State Bank of India (SBI) is working to enable its apps with biometric authentication that will preclude the use of a dongle attached to a smart device for verification. Instead, the smartphone or other smart device will store the individual user’s credentials and the apps will verify biometric attributes against these, a senior executive at the bank told FE.
“The development is at the proof of concept (POC) stage and we are working to see if it can be rolled out across our interface,” said Mrutyunjay Mahapatra, deputy managing director (strategy) and chief digital officer, SBI.
At present, biometric authentication can only be done using a dongle connected to a device, which is one of the reasons why this mode of authentication has not taken off in the area of consumer payments.
The new mechanism SBI is working on will allow a user’s fingerprint to be read by the bank’s app interface, which will then verify it against data stored on the Unique Identification Authority of India’s (UIDAI) database.
Most higher-end smartphones come embedded with the ability to detect and read fingerprints and, therefore, there should be no major handicap with respect to hardware enablement, Mahapatra said.
The Reserve Bank of India (RBI) rules require payment service providers to carry out two-factor authentication for all payment transactions. As a result, most large transactions involve the use of a one-time password (OTP) in addition to the user’s card details.
In December 2016, the central bank relaxed the OTP requirement for transactions of under Rs 2,000, if a consumer chooses to opt in for such a facility.
If SBI develops biometric authentication enabled by smart devices and weaves it into its apps, it might become one factor of authentication and users who have opted out of the OTP mechanism for smaller-value transactions may need no more than their fingerprint to make a payment.