Apple, Samsung, PayPal, Square, Google Wallet among others along with countless financial institutions and retailers are fiercely marketing their applications to enable mobile payments.
Much is being researched and written on the subjects of mobile payment security and the use of biometrics as a replacement to traditional user names and passwords. As more mobile devices that contain our identification and personal information hit the market, the securing of these devices to recognize and authenticate their rightful owners will likely determine who succeeds and those who fail.
Most likely, we expect a combination of biometric technologies to be used to authenticate mobile devices and payment transactions and a multi-factor authentication scenario. A typical application may demonstrate one using a fingerprint or iris to unlock a smartphone or tablet, then employing the users voice to authenticate themselves to their banks call center or mobile application to obtain account information or make a transaction. Neither requires a password, a pin number or any information typed into the device.
The FIDO (Fast IDentity Online) Alliance is currently working toward developing technical specifications to enable these types of transactions with interoperability among strong authentication devices and relying parties to authenticate users and help protect user privacy. Their protocols do not allow user information used by different online services to collaborate or track a user across the services. The users personal credentials and any biometric information never leaves the user's device.
We predict that voice will rank among the top modalities used in most devices given its ease-of-use for both the end user and the device manufacturer, its ability to secure both the device and the transaction either on its own or with another layer of security, and the overall universality to use ones voice. According to a 2013 consumer survey report by the Ponemon Institute, voice recognition was one of the most acceptable types of biometric authentication in the United States, the United Kingdom and Germany.
More recently in August, Goode Intelligence published a white paper on voice biometrics for securing mobile devices and states that biometrics on mobile devices has moved from a curiosity to a must have for high end smartphones." The paper, based on broader market research report covering both mobile and wearable devices, also published in August, recognizes that voice biometric authentication is not only a natural addition to smart devices, it offers more security and convenience than existing speech and voice recognition technologies for a wide range of devices for many reasons, including user acceptancevoice is the preferred mode of biometric mobile authentication in surveys; multiplatform authenticationvoice may be used to secure mobile, wearable and other devices.
Also, the technology is automatically available on all smartphones. No additional hardware needed as all devices have a microphone. The technology is also non-intrusive, accurate, revocable, stable and provenvoice has been widely accepted and used in law enforcement around the world for decades. Voice prints can also be protected against spoofing attacks.
As biometrics technologies mature, consumer perceptions, experiences and acceptance will dictate which modalities and features are integrated into mobile devices for securing online payments and adopted by financial institutions. Both voice and fingerprint appear to be leading the pack so far.
Mike Goldgof is the Vice President of Marketing at AGNITiO.