In an interview with Defenseworld.net, Gary McAlum, CSO and Senior Vice President of Enterprise Security at USAA talks about the biometric technologies on mobile apps offered by the company, including TouchID technology, and its effort to eradicate cyber crimes in future.
DW: What are the latest biometric technologies offered by USAA? Please elaborate on your Touch ID technology?
Gary McAlum: USAA now offers three biometric options on the mobile app to include face, voice and Touch ID. Face and voice are available on Android and iOS devices and Touch ID is available on touch-eligible iOS devices (with the built in Touch ID sensor). Biometric options are also offered on tablet devices that offer the USAA Mobile App.
DW: Could you explain how the USAA mobile app authenticates user fingerprints?
Gary McAlum: We leverage Apple technology to authenticate fingerprints assigned to the device. In addition, each of our biometric options is paired with a one-time encrypted code to verify our members’ identity with their registered device. This offers multifactor authentication for our members to decrease cybercrime risk. The underlying technology platform that enables this integration is provided by Daon.
DW: How do you ensure users that their fingerprints will not be forged?
Gary McAlum: USAA believes members are best protected when there are layers of authentication to confirm their identity. We utilize device recognition technology for known member devices and combine this with the fingerprint validation. This ensures multifactor authentication. Apple protects the fingerprint behind their secured token and requires the use of the device passcode before a fingerprint can be changed. At the end of the day, we believe fingerprint technology as we have implemented is significant stronger than userid and a weak password.
DW: In case of rubber fingerprints or severed fingers, how will the app recognize the user?
Gary McAlum: USAA is committed to provide innovative solutions that provide choices for our members. In the event members are challenged with Touch ID, they still have the ability to authenticate with their face, voice recognition, or our PIN option.
DW: What are the benefits associated with Touch ID technology? Is it cost effective?
Gary McAlum: USAA makes every decision with our members in mind. Our members have asked for secure options that are simple and flexible, providing them the ability to manage their finances wherever they are. Biometrics is where security and simplicity meet in the middle, providing our members options that are easy and fast to use. We strive to provide our members multiple options that are both secure and easy to use by combining “something you are” with “something you have.”By executing a layered approach, cybercrime is not easily accessible to fraudsters without taking possession of our members’ devices.
DW: How do you see the future in terms of biometric adoptions?
Gary McAlum: We believe the legacy forms of authentication (e.g., user ID and password) are becoming increasingly obsolete in today’s cyber threat environment. With over half a million members using biometrics, and very little marketing, our membership is showcasing the desire for simple and secure measures to manage their finances. In fact, more than 90 percent of members enrolled in biometrics are using Touch ID and more than 50 percent are using biometrics multiple times a month to manage their finances.
DW: What biometric technologies do you provide to the military? Are you considering the aviation market?
Gary McAlum: Biometric capabilities are available for all of our members residing in the states. We are always researching new solutions to deliver the service our members deserve.