In 2007 during his presentation at the Biometric Consortium Conference, Jay Meier, VP Corporate Development at BIO-key, posed a challenge to the global identity industry: to move away from catering to the military and make something his wife and kids will care about. Now, seven years later, that has finally happened in the form of consumer-facing biometric technologies. It has been a huge shift, and a positive one for the industry, but when it comes to deployments in mobile commerce, things are moving a little slower than many might think.
When I ask how Jay Meier sees the deployments at the intersection of commerce, mobility and biometrics he gives me one word: “Nascent.”
“It’s emerging,” he adds. “And it’s really not about payments. It’s about credentialing.”
He deconstructs the term to illustrate the concept. Mobile, he tells me, is about taking a credential that’s in my leather wallet and putting it into a digital one in my smartphone. In this case, the credential is a credit card that represents a privilege I have to use a revolving line of credit. It might also represent my privilege to access a debit account I’ve been approved for at a bank.
But a credit card is only one of many different types of credentials that grant privileged access. In a 2013 blog post Meier authored for the IBM Security Intelligence Blog titled Passwords are Dead, We Need a Better System Now, he explains that drivers licenses, credit cards, passports, corporate ID cards, school ID cards, boarding passes and more are all forms of one type of information: that the person presenting them has a privilege.
“I really like to point that out,” Meier says, “because the opportunity for biometrics is way beyond payments.”
Meier tells me, in the big picture of things, mobile payments are pretty easy and that’s because most transactions in that model carry a very low risk profile. He uses the example of buying a Starbucks coffee with a smartphone. “No one’s taking any risk there, so the use of biometrics in that case – the biometric is not all that important, really.”
He continues, “Securing a 10 dollar transaction, a 20 dollar transaction – you know, a small denomination transaction – something that get’s routed through a credit card, who bears the risk? Well, everybody that has a credit card pays high interest rates to compensate for the risks associated with fraud in credit card accounts.”
Mobile payments, he says, are all about convenience.
“That will become pretty pervasive pretty quickly, but the biometric feature of that isn’t really that big of a deal.”
Now, mobile banking, that’s a different thing. Meier turns the discussion to the area of mobile banking by posing a hypothetical pitch to an American bank.
Imagining a wire transfer of $100,000 from a JP Morgan savings account to a Bank of America checking account authenticated using a smartphone, Meier says the banks simply won’t allow it.
“The value of the transaction is sufficiently high that the risk profile of it changes,” says Meier. The banks won’t bear the burden of that risk.
Meier used to be a security analyst on Wall Street. He tells me that when we talk about the security used to protect the banking system, the kind of situation where a mobile phone can be used to journal $100,000 from one bank to another bank, what we’re really talking about is the inter-bank wire transfer system.
The wire transfer system is a massive network between banking institutions facilitating the kinds of transactions that keep the economy working. The key to the global banking system, according to Meier, is the interconnected nature of the banks on this network. It’s the beaming of money across this network, he says, that allowed the Federal Reserve to stop the global banking industry from going completely insolvent in 2009.
“It’s the beaming of the money that needs to be protected. Not the money itself.” he says. “If a rogue entity – a hacker – gets access to that wire transfer network: he can shut down the entire banking system. And guess what happens when you shut down the entire banking system?
Everything gets shut down.”
At this point, the picture is clear. In the realm of biometric mCommerce there is a balance between convenience and security, and on each side of that scale sit payments and banking respectively.
“JP Morgan will never allow any high value transaction to be secured by technology that is not absolutely, flawlessly perfect, because it’s a matter of a security, not a matter of convenience.”
That’s the true promise of biometrics: security. The use case in finance right now is convenience, and that’s why at this point in time making hundred thousand dollar transactions via phone is simple not possible. But things are changing.
“I like to say that the biometric industry is going to roll out at the speed of the evolution of the underlying hardware,” says Meier.
“In 2007 I said, ‘Guys quit catering to the military because the big market is out there in mobile commerce. That’s the brass ring. That’s the golden chalice. If you can put a platform out there that my wife and kids care about, then suddenly you’re talking about something really big: changing the way people live their lives.’”
This, according to Meier, is where we are now.
“We’re at that inflection point. Now, the inflection point might span several years, so people need to think about this not the way Silicon Valley and Wall Street think about it. Wall Street thinks about it in terms of quarters – every three months – and it just doesn’t happen that way. But the reality is that we are there now. The industry has got a foothold.”
“There is a use case for biometrics and the use case is that: nothing else we’re using is working.”
Bringing up the example of the recent hacking incident involving Target to illustrate his point, Meier he continues: “What’s happening is that the value of the frauds are finally outweighing the cost of implementing something more secure. And that’s where we are. And that’s exciting to me because it means our industry is happening. Now’s the time to get involved with biometrics.”
Stay posted to Mobile ID World as we bring you part two of our interview with Jay Meier, VP of Corporate Development at BIO-key. Next time the conversation will turn to what needs to be done to achieve the biometric promise.