Passwordless systems in fintech: How banks and startups are implementing new technologies
Passwordless systems are systems that allow users to identify themselves and access various services without having to enter passwords or other sensitive data. Passwordless systems are based on the use of biometric, behavioral or contextual factors that are unique to each user and difficult to fake.
Passwordless systems are of great importance in fintech, as they increase the level of security, convenience and trust in financial transactions. According to a Juniper Research report, by 2025 more than 1.1 billion users will use passwordless systems to access their bank accounts, which will be about 57% of the total number of banking users.
The purpose of this article is to look at how banks and startups are implementing passwordless systems in their products and services, what advantages and disadvantages they have, what problems and challenges they face, and what development prospects they have in the future.
Overview of passwordless systems in fintech
The main types of passwordless systems that are used in fintech can be divided into three categories:
- Biometric systems are systems that identify a user by their physical or behavioral characteristics, such as fingerprints, face, voice, or handwriting recognition. Examples of such systems are Apple Face ID, Samsung Iris Scan or Mastercard Identity Check.
- Behavioral systems are systems that analyze user behavior when using a service, such as keystroke speed, mouse movements, location or time of day. Examples of such systems are BehavioSec, BioConnect or NuData Security.
- Context systems are systems that take into account additional factors of the user’s environment during authentication, such as device type, IP address, network, or geolocation. Examples of such systems are Google Smart Lock, Microsoft Windows Hello or FIDO Alliance.
The advantages of using passwordless systems in fintech are:
- Increased security – passwordless systems reduce the risk of password theft or leakage, and also protect against phishing, brute force or replay attacks.
- Enhanced Convenience – Passwordless systems speed up and simplify the user authentication process by eliminating the need to remember or type passwords.
- Increased trust – passwordless systems increase the user’s trust in the service, as he feels that his personal data is protected and respected.
The disadvantages of using passwordless systems in fintech are:
- High cost – passwordless systems require significant investment in development, testing and support, as well as ensuring compatibility with various devices and platforms.
- Low availability – passwordless systems may not be available or effective in some situations, such as poor lighting, noise, poor internet quality, or lack of certain sensors on the user’s device.
- Low Adoption – Passwordless systems may face a lack of acceptance from users or regulators who may be mistrustful or unaware of the benefits and risks of such systems.
The role of passwordless systems in modern banking
Banks are one of the main adopters of passwordless systems in fintech as they seek to increase the level of security, convenience and trust in the provision of their services. Some examples and cases of using passwordless systems in banks:
- HSBC – British bank HSBC has implemented a Voice ID system that allows customers to identify themselves by voice when calling a contact center. The system analyzes more than 100 parameters of the client’s voice, such as tonality, speed, accent and pronunciation. The Voice ID system has reduced customer authentication times by 15% and has also prevented more than £400 million worth of fraud since its launch in 2016.
- BBVA – Spanish bank BBVA has launched the Veridas system, which allows customers to open accounts online using facial recognition. The Veridas system uses artificial intelligence technology to compare a customer’s selfie with their ID document. The Veridas system increased customer conversions by 40% and also reduced account opening time to 10 minutes.
- USAA – US Bank USAA was one of the first banks to offer its customers the ability to use fingerprint, face or voice recognition to access their mobile app. USAA partnered with Daon, which developed the IdentityX platform, which integrates various types of biometric authentication. More than 2 million USAA customers have enabled passwordless access to their app.
The prospects for the use of passwordless systems in banks depend on several factors, such as:
- Technological development – the constant improvement of the quality, speed and accuracy of passwordless systems, as well as the expansion of their functionality and capabilities.
- User demand – the growing desire of users to have easier, faster and more secure access to their financial data and services.
- Regulation – compliance with the requirements and standards of regulators to ensure the security, privacy and ownership of user data.
- Competition – differentiation from other banks and fintech companies in terms of innovation, quality and convenience of services provided.
Given these factors, it can be expected that passwordless systems will increasingly penetrate the banking industry, as they are an effective way to increase customer loyalty and satisfaction, as well as reduce costs and risks for banks.
Implementation of passwordless systems by startups
Startups are also actively using passwordless systems in their products and services, showing innovations and breakthroughs in the field of fintech. Some examples and use cases of passwordless systems by startups:
- Nok Nok Labs – American startup Nok Nok Labs has developed the S3 Authentication Suite platform, which allows companies to easily integrate various types of passwordless authentication into their applications and websites. The S3 Authentication Suite platform supports the FIDO (Fast Identity Online) standard, which is the international standard for passwordless authentication. Among the clients of Nok Nok Labs are companies such as PayPal, SoftBank, Samsung or Lenovo.
- HYPR – American startup HYPR has developed the HYPR Cloud Platform, which allows companies to migrate their users to completely passwordless authentication. The HYPR Cloud Platform uses decentralized biometrics technology, which stores the user’s biometric data on their device, and not on the company’s server. This improves the security and privacy of user data and reduces the cost of maintaining passwords. HYPR’s clients include companies such as Mastercard, T-Mobile or Rakuten.
- Zighra – Canadian startup Zighra has developed the SensifyID platform, which allows companies to use behavioral biometrics to authenticate their users. The SensifyID platform analyzes micro-patterns of user behavior when using the service, such as mouse movements, keystrokes or screen gestures. The SensifyID platform learns based on machine learning and neural networks, adapting to changes in user behavior. Zighra’s clients include companies such as TD Bank, Scotiabank or Equifax.
Problems and challenges in the implementation of passwordless systems
When implementing passwordless systems in fintech, both banks and startups have to face various problems and challenges that can hinder or hinder the successful implementation of such systems. Some of these issues and challenges are:
- Security Issues – While passwordless systems improve security over passwords, they are not completely secure and can be subject to various types of attacks such as biometric spoofing, copying behavioral patterns, or manipulation of contextual factors. In addition, passwordless systems may introduce new vulnerabilities or risks to user data, such as unauthorized access to biometric data, privacy breaches, or loss of control over their digital identity.
- Privacy Issues – Passwordless systems require the collection, storage and processing of large amounts of personal user data such as fingerprints, faces, voices or behaviors. This can raise concerns among users about how this data is used, who owns it, who has it, and how it is protected. In addition, passwordless systems may violate the rights and freedoms of users, such as the right to anonymity, the right to be forgotten, or the right to consent.
- Technical and Organizational Challenges – Passwordless systems are complex and dynamic technologies that require a high level of expertise, resources, and support to develop, test, and maintain them. In addition, passwordless systems require changes in organizational processes, culture, and policies to implement them, as well as alignment with various stakeholders such as users, regulators, partners, or competitors.
Prospects for the development of passwordless systems in fintech
Passwordless systems in fintech have great prospects for the future, as they meet the growing needs and expectations of users, companies and regulators in the field of security, convenience and trust in financial transactions. Some of the predictions and trends for the future:
- Expansion of use – passwordless systems will be increasingly used not only for user authentication, but also for other purposes, such as identity verification, transaction authorization, document signing or access control.
- Quality improvement – passwordless systems will increasingly improve their quality, speed and accuracy, as well as expand their functionality and capabilities. For example, there will be new types of biometric authentication, such as handwriting or DNA recognition, or new types of behavioral authentication, such as analysis of emotions or personality traits.
- Technology integration – passwordless systems will increasingly integrate with other technologies such as blockchain, artificial intelligence or the Internet of things. This will enable more secure, smarter and more versatile passwordless authentication solutions.
- Potential Impact on Financial Services Development and User Experience – Passwordless systems can have a significant impact on financial services development and user experience as they can enable new business models, products and services, as well as increase user loyalty and satisfaction.
In this article, we looked at what passwordless systems are and how they are used in fintech. We learned about the advantages and disadvantages of such systems, as well as examples and cases of their use in banks and startups. We also discussed the problems and challenges in implementing passwordless systems, as well as the prospects for their development in the future.