For Verification, Biometrics And Passwords Solve Different Needs


Logins are a routine part of digital life — from shopping online to paying bills to accessing medical records — but proving identity can come with challenges. Consumers now must keep track of myriad user names, passwords and PINs.

Friction can be a deal-breaker, so companies are trying to strike a balance between convenience and security.

PYMNTS takes an in-depth look at this subject in the Digital Identity Lifestyle Capsule, a survey of consumer satisfaction across three verticals: eCommerce, financial services and healthcare.

When comparing those three, financial services came out on top. Nearly three-quarters (73.4 percent) were either “very” or “extremely” satisfied with this vertical’s authentication options. Healthcare (68.4 percent) and ecommerce (69.1 percent) ranked lower.

Not surprisingly, email addresses and passwords are the most requested personally identifiable information (PII) by all verticals. As it stands, 62 percent of eCommerce businesses and 61.0 percent of financial services ask for passwords for authentication. Slightly fewer (58.4 percent) healthcare firms ask for this.

Beyond asking for online passwords and email addresses, financial services was the vertical most likely to use authentication types; 33.9 percent used phone numbers, 26.8 percent used PINs. Biometric identification had low usage across the board, but financial services was twice as likely to use fingerprint identification than healthcare. Financial services also had the highest usage of facial (1.7 percent) recognition.

Figure 3

For creating new accounts, verification methods followed a similar pattern. At 91.1 percent, email is the most-used identity verification method for eCommerce consumers signing up for new online accounts, far higher than for financial services (74.1 percent) or healthcare (72.6 percent). This makes sense considering online merchants are so reliant upon email marketing.

When it comes to consumer satisfaction, using passwords ranks the highest for all verticals. It’s easy to imagine that passwords receive high marks primarily because they represent a method consumers are familiar with. When asked about reasons for their preference, though, convenience and ease of use won out. Speed was more important for financial services (41.6 percent), as well as data security (42.4 percent) and fraud protection (36.4 percent).

Figure 6

Biometrics played a fairly small role in both consumer preference and as an option offered. It’s still not commonly used despite fingerprints — and more recently facial recognition — being used to authenticate smartphone users. Biometrics also is increasingly controversial, mainly from a privacy perspective.

Last month, San Francisco became the first major U.S. city to ban facial recognition. There are rumblings of a backlash to the backlash, however. The California Consumer Privacy Act (CCPA) gives residents of California the ability to request the data that businesses collect on them and delete it or restrict access by third-parties. But bills backed by tech lobbying firms are trying to create exemptions for companies like Facebook, Google, Amazon and Apple.

It’s not all doom and gloom from a consumer perspective, though. When asked about reasons why they prefer biometrics, ease of use topped the list at 58.4 percent for financial services, 57.1 percent for healthcare and 51.4 percent for eCommerce. Convenience was also a major factor, but preventing fraud and creating better data security were two areas where biometrics excelled, especially for healthcare.

Nearly three-fourths (71.4 percent) preferred biometrics for healthcare due to better data security and 68.6 percent preferred biometrics for healthcare because of better fraud protection. For eCommerce, speed mattered more (51.4 percent) likely because online shoppers just want to transact and biometrics can easily reduce friction.

Figure 9

In an interview with PYMNTS, Eren Bali, CEO of Carbon Health, a digital healthcare network, explained two different users: one who is concerned about privacy and logs out after every session and the user who doesn’t want to log in every single time and prefers unlocking the app using Face ID or Touch ID. These two are mostly mutually exclusive since by enabling biometric identification, users must opt out of some HIPAA restrictions.

“We support two-factor authentication for patients, but it’s optional at this point. The authentication requirements are stricter on the patient web app since browsers don’t provide the same level of protection as native mobile apps,” Bali said.

To this end, mobile users — whether app or browser-based — weren’t terribly dissatisfied using mobile channels to authenticate. Just roughly one-third were dissatisfied using mobile for financial services and eCommerce.

Figure 13

Desktop and laptop access had higher levels of dissatisfaction for all verticals. Slowness and inconvenience were both the kiss of death. Inconvenience (34.0 percent) and slowness (29.6 percent) had considerable impact on dissatisfaction for financial services (29.6 percent), in particular.


Featured PYMNTS Study:

More than 63 percent of merchant service providers (MSPs) want to overhaul their core payment processing systems so they can up their value-added services (VAS) game. It’s tough, though, since many of these systems date back to the pre-digital era. In the January 2020 Optimizing Merchant Services Playbook, PYMNTS unpacks what 200 MSPs say is key to delivering the VAS agenda that is critical to their success.