CBA app wants your location, biometrics in name of security
- 31 July, 2019 16:29
Commonwealth Bank of Australia’s new app has a feature that will track your location so the bank can better figure out if a transaction is dodgy.
The opt-in security feature of CBA’s fourth generation banking app, which was officially launched today, runs the location associated with a transaction against your phone’s location to see if there is any discrepancy.
“If we see a transaction coming out of Hong Kong but we know from a customer’s phone they’re in Melbourne or Sydney: straight away that gives us an opportunity to spot a discrepancy and block it straight away,” explained CBA chief digital officer and retail bank chief information officer Pete Steel.
Security drives a lot of the new features of the ‘CommBank app 4.0’ the bank said, including “world first” in-app alerts to customers when a suspicion transaction is made.
“If it’s definitely a fraudulent transaction we block it straight away, but if we’re not sure we’ll pop into the app with a question in real time and we ask the customer to help us, and they can swipe or click to say yep I’m comfortable with this or no this is something I don’t recognise,” Steel said today.
At scale this serves the bank as a crowd-sourced dodgy merchant finder, Steel explained.
“It puts customers in control, it helps them [and] it helps us learn. It’s almost like crowd-sourcing some of the fraudulent merchants out there. We can spot them quicker…feed that back in and make quicker decisions,” he said.
Face the future
Although not a feature of the fourth generation app, the bank revealed plans to link with government biometric data holdings to “make sure we know who we’re talking to”.
CBA has been working with government authorities and other industry players on the effort, which it considers a “really important space”.
Banks are obliged to collect and verify certain ‘know your customer’ (KYC) information about a customer’s identity when providing banking services.
Meanwhile, the government is pushing ahead with plans for a national facial recognition service — dubbed ‘The Capability’ — which will operate as a query and response system, similar to the current federal Face Verification Service (FVS).
It is expected that the private sector will be able to access some of the services for certain use cases.
In the near term, biometrics could be used in the customer onboarding process and to approve high-value transactions, Steel said today.
In initial proof-of-concepts CBA has been using smartphones to read ePassport data.
“We’re using the phone and the capability that’s in the chip to read from an ePassport, and pick out the passport information, the face which gives us a chance to then pop the image up in screen and do a real time comparison with customers,” Steel said.
Steel emphasised that the bank was interested in using “endorsed government sources” of biometric data.
“When it comes to biometrics we’re extremely unlikely to store anything significant on biometrics. We’ll be having moments in time when we check biometrics, but we don’t want to be in the business of storing customer fingerprints and facial recognition,” he said.
At the app launch event, a new CBA and KPMG report was released predicting what banking would be like in the future.
The report – The Future of Digital Banking – forecast that by 2030 biometrics such as facial and voice recognition “will have completely replaced other forms of digital security like passwords and PINs”.