Report Looks at Biometrics' Limits in Financial Market

June 23, 2006
Success found when used for internal security, but problems when delivering to all customers

It may be championed as the highest level of security, but biometrics isn't ready for wide deployment as a consumer application, a new report says.

According to Financial Insights, a subsidiary of research company IDC, biometric deployment will grow significantly over the coming years, but its upward climb will be limited for use within a bank's internal security network.

Financial Insights said it would be "several years" before automated biometric authentication devices can be fruitfully implemented at the customer level.

"Numerous banks in Asia have already implemented biometrics for internal-security purposes, but problems arise when they try to implement customer-level biometric authentication," Financial Insights analyst Abhishek Kumar noted.

The challenge is, he said, that biometric devices are still mostly proprietary. This gives way to interoperability issues, and banks find it tough to make such deployments user-friendly for their customers.

"The lack of standardization between devices, little regulatory guidance and cost concerns show that the practical implementation of biometric authentication on a customer level is still several years away," Kumar said.

However, he told ZDNet Asia that some of these issues can be resolved, though it would require "a lot of attention," and banks would have to fully commit to pushing biometrics as a security feature.

"Banks can take the initiative to set up their own middleware applications, which cater to various types of authentication, but this is a very expensive and impractical solution," Kumar said.

So should banks form an alliance to establish common standards and improve device interoperability? Kumar noted that this might "make sense" for banks operating on one ATM (Asynchronous Transfer Mode) network that have the common goal of driving biometric adoption. But that, he said, is unlikely to happen in the near future.

"Most likely, the onus will be on the vendors to come up with an industry standard and then present that to banks," he said.

In countries such as Singapore and Hong Kong, banks are required to implement two-factor authentication, but Kumar does not believe that this would significantly drive the adoption of biometrics.

"(For banks in these countries), we are currently not seeing any move to incorporate biometrics into this type of authentication," he noted. "At the moment, two-factor authentication seems to involve mostly hardware and software tokens."

Instead, most of the revenue growth for biometrics will likely come from initiatives to secure physical premises, he said.

According to figures from the International Biometric Group, global biometrics revenues will increase from $2.1 billion in 2006 to $5.7 billion in 2010. It forecasts Asia and North America to be the largest markets in consumption of biometric products and services.

Fingerprint scanning is projected to make up 43.6 percent of the overall biometrics market this year, followed by facial recognition at 19 percent.

Past discussions about biometrics have also revolved around concerns over accuracy and privacy.

Eileen Yu of ZDNet Asia reported from Singapore.