TRENDING: Inside GDPR’s Enforcement Strategies

Cyberattacks on American financial institutions are at an all-time high, with more and more cybercriminals eyeing consumers’ financial data and other sensitive information. A February 2018 study from the Federal Reserve Bank of Minneapolis found that 75 percent of American financial institutions incurred losses due to fraud last year.

And with that, governments and security solution providers are stepping into the fray with the aim of combatting fraudsters.

In the May Digital Identity Tracker™, PYMNTS examines how players from around the space are looking to safeguard consumers, from new security software to newly debuted regulations from governments around the world.

Notable Digital ID News

Mastercard, for one, is putting its faith in biometric authentication.

The company recently debuted a new biometric payment card designed to enable customers to register their fingerprints without visiting a bank branch. The move seems to be part of a larger trend, as Mastercard also said it will shift away from “what [consumers] know” factors, like passwords, and instead focus on “what [consumers] are” factors, including fingerprints, iris scans and facial recognition.  

The international payment network JCB is also turning away from older authentication methods in favor of biometrics.

The company recently launched a pilot for Japan’s first “F for fingerprint” payment card, F.CODE, intended to allow consumers to do away with the traditional PIN and instead use their fingerprints to authorize transactions.

But while JCB and Mastercard turn to solutions like fingerprint, facial and iris recognition, others are turning to behavior-based biometrics.

That includes UnifyID, an implicit authentication platform. The company recently released its online and physical dynamic probability scoring technology, which claims 99.99 percent accuracy, with its technology relying on more than 100 unique behavioral and environmental factors.

DPAs Prepare for Looming GDPR Deadline 

Governments and regulators around the world are also stepping into the fight against fraud.

The European Union, for example, is preparing for the General Data Protection Regulation (GDPR) to take effect later thisweek. And according to Ultan O’Carroll, assistant commissioner and technology advisor to Ireland’s Data Protection Commissioner 

(DPC), companies that are unprepared could fall under scrutiny by data protection authorities (DPAs), the regional agencies charged with ensuring GDPR compliance.

O’Carroll recently spoke with PYMNTS for the latest Digital Identity Tracker about the criteria to which companies will be held — regardless of their preparedness — and what, exactly, DPA-backed investigations will entail once GDPR goes into effect.

He noted that GDPR will impact any company or organization that operates, stores or processes personal data belonging to a natural person — a “data subject,” in GDPR terms. Non-compliant companies could be in for a rude awakening on May 25, particularly if they are subjected to a DPA investigation. 

“If they’re in the situation where they have not made processing operations compliant with GDPR during the past two years, they may well find themselves afoul of the law,” O’Carroll said. 

To read the full story, download this month’s Digital Identity Tracker

    First Name*

    Last Name*



    Work Email*


    About the Tracker

    The Digital Identity Tracker™, sponsored by Jumio, is a forum for framing and addressing key issues and trends facing the entities charged with efficiently and securely identifying and granting permission to individuals to access, purchase, transact or otherwise confirm their identities.