Biometric authentication is not the most secure method, this is the pinnacle of information security

04/10/2024

The 4th Industrial Revolution is associated with the era of technological breakthroughs in all fields, especially information technology, and more broadly, digital technology. Therefore, the "core" of the 4th Industrial Revolution is Digital Finance with products and services that are more convenient, faster, cheaper, more suitable and personalized for individual needs.

In this context, traditional authentication methods are no longer suitable when the trend of cyber attacks is increasing. In 2023, there were 17,400 cases of online fraud, of which 91% were financial fraud and 60% of victims were scammed via personal phones.

From there, the form of electronic identity verification, customer identification using AI technology based on biometric information, identification documents, etc. eKYC was born to help improve the previous limitations of the traditional process.

In Vietnam, eKYC is increasingly familiar to people when performing online transactions such as authenticating telecommunications subscribers, opening bank accounts, buying insurance, opening securities accounts, biometric authentication when transferring money, etc...

Viettel, one of the major units researching eKYC, has become the first Vietnamese enterprise to achieve the highest ISO certification for anti-fake faces. According to the US National Institute of Standards and Technology (NIST), Viettel AI's facial recognition technology is in the top 4 in the world in the 90-degree face category, top 5 in the face category after 12 years, and top 8 in the face category after 10 years.

At the Workshop on eKYC technology and biometric authentication of Viettel, Mr. Le Dang Ngoc, Deputy Director in charge of Artificial Intelligence Platform, Viettel AI shared that when new technology is born, new forms of fraud will immediately appear. Recently, biometric instruction fraud has begun to appear. However, if using reputable suppliers with certificates, the rate of being scammed is very small.

More importantly, users need to know how to combine many security factors such as username, password, biometrics, digital signature and at the same time apply measures such as not clicking on strange links, not opening unusual emails to avoid information disclosure. Biometrics is just one factor and many other factors need to be combined to protect themselves. In general, multi-factor authentication is required when using a bank account, Mr. Ngoc emphasized.

In addition, Mr. Tran Anh Dung, Deputy Head of Information Technology Department, Viettel Digital, said that many people still think that facial authentication is the most advanced, secure and important. However, this is not the most important factor to protect Viettel customers. For example, when a token is lost, we can recognize and change the token, because the token is like a vehicle card, losing one will be immediately known or being hacked will also be immediately recognized. But when the password is lost, it is very difficult to know, but at least it can still be changed.

Face, fingerprint or iris are factors that cannot be changed, so when lost, it will be extremely dangerous and we do not even know if it has been lost or not. Therefore, Viettel is well aware that facial authentication is not a comprehensive security solution for all problems. Deploying multi-factor authentication is mandatory, and facial authentication or biometrics is just one of the factors used to protect customers, Mr. Dung added.

To avoid being scammed in cyberspace, Mr. Nguyen Dang Khoa, Head of Artificial Intelligence Application Products, Viettel Cybersecurity recommends limiting posting photos of yourself and your family on social networks; you should lock and protect your personal pages on social networking applications. Next, do not log in to strange links, do not provide any content related to personal information or bank account information, and do not provide OTP codes to others. Finally, consider carefully before installing any application on your technology device and learn about the application's privacy policy.

Payment method