TSB to introduce iris recognition for mobile app log-in
The bank’s app users with a Samsung Galaxy S8 will be able to log into their accounts with a glance from September.
TSB is to introduce iris recognition as a way for customers to unlock the bank app and access their account, the first in Europe to use this form of biometric technology.
From September, TSB customers with a Samsung Galaxy S8 and S8+ will be able to use the phone’s built-in iris scanner in order to log into their account on the mobile app by glancing at their phone, instead of inputting an ID and password.
The bank’s chief information officer Carlos Abarca said: “Iris recognition allows you to unlock your TSB mobile app with a simple glance, meaning all of those IDs, passwords and memorable information become a thing of the past.
“As well as a more customer-friendly approach to identification, iris recognition is also the most secure method of authentication available today. We want our mobile app customers to continue to have a fast, easy-to-use experience; iris recognition delivers that and, when combined with our other security measures, an unparalleled level of cyber security.”
However, cyber security experts have warned that while using new forms of security should be encouraged, it should not be assumed that biometric passwords and log-ins cannot be compromised.
Richard Parris, chief executive of IT security firm Intercede, said: “Biometrics is fast becoming the de facto security measure for a wide range of business and consumer applications.
“However, German hackers were recently able to trick a Samsung Galaxy S8’s iris scanner with a picture of the device owner’s eye and a contact lens.
“Rather than use biometrics in isolation, instead businesses need to be looking at strong authentication that incorporates three distinct elements – possession (something you have, such as a smartphone), knowledge (something you know, such as a PIN) and inherence (something you are, an iris scan).
“This allows businesses to verify that the person accessing the service is who they say they are, in addition to limiting the amount of times an individual can attempt access if any of these elements are missing or incorrect.”
Etienne Greeff, co-founder of cyber security firm SecureData, also warned of the implications for consumers should their account still be hacked.
“It’s good to see businesses like TSB looking to replace passwords, which are flimsy and easily breached, but hackers are wise to biometrics and it won’t stop them from trying to get their hands on your data.”
Mr Greeff said “more consideration” of security techniques was needed in order to better protect consumers.
TSB said its new system places security and customer experience at the “forefront” of its digital services.
