Biometric Verification 101
Increase security and reduce customer friction with biometric factors
What is Biometric Verification?
Biometric verification uses physical characteristics that are unique to a consumer to validate their identity. Common examples of the use of biometric factors include unlocking a phone with a fingerprint, checking in at an airline self-service kiosk using a facial scan, and activating a virtual assistant with voice commands. Biometrics enables businesses to verify the identity of new and returning customers with factors that are nearly impossible to steal or duplicate.
In addition to fingerprint biometrics and facial scans, voice prints, retina scans, palm scans, and even consumer behavior (known as behavioral biometrics) are among the modalities that can be used to verify identity. As identity fraud rose during the pandemic – the 2022 Identity and Fraud Survey from Javelin Research & Strategy reported a 109% growth in new account fraud – so did the use of biometrics.1
The GetApp 2022 Data Security Survey found that the use of biometric authentication by U.S. businesses has nearly tripled from 27% in 2019 to 79% in 2022.2 Statista reported: “According to a 2021 survey carried out among industry professionals all around the globe 53 percent of respondents strongly agree with the statement that biometrics would play a key role in the enabling of digital identities.”3
How Does Biometric Verification Work?
When a customer opens an account online, or digitally onboards, they are first asked to prove they are who they say they are. Most often, the customer provides an ID document, such as a drivers’ license or passport, which the company then uses to validate the identity. The customer will be asked to provide one biometric modality (or sometimes more), as user identification that will be used to verify them whenever they return, such as a fingerprint or a facial scan.
The elements of the biometric factor necessary to identify the customer are stored by the company in a database so the customer can be identified each time they return to their account. To gain account access, the customer provides the biometric modality, and the company compares it against the sample the customer gave at onboarding.
For example, a customer returning to their online bank can unlock their account by using the camera in their phone or computer to run a facial scan, and the company will verify it against their original facial scan. Or, when a customer calls a contact center, where as much as two-thirds of fraud occurs, their voice can be validated as they start speaking to the agent.
Why Does Biometric Verification Matter?
Biometric verification increases both security and customer ease. Relying on a verification factor that is intrinsically part of the customer, instead of the answer to a security question or a password, diminishes the opportunities for criminals to steal or duplicate the information.
Increasingly, biometrics are being included in the official ID documents that customers use to prove their identity when they onboard. Several U.S. states offer enhanced drivers licenses, and many countries offer e-passports that include near-field communication (NFC) chips that can provide the biometric data necessary to verify identity. McKinsey estimates that businesses using digital ID-enabled processes can potentially reduce onboarding costs by up to 90%.4
It’s clear that customers prefer biometrics. Even before the pandemic increased the use of biometrics, in January 2020 Visa reported that two-thirds of its surveyed cardholders had used biometrics and viewed them as easier to use than passwords.5 The 2021 Experian Global Identity Fraud Report revealed that 74% of consumers chose physical biometrics as their preferred security method.6
Types of Biometric Verification
Several physical characteristics have been identified as unique and unchanging enough to be used for biometric screening.
Fingerprints are unique, difficult to change, and durable, and they have long been used for identification. From notarizations to identifying possible criminal suspects, fingerprint biometrics are frequently used in the physical world and their familiarity has carried over to the digital space. At onboarding, customers provide a sample through a fingerprint reader built into their phone or computer, which is typically built into a button or key. When they log in after that, the characteristics of the fingerprint they provide are compared against the fingerprint characteristics on file.
In facial recognition, the features and characteristics of a customer’s face are scanned and analyzed, creating a set of biometric data used to identify the customer and grant them access when they return. AI and machine learning are frequently used in the complex calculations necessary to create the initial scan and to match it each time the customer accesses their account.
In voice recognition, a customer provides a sample of their voice, which is then used to create a voiceprint for future verification. In a text dependent voice verification system, the customer is asked to repeat a particular sentence both at onboarding and for future authentication. In a text independent voice verification system, the customer can be identified from any words they say. The evolving sophistication of deep fakes, a type of fraud that mimics voices and their unique qualities, may also imply a greater need to use a second biometric modality in combination with voice.
Iris and Retina Recognition
Both iris and retina recognition use the eye’s physiological characteristics to identify a person. In iris scanning, a high-contrast photograph is taken of a person’s iris, revealing its unique patterns, which can be recognized by a scanner using invisible infrared light. The retina has a complex network of blood vessels that creates an exact and unique pattern, different in every person, and which retinal scanners “read “using a low-energy LED beam.
Hand Geometry Recognition
This biometric modality requires a person, typically an employee, to place their hand inside a reader that captures an image of the hand and creates a biometric template that can be used to identify the person.
Behavioral biometrics identifies users through their activity; this may include finding the patterns in how they use a mouse, make keystrokes, press a touchscreen, hold a phone, or move between screens on a computer. Behavioral recognition uses machine learning to establish norms and differentiate between a real customer and a bad actor.
Just as in the physical world, digital signature recognition identifies a person based on their handwritten signature. For online recognition, a person writes their signature on a pressure-sensitive digital pad or tablet, and a dynamic verification process captures the shape of the signature along with elements such as the pressure at each point, the speed of the signature, and the number and order of strokes.
In terms of practicality and ease of use by consumers and companies for digital onboarding and verification, the most common biometric modalities used are fingerprint recognition, voice recognition, face recognition, and behavioral recognition.
What Use Cases Can Benefit from Biometric Verification?
It’s critical for businesses that deal with the most confidential information – including banks, governmental agencies, and healthcare organizations – to embrace the added security that biometric modalities offer.
But as cybercriminals become increasingly sophisticated, almost any business that conducts transactions online can benefit from using biometrics. Three key activities where biometrics can provide an advantage are:
Whether it’s a customer buying online from their favorite small business or a client moving money between digital bank accounts, ensuring the safety of the transaction saves both the customer and the business the headaches (and losses) associated with fraudulent transactions. Biometrics provides an added level of reassurance that the buyer or client is who they claim to be, and that the transaction is genuine.
Protecting Customer Data
No matter how large or small a business is, its customer data is valuable – not just to the business and customer, but to cybercriminals who can steal it and multiply the problem by selling the details to other fraudsters. Implementing biometric factors for account access improves the security of customer data; decreased hackability, when compared to more traditional security measures like passwords and knowledge-based questions, is the biggest strength of any type of biometric verification.
Building Customer Trust
One of the most important assets of every business is its relationship with its customers. Biometrics protects customer accounts and lets customers know that the company values their information as much as they do. By building trust with customers through biometric verification, companies can avoid losing their business to competitors that still rely on outdated, vulnerable security measures.
Benefits of Biometric Verification
Using biometric verification offers several advantages to organizations and businesses of all sizes, including increased security, reduced costs, and an improved customer experience.
Biometric modalities give businesses the ability to dramatically increase their security. Passwords can be lost or hacked, and to easily remember them, users often make passwords too simple – and way too easy for hackers to guess. Security questions and pins are similarly vulnerable, as they can be easily intercepted by cybercriminals. Biometric modalities can’t be shared with anyone else and, because they rely on unique physical traits, they are hard to spoof.
In the banking industry, switching to biometrics can cut the costs of access cards and sending PINs. In many other industries with paper-based reporting, the increased security of biometric verification can entice more customers to go paperless. Biometrics also saves on customer service costs, as they eliminate the burden of resetting accounts due to lost passwords. And, since they can’t be shared, switching to biometrics can help subscription services increase revenue by removing the ability to share passwords.
Better Customer Experience
Customers want their accounts and data to be very secure, but they also want onboarding and access to be fast and easy. Customers around the world are already embracing biometrics to unlock phones and computers with a fingerprint or facial scan – Statista reported that 80% of active phones in North America, Western Europe, and the Asia Pacific have enabled biometrics7 – so why not perform identity proofing and authentication to access accounts in the same way?
Why Your Company Needs Biometric Verification
Fraud spiked during the pandemic and continues to rise. Over 1.4 million identity theft reports were made to the Federal Trade Commission in 2021.8 The Q3 2022 Digital Trust & Safety Index from Sift reports that account takeovers alone were up 131% in the first half of 2022 compared to the first half of 20219: its Q3 2021 report found that account takeovers had risen 307% since April 2019.10 The cost of fraud to businesses and consumers in 2021 was nearly 6 billion dollars.
Every business needs to look at how it secures its customer accounts, data, and transactions. But while the choice to increase security is an easy one, the difficulty lies in finding an identity solutions provider that will ensure friction for customers won’t increase with the adoption of enhanced security measures. If it’s too hard to onboard, customers will leave mid-process and look for a comparable company with an easier onboarding experience.
Biometrics lets your business improve both security and the customer experience. Learn about the advantages of using AI-powered biometrics from Daon®.
 Javelin Strategy and Research, “2022 Identity Study Report: The Virtual Battleground,” March 29, 2022.
 GetApp, “GetApp’s 2022 Data Security Survey – Seven Startling Statistics,” September 19, 2022.
 Statista, “Attitudes towards biometrics and digital identity worldwide 2021,” published November 8, 2022.
 McKinsey Global Institute, “Digital identification: a key to inclusive growth,” April 2019.
 Visa, “Banking on biometrics: half of cardholders would switch,” January 2, 2020.
 Experian, “2021 Global Identity and Fraud Report,” April 2021.
 Statista, “Biometric-enabled active phones in North America, Western Europe, and the Asia Pacific 2016-2020, published October 6, 2022.
 Federal Trade Commission, “New Data Shows FTC Received 2.8 Million Fraud Reports from Consumers in 2021,” February 22, 2022.
 Sift, “Q3 DIGITAL TRUST & SAFETY INDEX, Account takeover data, trends, and insights,” 2022.
 Sift, “Q3 DIGITAL TRUST & SAFETY INDEX, Battling the new breed of account takeover fraud,” 2021.