Biometrics Bests Old School When It Comes To Mobile Banking Security

Multi-factor authentication might one day skip the user name-password option.


Arizona FCU
Data as of 12.31.16

HQ: Phoenix, AZ
MEMBERS: 122,346
ROA: 1.46%

Passwords will be one less thing to remember for most consumers doing their digital banking in the not-too-distant future. Even user names could become a thing of the past as biometrics moves from fingerprints to eye scans and beyond.

That leading edge won’t likely be a bleeding edge for members of First Tech Federal Credit Union ($9.5B, Mountain View, CA) and Arizona Federal Credit Union ($1.5B, Phoenix, AZ). Both credit unions have been willing participants in putting that technology to work, serving as first adopters and beta sites for the ultra-secure login methods.

That’s partly because executives at both credit unions see multi-factor authentication becoming solely dependent on biometrics at some point, at least in the mobile channel.


First Tech FCU
Data as of 12.31.16

HQ: Mountain View, CA
MEMBERS: 465,319
12-MO LOAN GROWTH: 14.0%
ROA: 1.25%

Biometric authentication is already well on its way. In California, First Tech served as one of two global beta sites for MasterCard’s Identity Check mobile app in late 2015. The beta relied on employees at the credit union to verify the authenticity of online donations made to Children’s Miracle Network Hospitals using either facial recognition or fingerprints. The high-tech tools passed the test at First Tech, which will roll out the new identity verification options to its more than 450,000 members later this year.

When MasterCard wanted to pilot facial recognition authentication for smartphone payments, First Tech Federal Credit Union was a natural fit. After all, its members hail from SEGs such as HP, Microsoft, Intel, CISCO, Amazon, Intuit, Google, and Twitter. Learn about the program in Smile For Selfie Pay, only on

Eric Givens, Senior Director of Research and Development, Arizona FCU

In December 2016, members at Arizona Federal authorized 33% of their mobile logins via biometrics. Working with NCR, the Phoenix credit union began offering fingerprint authentication in June 2015 and followed up with eye scanning that September. That was on Apple devices. The credit union added Android support in February 2016.

The institution was one of the first 30 financial institutions to offer biometrics on iPhones and the third on Android through NCR’s Digital Insight tools. Currently, approximately 68,000 of its 122,000 members are registered mobile bankers and 28,000 of them have used one or more of the biometric options, says Eric Givens, the credit union’s senior director of research and development.

Members at Arizona Federal Credit Union are giving new identity authentication the thumbs-up and ditching clunky, complicated passwords in favor of touch and eyeprint identification. Learn more in The Eyes Have It At Arizona Federal Credit Union, only on

Brian Ziff-Levine, Director of Cards and Payments, First Tech FCU

Apple usage has been higher than on Androids, for the simple reason that Apple pushes upgrades much harder and many Android users are on older phones that don’t have the biometric capabilities built in, Givens says. But that’s OK.

We believe in trying to be first with a lot of things, and we want to give our members as many options as possible, he says.

Those options might narrow someday as biometrics continue to gain favor over the original login methods of electronic banking. After all, cybercrime pressure is relentless and growing, and faces, fingerprint, and retinas are a lot harder to steal and duplicate than combinations of numbers and letters.

The least secure factor that gets replaced in multi-factor authentication is the password. I can see biometrics eventually replacing passwords and user names entirely.

Brian Ziff-Levine, Director of Cards Payments

The least secure factor that gets replaced in multi-factor authentication is the password, says Brian Ziff-Levine, director of cards and payments at First Tech. I can see biometrics eventually replacing passwords and user names entirely.

But that doesn’t mean all other authentication methods will go away.

It’s a risk-based, layered decision process whether to allow a transaction, Ziff-Levine says. When it comes to high-risk or high-dollar transactions, we use challenge questions. Things like that, I don’t see going away anytime soon.

But for the majority of otherwise routine, low-risk, everyday transactions, biometrics adds an irresistible layer of convenience on the front end as well as security and ease of use on the back end. Givens says deployment has been easy and upgrades, which NCR handles, involve only testing in his shop.

Members find the apps easy to use, he says, and interest in them has been high from the get-go. Givens says a couple of thousand people showed up at a four-hour event held around the latest launch last April.

Take Your Learning To The Next Level

Like what you’re reading? Callahan’s Media Suite subscription provides even deeper insight to help your credit union thrive with enhanced access to and industry-specific print publications.

Learn More

It was much bigger than we anticipated, he says. We had food trucks and other attractions throughout our ops center parking lot. The techie nerd tent did well, too. People just think this technology is so cool.

Arizona Federal has marketed the apps through YouTube videos with football legend Kurt Warner, social media, email reminders, and billboards. Member workshops have proved popular, too, but Givens says the best practices for making a biometrics launch successful include a short list: Test. And get your employees on board. That’s it.

He elaborates: Nothing’s worse than someone coming into the branch and the staff doesn’t know about the biometric options and haven’t used them. Include staff in pilots, engage them, get them comfortable with it. That’s really the No. 1 thing to do.

March 27, 2017

Keep Reading

View all posts in:
More on:
Scroll to Top
Verified by MonsterInsights