Mountain America Credit Union has announced the beta release of a dual biometric log-in feature that lets its members access their mobile banking app either by scanning their finger or taking a picture of their eye, claiming to be the first to have combined fingerprint and eye-imaging technology in an attempt to make biometrics available to all of its mobile banking users.
The credit union is working in partnership with mobile banking software provider Access Softek for the mobile banking platform side and is using biometric software provider EyeVerify’s Eyeprint ID technology for the eye-imaging authentication feature.
“For fingerprint authentication, the image sensor on the device scans the fingerprint, analyzes the ridges and converts it into a mathematical code,” Mountain America says. “That code is stored in the mobile device and used to compare against future scans. Users can add up to five fingers, and the device can read fingerprints from any angle.
“EyeVerify works by using an individual’s unique eyeprint. The eyeprint is the map of blood vessels in the whites of the eyes, which is unique to each person. Each person has two eyeprints in each eye. The initial enrolment process takes less than a minute and will capture the eyeprint on a smartphone or tablet camera. After that, logging in using Eyeprint ID is as easy as taking a selfie.
“Biometric login is available to Mountain America members on Apple devices and newer Android devices. The beta release allows for product refinement and supports the creation of an optimal member experience moving forward.”
“Mountain America is excited to bring this innovation to our members as biometric features are the future of enhanced online security,” says Shelby Peterson, manager of product strategy at the credit union. “Biometrics not only ensure our mobile products are more secure, but also easier for members to use.”
Next: Visit the NFCW Expo to find new suppliers and solutions
For bringing down security?
Threats that can be thwarted by biometric products operated together with fallback/backup passwords can be thwarted more securely by passwords alone.
We could be certain that biometrics would help for better security only when it is operated together with another factor by AND/Conjunction (we need to go through both of the two), not when operated with another factor by OR/Disjunction (we need only to go through either one of the two) as in the cases of Touch ID and many other biometric products on the market that require a backup/fallback password, which only increase the convenience by bringing down the security.
Biometric solutions could be recommended to the people who want convenience but should not be recommended to those who need security.
Everybody understands this, but there is more in play than just security. We must think about usability too. It is wrong to assume that whenever we consider security it must be the maximum available security. It should rather be appropriate to the circumstances and then it should get out of the way. By offering options this solution seems to address that well.
I would like to remind you that I wrote “Biometric solutions could be recommended to the people who want convenience” ( but should not be recommended to those who need security).