Cogneto, critical of facial recognition authentication, adopts it anyway
Seattle-based company is known for its cognitive authentication approach; although facial recognition is immature for on-line banking, company decides to use it as a small factor among many; outside analysts see banks under pressure to deploy the latest technology, even as costs vastly outweigh the benefits
Those of our readers with an interest in biometrics will recall our recent report on London and Seattle, Washington-based Cogneto. The company’s authentication model, known as “cognitive authentication”, or cognometrics, identifies computer users based on how quickly the user points and clicks at the correct answer to previously entered personal questions, thereby providing a reliable biometric fingerprint. “How long it takes you to respond when it come up turns out to incredibly unique among individuals,” CTO Patrick Audley said.
We liked this technology, and now we have some good reason to know why the company’s investors do too — especially for on-line banking applications. According to Audley, one of cognometrics’s main competing technologies, facial recognition, is more than a decade from maturity due to the low resolution of the cheap Web cams used by most casual Internet users. “We’re talking a false acceptance rate of maybe 10 to 15 percent, which is very high on a biometric,” says Audley.
Nevertheless, Cogneto has decided to add some facial recognition software to its cognometric systems. The only difference is, the enrolled photos will be binary snapshots taken with said Web cams, and they will be a minor factor within the company’s multi-factor, memory-based authentication regime. The decision suggests a company clearly in tune to both the desires of companies and clients for the latest in security options, as well as to the serious costs involved in deploying them. Indeed, although banks are under serious pressure to improve on-line security, many outside analysts have criticized some of the more wooly systems.
“Biometrics is going too far for what consumer banks need to do,” says one outside expert. “[Current] fraud losses do not justify investments at the order of $5 to $10 per user, per year.” Many solutions are just “technology for technology’s sake…biometrics just for authentication is not sold. It always has to come with a value-add.”
-read more in this SecurityInfoWatch report