Regulatory intervention will spell the doom of static passwords and poor authentication, and the death knell will sound from the UK, according to Philipp Pointner.
Speaking on the sidelines at Money 20/20 in Amsterdam this week, Pointner said the only reason outdated security methods exist is because regulators still allow them to – but that’s set to change. “I think the UK is a prime target for this kind of change. So many new technologies and fintech companies have shown the way when it comes to fraud control, they’ve shown that it works. I think that is going to be very attractive for the regulator to look at and think, ‘you guys are really onto something here.’
“With all the data breaches and all the data which is on social media now - which people give up willingly - question-based verification systems have actually become a threat now. All the banks know it, and they see the numbers internally, they can see the fraud going up. They have realised that they have to do something.”
Major banks are still struggling to adopt fresh KYC technologies, added Pointner. “Every company has their own floor full of people and all they do all day long is check identities. It’s interesting when you look at the legacy piece as banks are still very slow in adapting these new processes, and they are still having difficulties.
“Where we see the biggest uptake of these new solutions is among the challenger banks and fintechs like Tide, Curve, and Monzo. But the large banks, like HSBC, are taking a little bit of a different path, because they have to work alongside these legacy systems. For them system change and adoption can take a little bit longer.”
On the consumer side, attitudes towards new identification methods are changing. “For consumers showing your ID has never been an issue. When in 2014 it came to showing your face, and matching the face of the user to the photo on the ID, there was a little bit of a breaking point in the conversion rate when people turned that feature on. Nowadays though, nobody cares.”
According to a 2019 fraud report by Experian, 74% of consumers said they were confident physical biometrics would protect their information better than passwords, and the same number also cited security as the most important element of their interactions with a business.
“The big phone manufacturers have paved the way for us there,” added Pointner. “People are now used to showing their face to their phone all the time, even to do things like unlock it and perform transactions. It has become very common. Where people still take a pause is when it comes to a video recording. That is something where people often ask, ‘my bank wants a video of me, that’s crazy.’”
Data storage has always been an extremely sensitive topic for all players in Jumio’s sector, said Pointner. “On our side we have no interest in the data and it is down to what the customer wants. Some will tell us to delete it immediately as soon as processing is finished, and some will ask to hold onto the data for 90 days.
“In the banking industry concerns are also still high around security and compliance, naturally. There’s very rigorous questioning and checking, even auditing, everything that happens in the beta phase of a system rollout. As a consumer, I feel very good about that to be honest.”