The future of digital identity //12.09.20
Q&A with Paul Branley, director of strategy, innovation & testing at Lloyds Banking Group
How can banks and other organisations secure their customers’ digital identities?
We recognise the central role digital identities play in the future world. The increase in threats such as phishing attacks and nation state hacking increases the risk of identity theft. Protecting digital identities is an important part of any industry, including the financial services sector. Our customers need to know how to best protect themselves and banks can help them do this.
We educate our customers on fraud prevention as well as alerting them on the latest social engineering scams such as hackers harvesting people’s credentials. In this climate, we recognise that we can only solve these issues if we work together with the industry, sharing knowledge and best practice. This cross-industry support is important in securing our customers’ digital identities.
Equally, we realise and respect the importance of customer privacy. The world’s most valuable resource is no longer oil, but data. Most things we do today leave a digital trace and society is becoming more aware of this information age. The use of smartphones and the internet has created a society where data is abundant and, in parallel, the opportunity for criminals to steal this data is also increasing.
As technology is built into every part of our lives, using tools such as multi-factor authentication and collaborating with other banks is imperative to be able to manage cyber risk. Collaboration is key for banks and other organisations to help protect the digital identities of their customers. We have a common goal to protect our customers and working together is the only way we can defeat cyber criminals looking to exploit our organisations and customers and, ultimately, help Britain prosper.
What role does new technology play when it comes to securing digital identities?
Today’s technologies won’t be good enough to protect us in tomorrow’s world against emerging and current threats.
There is a huge increase in the pace at which adversaries are innovating with new technologies to break current controls. It’s important that we also continue to innovate and use disruptive and transformative technologies to keep one step ahead of the threat and secure our digital technologies.
We offer multi-factor and biometric authentication for customers when they access their online accounts. Being open and reactive to technological changes is imperative, as the security horizon is constantly changing. It is extremely important that we also consider securing customers who may not use our digital channels. One of the ways we do this is through voice recognition software used in our call centres to further authenticate our customers and keep their digital identity secure.
How significant will biometrics be in the future of digital identity security?
Biometrics is very significant, and there are two types. The first is around behaviour, which is harder for adversaries to emulate as it’s tailored to the individual. For example, the way someone types on their mobile device or desktop.
The second one is physical biometrics such as fingerprints. Fingerprints don’t change and they can be compromised. This makes them weaker relative to behavioural biometrics.
Once an adversary has an individual’s fingerprint, they can continue to use it and it can’t be replaced. The growth of biometrics will continue and that’s why there is no single answer to this. We need to use biometrics to complement multi-factor authentication and it’s vital we innovate with hardware and software solutions to continue to create an ever-increasing trusted environment.