs. That figure is rising every year, and our new mobile app allows people to access their bank accounts and withdraw money by doing nothing more than taking a selfie to authenticate their identities."

Customers use the app to scan a QR code displayed on the ATM screen; this links the ATM with the smartphone and authenticates a cutomer's identity. Once verified, customers can access their accounts to withdraw money using the ATM, or automatically get of cash that has been queued up in the app beforehand.

The app uses a proprietary, state-of-the-art "liveness" detection system that can distinguish a real person from an image or video.

"Two things are of paramount importance when it comes to financial transactions: privacy and convenience," Hoyos said. "Using biometrics as a means of authentication ensures that you and only you are granted access to your bank records and authorized to make transactions and other uses of your financial accounts. On top of the government-level security that you're getting, it takes less than 30 seconds, from opening the app that lives on your smartphone to withdraw money from your account."

Related Media

Security
Examining biggest ATM security issues and 4 strategies to prevent them
Security
Banking privacy: 5 benefits for banks, customers
Security
Protecting an ATM's hardware, software by slowing down criminals
On-Demand Webinar
A Masterclass in ATM Security: Global Best Practices and Trends
Presented by Diebold Nixdorf
Recent Posts
ParaScript intros verification solution for checks
Nymeo Federal Credit Union wins recognition as 1 of the best workplaces in Maryland
SEC accuses former ATM businessman Daryl Heller of funneling $185M from investors
Fifth Third named as top veteran friendly employer
DC AG sues Bitcoin ATM operator Athena Bitcoin for allegedly exploiting scam victims


©2025 Networld Media Group, LLC. All rights reserved.
b'S1-NEW'