UK Banks Introducing Touch ID Access to iPhone Apps

Two banks based out of the United Kingdom - Royal Bank of Scotland and NatWest - yesterday announced incoming support of Touch ID in their iOS-based apps, allowing customers to gain access to their accounts without needing to input a user name and password (via BBC News).

Customers of each bank will need to activate the Touch ID feature with their existing security information within each respective app before being able to gain access to their banking statements via their finger. After three failed Touch ID login attempts, each bank said the app will revert to the traditional user name/password protected log-in request before needing to re-establish the Touch-ID features.

RBS-logo
BBC reported that a few "security experts" voiced concern over the new fingerprint security feature given reports of specialized fake fingerprint hacks. Speaking to BBC, Ben Schlabs, of SRLabs, a German hacking think tank, said, "The security implications are the same, it is just as dangerous... I think it has been shown that it is pretty easy to spoof it and the risks aren't fully understood." There have, however, been no reports of such hacks being successfully used for malicious purposes.

With the recent surge of online and app-based banking solutions, both RBS and NatWest are confident the new feature will continue to offer their customers the level of security and accessibility they expect from the banks.
Stuart Haire, managing director, RBS and NatWest Direct Bank, said: "There has been a revolution in banking, as more and more of our customers are using digital technology to bank with us.

"Adding TouchID to our mobile banking app makes it even easier and more convenient for customers to manage their finances on the move and directly responds to their requests."
Both RBS and NatWest are owned by the same parent company, Royal Bank of Scotland Group, so many of the same features and options will be similar between each app. Each bank also promised that existing processes that required additional verification of identity, like money transfers, will continue to do so even if users choose to opt-in for the Touch ID features.



Top Rated Comments

(View all)
Avatar
58 months ago
Quite frankly I'd rather see ApplePay introduced in the UK, that would be much more useful!
Rating: 12 Votes
Avatar
58 months ago

and you don't want your partner who's planning on leaving you using your finger whilst you sleep thanks to the heavy night of drinking she seduced you into and unlocking your iPhone and transferring funds to her account. Hey you must have done it right as its your finger haha

no thanks I'll still use a pin code

and if you still have to use a pincode to do stuff like transfer and get cash in the app then they've just made an extra step for you by making you reach down to use touch ID first.


The partner could just use the pin code as easily.. Because in a trusting, non-paranoid relationship, chances are both partners already know each other's pin codes for bank cards
Rating: 3 Votes
Avatar
58 months ago
Same with Postbank in Germany. Saw a commercial for it while watching Fifty Shades of Crap at the movies last night
Rating: 2 Votes
Avatar
58 months ago

Quite frankly I'd rather see ApplePay introduced in the UK, that would be much more useful!


Both useful. One is up to the bank. One is up to Apple. We'll get it, hopefully in a few months along with the other Summer announcements.

Good to see Touch ID adoption spreading too though, extremely useful in it's own little way.
Rating: 2 Votes
Avatar
58 months ago
Fingerprint Security is an Option. But Compared to PIN

Getting a viable fingerprint along with a users phone is not easy.

I respect the German hacking groups efforts but I think I could get a PIN with 100 times less difficulty. If I have to do a high resolution image of a finger, held just right, why couldn't I just SloMo Video the entering of a PIN.

The fingerprint is not stored in the cloud it is stored in the secure element on the phone. So it can't be mass harvested.

Compared to a PIN. I'll take the fingerprint anytime. For Apple Pay you can choose to use PIN only and your PINs can be longer than 4 digits.

Yes you can lift a fingerprint from a glass but you're talking a very targeted and dedicated crime and you still have to steal the phone. Are criminals going to find that worth the effort.

PINs are notoriously insecure, how many of them are anniversary or child or parents birthdays or street address of last four of SSN or telephone number. A bunch.

In the US even our Chip and PIN cards are not requiring a PIN at the one place I have been able to use it Walmart.

So I think the English banks use of FingerPrint tech like AliPay's last year is a big step in greater authentication.
Rating: 2 Votes
Avatar
58 months ago
Some good news from UK banks :) Now for them to work on Apple Pay, I'm more interested in that, it does not take long to put in a pin number for an app you only use occasionally .

----------

Tweeted Barclays about this and they didn't rule it out and are looking into it. Hopefully it won't be too long.


I'm with Barcalys, and I swear its a Stockholm syndrome relationship.....
Rating: 2 Votes
Avatar
58 months ago
My Australian bank offered it last September.
Rating: 1 Votes
Avatar
58 months ago

Supposedly you have to use a pin to do anything anyway unless you just want to view balances.

In public I spin around in a circle when entering my pin so any camera or person trying to get it won't. The only time I use the app in public is to get cash and I usually get the code before I leave the house.


I know you do that for security.

And I'm not saying you're wrong to.

But it's... just amusing to think of someone just spinning randomly in public.
Rating: 1 Votes
Avatar
58 months ago
I'm with RBS, was prompted to enable Touch ID today. Enabled it. You use it only to access your own account(s) and transfer payments. To set up new payments or one offs you still need to access digital banking from a desktop OS and need the card, the security card reader thing, and obviously all your login details. I couldn't set up a new payment to a new person on my phones banking app if I had a gun to my head. So it's secure enough for me
Rating: 1 Votes
Avatar
58 months ago

I know you do that for security.

And I'm not saying you're wrong to.

But it's... just amusing to think of someone just spinning randomly in public.


:) I know. Luckily I don't do it often ;) but if you see me come say hi haha
Rating: 1 Votes
[ Read All Comments ]