With the launch of our biometric facial recognition service SmileID our customers have asked us for the use cases where they can apply this kind of authentication service. We always reply the same way: as a two-factor authentication (2FA) or in cases that don’t require a high security level.
Reasons that justify the use of biometric facial recognition service for these use cases:
The use of biometric technology (something you are) in authentication includes measurements of technical features (such as your fingerprints, iris, or your face) or behavioral characteristics (rhythm in writing). Both are considered biometric methods.
The reasons to consider limiting their use are:
- The False Positive Rate (FPR) means it cannot offer full reliability by itself of the person’s authentication.
- Biometric comparison is probabilistic, where other factors (like user/password) are deterministic.
- Biometric features are not secrets. Biometric information can be obtained online, taking an image (face) or through knowledge of the people obtained from objects that someone touches (fingerprints) or captured with high-resolution cameras (iris). Some solutions like SmileID for facial authentication can detect attacks like proof of life which mitigates these risks. Even so, it is not recommended for strong authentication levels.
At eID we recommend using SmileID as part of a multi-factor authentication strategy combined with something you know (password) or something physical you possess (mobile device).
SmileID is a unique technology whereas identity is being verified remotely and is compliance with KYC/AML stringent regulations thanks to VideoID. It has a unique UX, works in any channel and from a mobile, desktop or even in a branch office. Besides, registration is frictionless when you already know the client.
Our service has been in production for just a few weeks and even with its limitations we keep coming up with ideas that could make our users’ lives easier with a smoother experience. Here are some cases:
- Use SmileID as an authentication factor on any device to meet your customer beforehand and provide him/her with information that does not require high security like account balance queries or added value information.
- As a tool to know your customer when he/she is not logged in and suggest information to make it easier to access the system like his/her user name.
- It can be a perfect ally in an omnichannel strategy like to optimize lines at branches or to connect your customer to CRM and obtain quality information to personalize your relationship.
- Imagine that you have a partnership with a third party who you give a credit scoring service or consumer credit. You can set up authentication in your applications to know the customer and provide him/her with a fast and easy contracting experience.
- You can substitute SmileID for costly and inefficient multi-factors of authentication like OTPs or as 2FA when signing transactions.
One of the major advantages of biometric facial recognition is its concept of universality since it can be used smoothly by the user on any device that has a camera: cellphone, tablet, PC, or even on a TV, a Raspberry camera or at a kiosk or totem. This makes it extremely versatile at a much lower cost than other solutions that need specific hardware like for fingerprints, which means those solutions can only exist in a face-to-face situation.