TSB to let customers access accounts using just their eyes
This is the first time a major bank has used iris scanning technology
TSB customers will soon be able to access mobile banking by simply looking at their phone's camera, marking the first time a major bank has opted for iris-scanning biometric authentication.
Starting from September, customers using a Galaxy S8 or S8+ phone will be able to use the Samsung Pass iris scanner to unlock the TSB banking app. It will first require users to register their biometric data within the app, which can then be used instead of traditional passwords and pin numbers.
TSB's CIO Carlos Abarca described the tech as the "most secure method of authentication available today", saying the move was an effort to create a more customer-friendly approach to identification.
"We want our mobile app customers to continue to have a fast, easy-to-use experience; iris recognition delivers that and, when combined with our other security measures, an unparalleled level of cyber security," said Abarca.
Iris scanning is not a new concept as a tool for authentication and is frequently used by airports for automated passport checks. However, it's the integration of the technology into handheld personal devices that's proving to be the most exciting use of the tech, but also the most difficult.
This latest attempt will represent another major test of new biometric authentication measures, some of which have proved to be easily fooled or hacked.
Earlier this year, German hackers managed to successfully bypass Samsung's iris scanner by using a 3D printed eye that matched photos taken of the account user. The hacking group claimeda high definition picture taken from the internet was enough to capture the a person's iris, something which Samsung has dismissed as "impossible".
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
When HSBC introduced voice recognition to prevent banking fraud, theBBC's Dan Simmons demonstrated the ease at which the technology could be tricked, by getting his non-identical twin brother Joe to impersonate his voice. HSBC said it would be reviewing the technology to see how it could be improved.
Abarca remained optimistic that the technology would prove to be a success. "There's no security option that is absolutely perfect," he said, speaking to the BBC. "We're relying not only on the biometrics but the digital certificate on the phone. To fake your eyeball is potentially possible - but it is extremely difficult."
Customers with an S8 or S8+ can try the new tech out when it becomes available in September, however, you may find it easier to just stick with a simple scan of a fingerprint.
Dale Walker is a contributor specializing in cybersecurity, data protection, and IT regulations. He was the former managing editor at ITPro, as well as its sibling sites CloudPro and ChannelPro. He spent a number of years reporting for ITPro from numerous domestic and international events, including IBM, Red Hat, Google, and has been a regular reporter for Microsoft's various yearly showcases, including Ignite.