The Natural Security Alliance, a French-based international open source biometric standards-setting body that counts BNP Paribas, MasterCard and Carrefour Banque among its members, has launched what it claims is the world’s first association grouping, the Open Alliance, dedicated to propagating shared wireless biometric authentication to protect transactions. Up until now, the French-based organisation has not tried to corner the international standards market, reports Neil Ainger, but with the launch of the Natural Security Alliance’s open source group that is now changing.
Jean-Pierre Viboud, group chief executive of Oney Banque Accord in France has been appointed as the open group Alliance’s first chairman, overseeing a collection of banks, card schemes, retailers and vendors all dedicated to developing and encouraging a global open source wireless biometric authentication standard. The shared protocol will be freely available to all and can protect transactions around the world.
According to Viboud all open Alliance members, with the initial founding board including AS 24 (TOTAL oil group), Crédit Agricole, Paycert, SIX Payment Services and Swiss Capital International among many others, share a strategic commitment to delivering mission-critical authentication and payment solutions based upon biometric technology. “The Alliance was formed to provide a collaborative space for all professionals who are interested in biometrics and new payment systems to share and develop ideas for an open standard,” he said. “We believe that this information sharing and access to the specifications is one of the main benefits for our members. As chairman my role is to ensure that the open Alliance continues to grow and that we achieve our mission. Ultimately, we hope that our standards and specifications will be used by everyone developing and using biometric systems for payment, logical access or IT access around the world.”
The Natural Security Alliance open group is welcoming of all global entities with an interest in strong authentication, such as banks, card schemes, retailers, manufacturers, testing and certification bodies, building upon the work already done in France over the last few years by a number of domestic organisations. The global open Alliance has six main goals:
• To gather members from all areas of the global payments ecosystem, including banks, merchants, manufacturers and integrators.
• To evangelize and educate the wider payments and consumer communities about the standard and inform them about other areas relating to biometric authentication.
• To promote and encourage the development of products using the standard.
• To license manufacturers of products which use the standard to ensure consistency.
• To drive the evolution of the specifications to fill the security requirements of the marketplace now and in the future.
• To build an interoperability strategy, including tests and certification processes, for the standard.
The first open Alliance working groups will be announced shortly, says the new body, and initial topics will cover EMV-based face-to-face payments and cash withdrawals, plus online authentication and mobile wallets for face-to-face payments - all of which the body feels would benefit from biometric standards.
News Analysis: RoI
Up until now biometrics have been a security technique that some financial services companies, corporations and others have been happy to use internally or as a pilot, deploying fingerprint or voice identification to verify users but it has not gained widespread cross-border international acceptance - except perhaps for accessing specific buildings. Apple famously rolled out fingerprint IDs for users of its latest iPhone this year and many years ago Dutch banks were deploying voice IDs on their call centre operations, but what has been lacking up until now has been inter-company interoperability and widespread buy-in from all banks, card schemes, retailers and users across international borders.
If the new open Alliance can change this and successfully launch a new global wireless biometric security standard, building upon the work already done in France, then perhaps the technology can at last leave the pages of science fiction behind and gain widespread acceptance in the real world. Other standards-setting bodies may yet wish to have a say, however, and only time will tell if the new methodology gains international acceptance.
The yet to be assessed operating costs of widespread shared information security biometric systems will be the crucial factor in encouraging uptake or not, but the dichotomy is that you need lots of users to obtain economies-of-scale real-world savings - a shared standard could assist this but only time will tell.
The point is that FS and retailer fraud losses will have to be high enough to justify any substantial investment in a widespread global move towards transaction-based biometrics. It is by no means clear that this point has been reached yet, with existing chip and PIN numbers-based authentication only recently rolled out on consumer payment transactions. This PIN technology perhaps has a few more years left of effective return on investment (RoI) life before it is replaced, although biometrics may find a niche in wealth management high-value transactions in the meantime and standards will certainly help encourage adoption.
According to Cedric Hozanne, chief executive of the Natural Security Alliance, the standard was developed in response to the authentication methodologies required by banks, retailers and manufacturers, so it has a ready-made audience. “We’ve invested a lot of time, effort and care into developing a truly unique authentication method that solves many modern issues relating to privacy, convenience and universality,” he said, before adding that the open Alliance has also conducted the world’s first consumer trial of the technology before its present full unveiling.
“To encourage and support widespread adoption of this method, we believe that the specifications need to be shared with industry stakeholders and development work needs to be continued based around their requirements and input,” he said. “Creating an open Alliance now is the perfect way for us to build an ecosystem that can achieve this.”
By Neil Ainger