Iris scanning technology is not new, but actual reliable implementations of it are still far and few between. Like anything else in tech that’s changing. TSB, a United Kingdom bank, is planning to start using iris-scanning technology for its mobile banking app in September this year. Users will be able to access their accounts online by essentially using their eye characteristics as passwords.
The deployment will make TSB the first UK high street bank and the first bank in Europe to employ iris-scanning technology. The technology comes from Samsung and only customers using the latest Samsung Galaxy S8 will be able to use iris recognition to access their TSB accounts. The bank already supports fingerprint recognition-based logins.
Convenience And Safe Options
TSB customers with a Samsung Galaxy S8 or S8+ smartphone will have the option, from September 2017, to unlock their TSB mobile banking app using either the Samsung Pass iris scanner or the existing fingerprint identification feature. Obviously the goal here is to eliminate the need for complex, unmemorable passwords and usernames. However, once customers log in through an iris scan app, they have to enter a password or secret number. Use of the iris scan is optional and other account access options will continue to be available.
Carlos Abarca, chief information officer at TSB, Carlos Abarca, believes iris recognition is more secure than other forms of biometrics. He states, "It takes advantage of 266 different characteristics, compared with 40 for fingerprints. Iris recognition allows you to unlock your TSB mobile app with a simple glance, meaning all of those IDs, passwords and memorable information become a thing of the past."
Roadblocks Inevitable
There are the obvious questions about whether iris-scanning technology is secure. For example, German hackers were recently able to trick a Samsung Galaxy S8’s iris scanner with a picture of the device owner’s eye and a contact lens. One solution is, like TSB’s, is to have several other security checks work with the iris scan, i.e., iris scan plus password or code, or vice versa.
As per Richard Parris, chief executive of software firm Intercede, “Rather than use biometrics in isolation, businesses need to be looking at strong authentication that incorporates three distinct elements – possession (something you have, such as a smartphone), knowledge (something you know, such as a PIN), and inherence (something you are, an iris scan).”
Ancient Wisdom
It was not long ago that banking security was fairly foolproof. In the “dark days” prior to 1990 or there abouts, banking was done face to face and involved pieces of paper called deposit or withdrawal slips. Often, one’s transactions were sped up, security wise, because the same tellers were behind the glass terminals and they recognized established customers. It was easy to detect a security breach. It was the one wearing a mask, holding a gun and a bag saying “Stick em’ Up”! Now, the eyes have it. ~MD