How Aware Helped a Leading Brazilian Bank Stay Ahead of Evolving Attack Vectors Targeting Facial Authentication

While passwords are still the most common authentication method for online banking and mobile financial services applications, they are also highly prone to misuse. Moreover, friction created by the password reset process continues to be a very real pain point for users.

Enter facial authentication which is inherently more secure and effective in preventing fraudsters from setting up fake accounts for money laundering and stealing money from others, with the benefit of improving the user experience.

In recent years, the use of facial biometric authentication has become dramatically more accurate, fast and resilient to environmental and user variables. However, the reality is that banks can still be attacked and subverted if the right technology and support services are not in place. The most common type of attack, often referred to as a “spoof” or presentation attack, can possibly dupe facial authentication systems by presenting a “face artifact” of a legitimate user, which can be readily generated through the easy availability of images and videos of people on social networks.