4 minute read

Biometrics is taking authentication in banking to another level

Tuesday, May 20, 2025

4 Minute Read

Could you spot the difference between real content and deepfake images?

A study of U.S. and U.K. consumers found only 0.1% identified all media presented to them. If detection is so difficult, then it begs the question: How easy is it becoming for fraudsters to bypass security and steal information?

Not only do fraudsters use sophisticated tools such as AI, they are also casting a wide net across multiple channels — from social media to email — to gain access to accounts.

Customers and merchants aren’t the only targets. Banks are also in fraudsters’ crosshairs with stolen and synthetic identities as well as account takeovers.

Fraudsters are opening new cards using stolen information from different people and putting everything together under one synthetic identity. The fake “cardholder” seems legitimate, so the bank can’t detect and block them.

These situations have become more common, leading to a 250% surge in account takeover attacks. And 40% of victims also experienced identity fraud.

Identity theft can cause great financial loss — such as a victim’s credit card being maxed out — and the charges are often unrecoverable. Other ramifications can include damage to a cardholder’s credit score, increased debt and legal problems.

Payment processors are especially vulnerable to unauthorized transactions because they often can’t identify suspicious activity fast enough.

“How can you protect against evolving fraud tactics and quickly ensure cardholders are who they say they are? That’s the challenge facing card issuers with their authentication strategies as they balance security and convenience,” said Kasey Boyd, Head of Fraud, TSYS.

64% of merchants have been targeted by AI fraud. Source: Ravelin’s AI vs AI in Fraud Report

Bye bye passwords?

Traditional authentication methods such as passwords and personal identification numbers have become vulnerable, leading to more account takeovers, fraudulent transactions and data breaches.

Adding to the problem is password fatigue and password management.

More than half of people — 51 percent — say they need to input six or more passwords for work every day! Frequent password resets mean frustrated users re-use credentials or choose ones that are easily guessed.

These weak security practices make it easier for fraudsters to exploit stolen login details, as evident by the 81% of data breaches associated with poor password management.

It also means having to remember all those passwords. In fact, banks report that 65% of consumers struggle to remember passwords, leading to frustration with transactions or even abandoned transactions.

“Passwords have long been the standard verification method. Now the payments industry is shifting to newer authentication technology led by biometrics because of the advantages of defending against changing fraud without inconveniencing customers,” said Blair Cohen, President and Founder of AuthenticID, a global leader in identity verification and fraud prevention solutions.

What is biometric authentication?

Biometrics are becoming the new standard in digital identity verification. According to AuthenticID, 63% of consumers would go completely passwordless and access their accounts solely through biometrics if they had the option.

Behavioral biometrics analyze the ways people interact with devices. For example, how they hold them, their typing speed and rhythms, and how they swipe. Instead of relying on a single moment to identify someone, behavioral biometrics combine information from every past instance to create a dynamic user “profile.”

Backed by machine learning, the technology analyzes these patterns to continuously adjust and understand a user’s interactions.

But biometric technology doesn’t end there.

Types of physiological or behavioral biometrics to combat payment fraud

  • Fingerprint recognition
  • Facial recognition
  • Voice recognition
  • Device-based gestures
  • Iris or retina scans
  • Vein patterns
  • Body movements

Voice verification is gaining traction with customers to provide “audio fingerprints” to verify and secure identities. The technology differentiates tones and cadences of voices.

By recording a customer’s voice pattern and verifying transactions on the phone, it can be used as a type of two-factor authentication.

Facial recognition, another type of biometric, cross-references a pre-recorded image for verification. One example is during an airport screening process where cameras scan a person’s face to verify their identity by measuring key facial features. The traveler’s image is compared with their digital or physical ID to confirm a match.

From a banking perspective, the cross-reference process can help approve transactions more quickly and accurately by identifying real account holders. In fact, such technology can verify users in less than 2 seconds and with 99% accuracy, according to AuthenticID.

“Facial recognition has become a convenient and reliable way to help confirm identities faster and more accurately — not just with payments but across multiple industries,” Cohen said.

Adoption in the payments world

From bank account onboarding on a laptop to a customer’s re-authentication on an app, cardholders are becoming more comfortable using biometrics.

Why? They are secure and convenient.

For example, simply upload an image of an ID on a phone to a banking app, then take a selfie so the system can match the images. This helps verify customers’ identities before they gain access to sensitive personal and financial information — preventing false new account openings and synthetic identity fraud.

That level of convenience and security is partly why $3 trillion in payment transactions are expected to be authenticated by biometrics by 2025, increasing from $404 billion in 2020.

Other trends in payments moving the needle toward more advanced authentication technology include:

  • Shift to mobile banking and contactless payments.
  • Increase in deepfake-related fraud attempts for banks and financial institutions.
  • Greater demand for more efficient customer experiences.
  • Need to stay in compliance with data protection and regulations.

TSYS Advanced Authentication

One solution using biometric authentication to help defend against fraudsters is TSYS Advanced Authentication.

The technology uses the power of touchpoint validation — including device, email, facial and phone recognition — to instantly verify customer identities. The solution authenticates whether transactions are legitimate by using real-time data learned from the buying experiences of those cardholders and their personally identifiable information to detect anomalies from a customer’s usual spend patterns. Verification happens in seconds, limiting friction with transactions for a better customer experience.

“TSYS Advanced Authentication provides a more secure and accurate way to verify legitimate cardholders and confirm the transaction’s validity,” Boyd said. “The technology offers greater control with ensuring transactions are secure to protect issuers from fraud while enabling genuine transactions to increase sales and build trust.”

If you’re interested in learning how TSYS can help you align your fraud authentication needs within a comprehensive payments solution, please click here.

For more on biometric authentication including the role of AI and its challenges, read Part 2 of this blog series coming soon.

Latest articles

Never Miss an Insight

Get the latest from TSYS a Global Payments Company

Subscribe