SlideShare una empresa de Scribd logo

The time is now for biometrics in financial services

Descargar como PPTX, PDF
Smart Payment Association
Smart Payment Association

To date, biometrics technologies have largely driven by the needs of governments to identity its citizens and protect its borders. But as the technologies mature and focus increases on payment security and anti-fraud measures, biometrics are finding a logical home in the financial services sector. Recent cross-industry ISO standards, and work addressing interoperability, scalability, privacy and security issues mean an industry-specific EMVCo biometrics profile is now an achievable reality. But challenges remain – in the definition and agreement of the best approach, in integrating biometrics into payment systems, and in encouraging adoption by both financial institutions and consumers. The presentation will focus on: • The use cases and biometric applications within the financial markets • International standards harmonization and the key role of SPA in promoting interoperability • The applications integration challenges facing payment systems • The vital importance of ensuring biometric data protection and privacy

TecnologíaEconomía y finanzas
1 de 21
The Time is now for Biometrics in Financial Services Lorenzo Gaston, Technical Director, SPA Thursday 21st November 2013 shaping the future of payment technology
1. SPA: a short presentation shaping the future of payment technology
Who we are The Smart Payment Association addresses the challenges of today‟s evolving payment ecosystem. We offer leadership and expert guidance to help members and their financial institution customers realize the opportunities of smart, secure and personalized payment systems and services - both now and in the future. Since 2004 Members: shaping the future of payment technology
What we do  The SPA works in partnership with global standards bodies, its own vendor community, and an expanding ecosystem of established and emerging brands to offer an ever-growing portfolio of advisory and support services. NonTraditional Ecosystem Expert Advisor Services Help shape the future of payments Customers Members Customers Services Bring Value to Financial Institutions Members Services T rade Organization Traditional / Smart Card 4 Technologies Advanced/ New Fig 1 Extending advisory and support across the evolving community, the SPA is addressing today’s challenges and shaping the future direction of payment technologies, standards and business models. shaping the future of payment technology
How we do it  By delivering the market‟s most accurate barometer of payment trends  An annual analysis of payment trends based on actual manufacturer sales data  SPA members = 85% of the total smart payments card market  By supporting the creation and adoption of standards and best practices  EPC-CSG/SEPA: Card Representative and Vendor Sector Spokeperson, Chair of the EPC-CSG Task Force to specify the SEPA functional and security requirements for emergent & remote payments (Internet + Mobile), Convenor of the new EPC-CSG Expert Team on Card Innovative Payments, Member of the Preparatory Committee of the SEPA Security Certification Management Body  EMVCo: Technical Associate and Board Advisor for Card Sector  EMVCo Next GenerationTaskforce: Contributor  By extending expert advice and support across the payments ecosystem  An eye-catching library of expert technical resources and thought leadership collaterals to shape the future of payment 5 shaping the future of payment technology
SPA latest publications NEW!  Biometrics for EMV Payment Cards NEW!  UICC Application Lifecycle Management  Security Certification for Mobile Platforms  Security for Mobile Payments  PIN by SMS  Private Label Payment Solutions  Business Continuity in the Payment Card Issuance Industry Download at: www.smartpaymentassociation.com 6 shaping the future of payment technology
2. The Time is now for Biometrics in Financial Services shaping the future of payment technology
Three-Factor Authentication in eightsteps 1. The cardholder presents their EMV card to the acceptance device equiped with a fingerprint biometric sensor 2. A next generation secure channel is established with the card 3. The Cardholder presents the PIN code for verification 4. The Terminal Manager instructs the CVM to require the cardholder to present the finger to the biometric sensor 5. The Biometric sensor extracts the minutiae, generates the ISO 19794-2 template and sends it to the CVM 6. The CVM transmits to the card the captured template through the secure channel via contact or contactless 7. The card verifies and decrypts the captured template and matches it with the enrolled template , calculating a score of similarity 8. Depending on score and the pre-fixed threshold the card returns signed result (i.e., Yes/No) to the CVM of the acceptance device 8 Cartes 2013 shaping the future of payment technology
This looks easy & forward but … Introduction of biometric payment cards requires the careful consideration of a number of issues, including:  Decide the most suitable biometric modality to use  ‘on card’ or ‘off card’ or ‘both’ biometrics verification  Trade-off performance vs transaction times  Design of the cardholder enrolment process  Lifecycle management of the biometrics data  Storage, retrieval and data protection of a cardholder’s personal biometric attributes. 9 Cartes 2013 shaping the future of payment technology
Use Cases for biometrics in payment cards  Opening Payment Accounts  Implement „Know your Customer‟ (KYC) processes,  use of existing biometric documents to enroll a bank biometrics  Authorization of Payment  AML/CFT monitoring process  Stronger proof of consent  Simplifying the use of payment cards in developing countries  facilitate access to financial services for individuals unused to PINs or passwords  cash withdrawal and other transaction services at an ATM or self-service bank kiosk 10 Cartes 2013 shaping the future of payment technology
Use Cases for biometrics in payment cards  Contactless & Mobile Payments  As CVM “hands free”  Ability of the mobile to integrate many capture devices  Generation of non-repudiable electronic signatures Activation of private signature key subscribing a contract for access to a new financial service confirming a remittance generating an e-Invoice proceeding to a mobile commerce transaction downloading and transferring electronic money. 11 Cartes 2013 shaping the future of payment technology
Behavioral Traits Physiological Traits + Iris/Retina Fingerprint Hand Voice Signature Vein Face Gait Keystroke + User friendliness - - Behavioral User friendliness + Physiological Comparison of physiological and behavioral biometric modalities 12 12 shaping the future of payment technology
Setting Performances (I)  The profile proposes performance targets for biometric matchers configured and used in EMV Biometric authentication subsystems  The key criteria is security, meaning minimizing False-MatchRate  False Match Rate criteria can be met by simply setting an arbitrary high score of similarity  But that involves high False Rejection Rate and negative commercial impact  The final tradeoff will of course be set by the card issuer  Lower further FMR or prefer lower FNMR to facilitate acceptance of the technology  Set the number of consecutive tries  Set the level of performance depending on the risk of the transaction A high transaction risk requires a higher score of similarity to proceed 13 Cartes 2013 shaping the future of payment technology
On Error-Condition Performances Different approaches for setting the comparison threshold for the application 14 shaping the future of payment technology
Setting Performances (II)  The Profile proposes a trade-off minimum level of accuracy for EMV Match-on-Card fingerprint minutiae authentication  « The False Match Rate of FMR= 0.0001 should be achieved with a maximum False Non Match Rate FNMR = 0.02 on one finger » FMR≤0.0001 with FNMR ≤0.02  This FMR applies to zero-effort authentication This represents the case where a lost/stolen card is presented by a random person who tries to impersonate but ignoring who‟s the cardholder 15 Cartes 2013 shaping the future of payment technology
Rationale for this level of Performance (I)  The proposed FMR/FNMR is a good level of performance for the current state of the art , similar to what is going to be required eg, in US PIV card program  Lowering the FMR further means increasing the FNMR that in addition becomes random and highly dependent on the individual characteristics  This FMR=0,0001 offers the same level of security than a PIN comparison  Cardholders not eligible for minutiae enrollment will continue to use the PIN and the risk is to be the same  In addition … it‟s the level of performance announced by Apple Iphone 5S  A lower False Match Rate can be achieved by comparing more than one fingerprint or with biometrics multi-modality 16 Cartes 2013 shaping the future of payment technology
Rationale on Accuracy Performance (II)  A Card can enroll up to 10 fingerprint minutiae Effective to lower dramatically FMR without impacting FNMR but 10 finger biometric capture devices are expensive 10 fingerprint matching requires 3 presentations ( 4+4+ 2 thumbs simultaneously) or 4 presentations ( 4+4+ left thumb + right thumb) + 10 consecutives match-on-card  At least one fingerprint from right hand and another from left hand should be enrolled – More than 4 fingerprints don‟t bring significant benefit  Multi-modality could work but Expensive biometric capture device Transaction Time Minutiae is the only standard template format for card 17 Cartes 2013 shaping the future of payment technology
On timing performances  PIN Verification is deterministic – Biometric Verification time is random  This time depends in the number of minutiae to compare, the capture device , the matcher algorithm and the cardholder  Commercial matchers are able to process 64 minutiae ( average 41 minutiae)  Rule of thumb: 30 minutiae is a « big » fingerprint to treat  Level of performance for a Fingerprint Matcher qualified by MINEX  Average comparison match time : around 500 msec ( but variable)  With encrypted templates , add 10%  Typical transaction time < 1 sec Fingerprint matcher performances from Vendors measured in MINEX submission available in NIST site 18 Cartes 2013 shaping the future of payment technology
Testing & Certification procedures  The profile will propose high-level guidelines for Testing & Certification procedures  These tests are used to certify implementations that generate and/or match the mandatory minutia –based biometrics specified in the profile  They include generators ( minuitiae extraction + biometric template) and biometric template matchers  A combination of generator and matcher is interoperable if both are able to work effectively together to achieve a required level of performance  NIST recommends to certify independently Generators of Biometric Templates and Matchers  SPA willing to work ewith EMVCo to specify testing & certification procedures 19 SPA 2013 shaping the future of payment technology
SPA initiatives  Submit to EMVCo a first document on the standardization context for Biometrics  Promote Biometrics as a CVM for EMVCo next generation  Propose to EMVCo to develop a Biometrics Profile  Prepare a White paper on Use Cases  Present at last EMVCo F2F meeting a proposal for performances and main design decisions  End : Proposal for a EMVCo Profile for integration in EMV Specifications 20 SPA 2013 shaping the future of payment technology
Thank You for Your attention! Download from www.smartpaymentassociation.com #SmartPayment shaping the future of payment technology

Recomendados

Contactless payment and US chip-and-PIN adoption drives smart card growth in ...
Contactless payment and US chip-and-PIN adoption drives smart card growth in ...Contactless payment and US chip-and-PIN adoption drives smart card growth in ...
Contactless payment and US chip-and-PIN adoption drives smart card growth in ...Smart Payment Association
 
How we will be paying in 2020 - SPA Technical Director, Lorenzo Gaston at EPC...
How we will be paying in 2020 - SPA Technical Director, Lorenzo Gaston at EPC...How we will be paying in 2020 - SPA Technical Director, Lorenzo Gaston at EPC...
How we will be paying in 2020 - SPA Technical Director, Lorenzo Gaston at EPC...Smart Payment Association
 
Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...
Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...
Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...Smart Payment Association
 
The Multichannel Issues and Opportunities of EMV 2.0
The Multichannel Issues and Opportunities of EMV 2.0The Multichannel Issues and Opportunities of EMV 2.0
The Multichannel Issues and Opportunities of EMV 2.0Smart Payment Association
 
Unleashing The Power of Smart Payment - Contactless
Unleashing The Power of Smart Payment - ContactlessUnleashing The Power of Smart Payment - Contactless
Unleashing The Power of Smart Payment - ContactlessSmart Payment Association
 
SPA Futureproofing your payments at RBTE 2013 in London this week
SPA Futureproofing your payments at RBTE 2013 in London this weekSPA Futureproofing your payments at RBTE 2013 in London this week
SPA Futureproofing your payments at RBTE 2013 in London this weekSmart Payment Association
 
SPA Explains EMV2.0 Vision at Cartes 12
SPA Explains EMV2.0 Vision at Cartes 12SPA Explains EMV2.0 Vision at Cartes 12
SPA Explains EMV2.0 Vision at Cartes 12Smart Payment Association
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 

Recomendados

Contactless payment and US chip-and-PIN adoption drives smart card growth in ...
Contactless payment and US chip-and-PIN adoption drives smart card growth in ...Contactless payment and US chip-and-PIN adoption drives smart card growth in ...
Contactless payment and US chip-and-PIN adoption drives smart card growth in ...Smart Payment Association
 
How we will be paying in 2020 - SPA Technical Director, Lorenzo Gaston at EPC...
How we will be paying in 2020 - SPA Technical Director, Lorenzo Gaston at EPC...How we will be paying in 2020 - SPA Technical Director, Lorenzo Gaston at EPC...
How we will be paying in 2020 - SPA Technical Director, Lorenzo Gaston at EPC...Smart Payment Association
 
Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...
Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...
Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...Smart Payment Association
 
The Multichannel Issues and Opportunities of EMV 2.0
The Multichannel Issues and Opportunities of EMV 2.0The Multichannel Issues and Opportunities of EMV 2.0
The Multichannel Issues and Opportunities of EMV 2.0Smart Payment Association
 
Unleashing The Power of Smart Payment - Contactless
Unleashing The Power of Smart Payment - ContactlessUnleashing The Power of Smart Payment - Contactless
Unleashing The Power of Smart Payment - ContactlessSmart Payment Association
 
SPA Futureproofing your payments at RBTE 2013 in London this week
SPA Futureproofing your payments at RBTE 2013 in London this weekSPA Futureproofing your payments at RBTE 2013 in London this week
SPA Futureproofing your payments at RBTE 2013 in London this weekSmart Payment Association
 
SPA Explains EMV2.0 Vision at Cartes 12
SPA Explains EMV2.0 Vision at Cartes 12SPA Explains EMV2.0 Vision at Cartes 12
SPA Explains EMV2.0 Vision at Cartes 12Smart Payment Association
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 

Más contenido relacionado

Último

Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 

Último (20)

Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 

Destacado

Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Applitools
 

Destacado (20)

Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
 

The time is now for biometrics in financial services

  • 1. The Time is now for Biometrics in Financial Services Lorenzo Gaston, Technical Director, SPA Thursday 21st November 2013 shaping the future of payment technology
  • 2. 1. SPA: a short presentation shaping the future of payment technology
  • 3. Who we are The Smart Payment Association addresses the challenges of today‟s evolving payment ecosystem. We offer leadership and expert guidance to help members and their financial institution customers realize the opportunities of smart, secure and personalized payment systems and services - both now and in the future. Since 2004 Members: shaping the future of payment technology
  • 4. What we do  The SPA works in partnership with global standards bodies, its own vendor community, and an expanding ecosystem of established and emerging brands to offer an ever-growing portfolio of advisory and support services. NonTraditional Ecosystem Expert Advisor Services Help shape the future of payments Customers Members Customers Services Bring Value to Financial Institutions Members Services T rade Organization Traditional / Smart Card 4 Technologies Advanced/ New Fig 1 Extending advisory and support across the evolving community, the SPA is addressing today’s challenges and shaping the future direction of payment technologies, standards and business models. shaping the future of payment technology
  • 5. How we do it  By delivering the market‟s most accurate barometer of payment trends  An annual analysis of payment trends based on actual manufacturer sales data  SPA members = 85% of the total smart payments card market  By supporting the creation and adoption of standards and best practices  EPC-CSG/SEPA: Card Representative and Vendor Sector Spokeperson, Chair of the EPC-CSG Task Force to specify the SEPA functional and security requirements for emergent & remote payments (Internet + Mobile), Convenor of the new EPC-CSG Expert Team on Card Innovative Payments, Member of the Preparatory Committee of the SEPA Security Certification Management Body  EMVCo: Technical Associate and Board Advisor for Card Sector  EMVCo Next GenerationTaskforce: Contributor  By extending expert advice and support across the payments ecosystem  An eye-catching library of expert technical resources and thought leadership collaterals to shape the future of payment 5 shaping the future of payment technology
  • 6. SPA latest publications NEW!  Biometrics for EMV Payment Cards NEW!  UICC Application Lifecycle Management  Security Certification for Mobile Platforms  Security for Mobile Payments  PIN by SMS  Private Label Payment Solutions  Business Continuity in the Payment Card Issuance Industry Download at: www.smartpaymentassociation.com 6 shaping the future of payment technology
  • 7. 2. The Time is now for Biometrics in Financial Services shaping the future of payment technology
  • 8. Three-Factor Authentication in eightsteps 1. The cardholder presents their EMV card to the acceptance device equiped with a fingerprint biometric sensor 2. A next generation secure channel is established with the card 3. The Cardholder presents the PIN code for verification 4. The Terminal Manager instructs the CVM to require the cardholder to present the finger to the biometric sensor 5. The Biometric sensor extracts the minutiae, generates the ISO 19794-2 template and sends it to the CVM 6. The CVM transmits to the card the captured template through the secure channel via contact or contactless 7. The card verifies and decrypts the captured template and matches it with the enrolled template , calculating a score of similarity 8. Depending on score and the pre-fixed threshold the card returns signed result (i.e., Yes/No) to the CVM of the acceptance device 8 Cartes 2013 shaping the future of payment technology
  • 9. This looks easy & forward but … Introduction of biometric payment cards requires the careful consideration of a number of issues, including:  Decide the most suitable biometric modality to use  ‘on card’ or ‘off card’ or ‘both’ biometrics verification  Trade-off performance vs transaction times  Design of the cardholder enrolment process  Lifecycle management of the biometrics data  Storage, retrieval and data protection of a cardholder’s personal biometric attributes. 9 Cartes 2013 shaping the future of payment technology
  • 10. Use Cases for biometrics in payment cards  Opening Payment Accounts  Implement „Know your Customer‟ (KYC) processes,  use of existing biometric documents to enroll a bank biometrics  Authorization of Payment  AML/CFT monitoring process  Stronger proof of consent  Simplifying the use of payment cards in developing countries  facilitate access to financial services for individuals unused to PINs or passwords  cash withdrawal and other transaction services at an ATM or self-service bank kiosk 10 Cartes 2013 shaping the future of payment technology
  • 11. Use Cases for biometrics in payment cards  Contactless & Mobile Payments  As CVM “hands free”  Ability of the mobile to integrate many capture devices  Generation of non-repudiable electronic signatures Activation of private signature key subscribing a contract for access to a new financial service confirming a remittance generating an e-Invoice proceeding to a mobile commerce transaction downloading and transferring electronic money. 11 Cartes 2013 shaping the future of payment technology
  • 13. Setting Performances (I)  The profile proposes performance targets for biometric matchers configured and used in EMV Biometric authentication subsystems  The key criteria is security, meaning minimizing False-MatchRate  False Match Rate criteria can be met by simply setting an arbitrary high score of similarity  But that involves high False Rejection Rate and negative commercial impact  The final tradeoff will of course be set by the card issuer  Lower further FMR or prefer lower FNMR to facilitate acceptance of the technology  Set the number of consecutive tries  Set the level of performance depending on the risk of the transaction A high transaction risk requires a higher score of similarity to proceed 13 Cartes 2013 shaping the future of payment technology
  • 14. On Error-Condition Performances Different approaches for setting the comparison threshold for the application 14 shaping the future of payment technology
  • 15. Setting Performances (II)  The Profile proposes a trade-off minimum level of accuracy for EMV Match-on-Card fingerprint minutiae authentication  « The False Match Rate of FMR= 0.0001 should be achieved with a maximum False Non Match Rate FNMR = 0.02 on one finger » FMR≤0.0001 with FNMR ≤0.02  This FMR applies to zero-effort authentication This represents the case where a lost/stolen card is presented by a random person who tries to impersonate but ignoring who‟s the cardholder 15 Cartes 2013 shaping the future of payment technology
  • 16. Rationale for this level of Performance (I)  The proposed FMR/FNMR is a good level of performance for the current state of the art , similar to what is going to be required eg, in US PIV card program  Lowering the FMR further means increasing the FNMR that in addition becomes random and highly dependent on the individual characteristics  This FMR=0,0001 offers the same level of security than a PIN comparison  Cardholders not eligible for minutiae enrollment will continue to use the PIN and the risk is to be the same  In addition … it‟s the level of performance announced by Apple Iphone 5S  A lower False Match Rate can be achieved by comparing more than one fingerprint or with biometrics multi-modality 16 Cartes 2013 shaping the future of payment technology
  • 17. Rationale on Accuracy Performance (II)  A Card can enroll up to 10 fingerprint minutiae Effective to lower dramatically FMR without impacting FNMR but 10 finger biometric capture devices are expensive 10 fingerprint matching requires 3 presentations ( 4+4+ 2 thumbs simultaneously) or 4 presentations ( 4+4+ left thumb + right thumb) + 10 consecutives match-on-card  At least one fingerprint from right hand and another from left hand should be enrolled – More than 4 fingerprints don‟t bring significant benefit  Multi-modality could work but Expensive biometric capture device Transaction Time Minutiae is the only standard template format for card 17 Cartes 2013 shaping the future of payment technology
  • 18. On timing performances  PIN Verification is deterministic – Biometric Verification time is random  This time depends in the number of minutiae to compare, the capture device , the matcher algorithm and the cardholder  Commercial matchers are able to process 64 minutiae ( average 41 minutiae)  Rule of thumb: 30 minutiae is a « big » fingerprint to treat  Level of performance for a Fingerprint Matcher qualified by MINEX  Average comparison match time : around 500 msec ( but variable)  With encrypted templates , add 10%  Typical transaction time < 1 sec Fingerprint matcher performances from Vendors measured in MINEX submission available in NIST site 18 Cartes 2013 shaping the future of payment technology
  • 19. Testing & Certification procedures  The profile will propose high-level guidelines for Testing & Certification procedures  These tests are used to certify implementations that generate and/or match the mandatory minutia –based biometrics specified in the profile  They include generators ( minuitiae extraction + biometric template) and biometric template matchers  A combination of generator and matcher is interoperable if both are able to work effectively together to achieve a required level of performance  NIST recommends to certify independently Generators of Biometric Templates and Matchers  SPA willing to work ewith EMVCo to specify testing & certification procedures 19 SPA 2013 shaping the future of payment technology
  • 20. SPA initiatives  Submit to EMVCo a first document on the standardization context for Biometrics  Promote Biometrics as a CVM for EMVCo next generation  Propose to EMVCo to develop a Biometrics Profile  Prepare a White paper on Use Cases  Present at last EMVCo F2F meeting a proposal for performances and main design decisions  End : Proposal for a EMVCo Profile for integration in EMV Specifications 20 SPA 2013 shaping the future of payment technology
  • 21. Thank You for Your attention! Download from www.smartpaymentassociation.com #SmartPayment shaping the future of payment technology