Does IBM's 2-Factor have the X Factor for Mobile Banking?

I'm a big fan – and former employee – of Big Blue. So it's always good to see the innovations that continue to emerge out of the IBM Labs. In their latest offering, reported by Finextra last week (https://www.finextra.com/news/fullstory.aspx?newsitemid=25338), IBM has employed NFC technology to deliver a simple customer identification and verification process for mobile banking.

They have done this by using contactless cards and Android 4.0 phones. In effect, mobile phones begin to operate a little like ATMs. The user enters their PIN into the phone and then presents their card to identify themselves. They then present their card again to authenticate. It is a nice way to try and make logging into mobile banking and authenticating transactions easier – and more intuitive. Certainly ease of use is often cited as an important barrier for banks to overcome to ensure their mobile banking services are adopted. The IBM proposal will nicely piggyback on the existing adoption trends for NFC and contactless cards – and by basing it on technologies which already have critical mass, they have ensured the solution is immediately accessible.

The IBM proposal varies from using an ATM in one significant way. In the IBM concept, the customer’s  card has to be presented twice. Whilst it is not a serious usability issue, it is indicative of the clumsiness that many different mobile authentication approaches still include. Similarly, the spread of mobile wallets and NFC should remove the need for users to have cards in the first place – and I doubt any user will want to carry one just to be able to log-in to mobile banking. So whilst the IBM solution is not the ultimate destination for authentication via mobile devices, it is certainly a step in the right direction.

I still believe that biometric solutions in the future will be far more convenient, effective and secure. Rather than carrying cards with us, we will just need our fingers, irises, speech or even smell. In Japan and Turkey, fingerprints are already used to authenticate ATM transactions – I don’t see why mobile phone transactions need to be any more complex. Banks could also introduce lighter, biometric-only authentication for small payments. I’m confident we will start to see this kind of innovation in mobile banking in the not-too-distant future.