A Biometric Horror Story That Banks (and other authenticators) Better Learn From

A Lack of Two Factor Authentication Shows Your Disregard for Consumer Protection

A Lack of Two Factor Authentication Shows Your Disregard for Consumer Protection

Most biometrics change, sometimes naturally and sometimes due to an active decision. Earlier there was the story of criminals performing self-mutilation, in this most recent case a Santander account owner had her account frozen because her voice was identified as a man’s voice:

“A transgender woman was left “humiliated and embarrassed” after she was frozen out her bank account ‘because she sounded like a man.’

Distraught Sophia Reis, 47, from Carlton, said she was left unable to transfer money to a pal or even pay for groceries after the phone banking system mistake.

She is now fighting with the bank to ensure that other transgender people aren’t treated the same.

Miss Reis, who moved to Nottingham 18 years ago, said she informed Santander last November that she would no longer be named Sergio on the account, reports the Nottingham Post .

She said the bank changed her details and her new identity was registered, but on Thursday, August 30, she went through a traumatic ordeal with Santander’s phone banking staff.

She did not pass the security check and was not allowed to transfer £72 to a friend on her debit card.

The next day the bank froze her account and she could not pay for items in Tesco.

The customer service advisor, who used to work behind the bar at NG1, said: “The embarrassment and humiliation I felt was unbelievable.

“I went into the bank in Clumber Street and said ‘you have got all my documentation and I changed my name on November 11.’

“They said ‘my voice did not match my profile because it sounded like a man on the phone and not a woman.’ The whole situation is inadmissable.

She said the bank changed her details and her new identity was registered (Image: Facebook)

“I was crying my eyes out and I am not that type of person at all. I am a very courteous person and I am outgoing but to feel that way when all I asked was for my money to be transferred…I feel mistreated.”

She said that despite informing the phone banking staff that she was a transgender woman, they did not pay attention.

She now wants to ensure that other transgender people don’t go through the same ordeal.

“They were not taking any notice of me,” she added.

“I work as a woman, I identify myself as a woman and I look good as a woman but for the first time in my life I felt embarrassed about being who I am.”

We can start here with the fact that biometrics change, so if you use a biometric to identify somebody you still need a fallback process for when that method fails. Apparently Santander’s fallback method was to have the account holder appear at the branch – which strikes me as a terrible imposition for an account holder that surely has a user ID and Password as well as a ATM card and PIN. Perhaps Santander should consider registering multiple biometrics such as voice & facial recognition or fingerprints, or go back to the age old PIN.

Unless banks discover a technology that eliminates false negatives entirely, then every biometric needs a backup procedure. Banks should think long and hard before implementing a recovery process that requires the account holder to return to a branch and every bank needs to move to a transactional risk assessment. Instead of shutting the account down entirely, at least enable the account to continue processing bill payments and perhaps assign a daily limit on spend, but doesn’t just turn the entire account off.

Overview by Tim Sloane, VP, Payments Innovation at Mercator Advisory Group

Exit mobile version