The Trust Game- Implications of Apple Face ID For Financial Services

By Mairead Quigley

29 Nov 2017

Unless you've been living under a rock, you will know that the highly anticipated launch of the new iPhone X in 2017 has taken the world by storm. One of the main differentiators of the new phone is Apple's Face ID technology which essentially allows you to use your face as a password. Pretty cool, right?

The use of biometrics has been highly anticipated in the finance industry for a number of years now. Will Apple’s implementation of this technology, with a user base of over one billion worldwide, push increased support for facial recognition technology? and what implications will Face ID have for financial services in the future? ### What is Apple Face ID?

Face ID is Apple’s latest idea to make security and authentication as easy as possible for their users. It leverages state of the art technology that allows you to use your face to unlock your phone and authorise payments from your mobile device. Funnily enough, facial recognition technology is not a new concept. In fact Samsung have already implemented this technology into their devices, however the big difference is that Samsung’s Face ID can be cheated using a photograph whereas Apple’s Face ID promises to be much smarter than that.

Simply put, Apple Face ID uses some of the most advanced hardware and software that Apple have ever created to capture accurate facial data by projecting and analysing over 30,000 “ invisible dots” to create an in depth map of your face and a corresponding infrared image using Apples "True Depth" camera system. The 3D image is then stored on your phone and will allow you to authenticate yourself every time you unlock your phone or need to authorise payments. Apple also utilise state of the art machine learning which can easily automatically detect changes in your appearance such as growing facial hair or wearing make up. It is also designed to work with additional garments such as hat, scarves, gloves, contact lenses and more.

How secure is it?

Apple have claimed that the chances of someone being able to hack into your phone using facial ID is less that one in a million compared to one in 500,000 for Touch ID authentication. They have built in a few tricks which are designed to bolster security such as ensuring users eyes are open, so another person cannot unlock the phone whilst you are asleep. Users must also be looking directly at the camera for Face ID to work correctly and the phone cannot be tricked with photos as flat photos cannot be mapped with 3D infrared dots.

However, as with any new authentication method, there will always be concerns around the reliability of the technology and whether one method is safer than the other.

For example, with the introduction of Touch ID, there were concerns around the ability to easily replicate fingerprints. Some even claimed that it was also possible to replicate fingerprints through photography or even through play-doh.

Since the launch of the iPhone X and Face ID, there have been a number of security concerns. Hackers have already claimed to have broken Face ID less than a week after the official launch. The Vietnamese security firm claimed they had cracked Face ID with a composite mask of 3D printed plastic, silicone and paper cut outs which apparently cost less than $150 to replicate. This is yet to be confirmed but we imagine this will not pose an immediate threat to the average every day user unless you have unlimited access to 3D printers and silicone materials. Not to mention the amount of time, effort and access to someones face you would need to recreate this. A far more simple way to achieve this would be to trick someone into glancing at their phone straight on.

What are the implications for financial services? 

Apple Pay has already replaced Touch ID with Face ID. Users can make in-store payments by double clicking the side button, looking at the screen then holding it against the contactless reader. It sounds simple to to use, however some recent research has suggested that users feel slightly more apprehensive and self conscious when using facial biometric authentication compared to the more discreet touch technology. I suppose it could be compared to taking a “quick selfie” before you pay for something. It will be interesting to see what affect this kind of human apprehension will have on future payment methods. It’s certainly something to consider.

Touch ID is already used widely in mobile banking applications. Now Tesco Bank and TSB are among the first banks in the UK to incorporate facial ID into their mobile banking applications with many more financial institutions set to follow suit. As it currently stands, Touch ID currently allows users to view accounts, but few have put enough trust in it to actually allow money transfers. It would be interesting to see if Face ID will prove a more secure method to propel that future functionality into mobile banking applications.

Facial ID could also be used to bolster video banking. Video banking requires you to point a camera at your face and the growing number of people becoming more comfortable with using facial ID authentication may lead to a natural progression towards a video banking revolution. Video banking via mobile could be the key to reinstating “relationship banking" but in a digital way.

Despite the opportunities that Face ID can provide financial services, some are still sceptical. A report by Paysafe* found that 40% of consumers in the UK, USA and Australia believe that biometric security such as facial recognition is "too risky and unknown for me at the moment".

Some South Korean Banks have also rejected the facial recognition authentication. A recent report stated that over 20 commercial and online banks have decided to reject the authentication method claiming that the technology was “not fully proven” and they may consider it after more rigorous testing.

Despite concerns, financial fraud is growing at an alarming rate. In the UK alone we are losing over £2 million a day (or £11bn a year) to financial fraud. That alone suggests that "trusted" password and pin authentication methods aren't as robust as they seem. If consumers begin to feel more comfortable with biometric authentication, it could be possible that we may start to see a dent in those figures in the years to come. ### Start integrating now

Apple has once again pushed the boundaries and with the uptake of this technology. Despite initial concerns, we believe that Facial ID will soon become a standard expectation when developing mobile applications of the future.

  • xDesign work with a number of financial services clients including Paypal, Moneysupermarket and Moneydashboard. Get in touch with the team today to find out how we can help you kickstart your app project. We'd love to chat! *

*Paysafe, Lost in Transaction Report 2016

More Articles