NEW YORK—Credit unions and other financial services providers, as well as their members and customers, are among the biggest of targets by scammers who are increasingly turning to deepfake photos, videos and audio recordings to fool victims. In response, many security experts say there must be wider adoption of multifactor authentication system using multimodal biometrics, according to a new report.
“While artificial intelligence has spurred the growth of authentication controls, such as anomaly detection and predictive modeling, it also has enabled voice cloning and video deepfakes to become much more convincing,” Bank Info Security said.
Andrew Shikiar, executive director and CEO of FIDO Alliance, told Information Security Media Group that traditional phishing emails and social engineering techniques are more scalable, but deepfakes can have a "massive and disproportionate impact on business.”
A ’Better Bet’
“By examining both physical and behavioral biometric patterns - such as user keystrokes, navigational patterns and fingerprints - experts believe multimodal biometrics can be one of the better bets to detect anomalies and prevent account takeover incidents that use deepfakes,” Bank Info Security stated.
According to the report, behavior is challenging for machines to emulate, and the attempts the BioCatch tool has seen to date are "clumsy and lazy at best at being a human," Seth Ruden, the company's director, told Bank Info Security. But he added those methods ultimately will evolve, meaning those defending themselves from such attacks must evolve, as well.
While no technology can ever offer complete protection, the best thing organizations can do for their employees and clients is minimize risk, Bank Info Security said.
Only ‘Realistic’ Option
Using more than one modality simultaneously is a realistic way to achieve this goal, Melissa Carvalho, vice president of global cybersecurity strategic services at the Royal Bank of Canada, told Bank Info Security. She added that there has been promising research on multimodal biometrics in which all fingers are used, and the user is prompted at random for two or more impressions.
"Finger, palm, vein print, retinal scan and ECG biometrics are not as easy to compromise since that data needs to be captured by the threat actor for them to replay it," she told the publication.
How to Sign Up For the Best Daily News Email in Credit Unions? (It’s Free!)
Every workday CUToday.info delivers the most comprehensive, freshest daily newsletter with the day’s news headlines, including links to the related articles. The Fresh Today newsletter is the most timely, relevant and widely-read source of news and information in the CU community. And it’s free!
If you haven’t yet signed up for the new email solution on which CUToday.info has partnered with ResponseGenius, you can do so here. Signing up requires less than one minute of your time—and it’s free!
Please note that after signing up you may need to go to your Spam/Junk folder and mark the morning headlines email as safe. CUToday.info does not provide its list of readers and emails to outside parties,
And did we mention it’s free?