May 25, 2015 05:23 PM

Banks Face Obstacles to Using Biometric Data for ID Purposes

(Beijing) – Banks will not be allowed to verify the identity of new customers using biometric information unless certain conditions are met, a central bank official says.

Unless a mature technological standard for biometric identification is established and financial regulations are amended accordingly, the regulator will not allow banks to adopt the practice, Fan Shuangwen, deputy director of the central bank's payment department, said at a forum on May 24.

"The regulator has concerns about rushing to permit remote verification or say that it is safe and effective," he said. "As for when it might drop those concerns, I don't know for sure, and it is hard to set a timetable for this."

China requires a person who wants to open an account to appear at a bank. The opening of an account serves as a prerequisite for almost all other services a bank offers.

Experts have proposed using facial-recognition technology so people will not have to show up in person at a bank.

Chen Long, chief strategy officer of Ant Financial Services Group, which is affiliated with Alibaba Group Holding Ltd., said having an employee verify the identity of bank customers is no guarantee against fraud, and the regulator should allow banks to try biometrics.

Ant recently unveiled its "smile to pay" technology, which allows users have their face scanned instead of typing in password when making a payment online. The firm hopes this function can be integrated into its mobile payment services.

Fan said the face-to-face requirement has served as a foundation for various financial activities, including those offered by third-party payment companies such as Ant. Even though it has flaws, it is not safe for banks to switch immediately to an untested alternative, he said.

Wang Bing, China Guangfa Bank's vice president, suggested the regulator control risk by limiting the functions customers could access with an account opened with facial-recognition technology.

Critics say the main danger in using biometrics for identification is in how the data is transmitted. An expert from the Ministry of Public Security has told Caixin that biometric information can be stolen by hackers while it is being sent from one place to another. This is why no country relies on facial or fingerprint recognition as the primary identification tool, he said.

Chen Zhong, a digitalization expert at a research facility under Peking University, voiced the same concern at the forum.

"The current methods of Internet transmission are indeed very vulnerable to hacker interception and duplication," he said. "So the risk is severe when using (biometrics) in financial services."

The consequences of biometric information being stolen are huge, Li Xiaojie, general manager of the China Financial Certification Authority, said at the forum. A lost identification document can be cancelled, but stolen biometrics could be effective forever because the owner cannot change who they are, he said.

(Rewritten by Wang Yuqian)

You've accessed an article available only to subscribers
Share this article
Open WeChat and scan the QR code