Illustration of woman undergoing authentication using facial recognition technology on a mobile phone; part of Feedzai article on why Vietnamese banks behavioral biometrics.

Financial transactions are increasingly virtual in today’s digital age, making fraud prevention more critical than ever. This is particularly true in Vietnam, a nation experiencing rapid technological advancements and a surge in cyber threats targeting its financial institutions.

Vietnamese banks are correctly using facial recognition for security, but recent events suggest they should improve their efforts. Learn why Vietnamese banks must invest in behavioral biometrics to tackle new fraud threats.

Is Facial Recognition Losing Face?

Decision 2345/2022 of the State Bank of Vietnam (SBV) mandates facial authentication for online and card payments. This technology has proven helpful in many cases, but a new wave of sophisticated fraud exposes its limitations.

Deepfakes, spoofing attacks, replay attacks, and even identity theft are becoming commonplace. The Ministry of Information and Communications in Vietnam has warned about the rise of deepfake scam calls.

Photo of woman in office working on laptop. Copy: Exclusive Insights. Webinar. Unlock Cutting-edge Scam Prevention Strategies in Asia-Pacific

This poses a significant threat to the public and is becoming more prevalent. People should be cautious and vigilant.

There have been significant cyber attacks. Chinese hackers stole facial recognition data. Trojan viruses like GoldDigger and GoldPickaxe attacked Vietnamese banking apps and users, highlighting the need for more robust security measures.

 

Details of New State Bank of Vietnam (SBV) Regulations
Decision 2345/2022 Emphasizes the need for strong security measures in banking operations, particularly focusing on fraud prevention and protecting customer data.
Circular No. 09/2020/TT-NHNN Requires banks to implement measures for risk management in electronic banking transactions.

Behavioral Biometrics: The Missing Piece of the Puzzle

This is where behavioral biometrics enters the picture. This technology uses patterns in user behavior, such as typing speed and swipe patterns, to enhance security. Hackers find it difficult to replicate these patterns. 

Here’s how augmenting facial recognition with behavioral biometrics can transform fraud prevention for Vietnamese banks:

  • Continuous Authentication. Behavioral biometrics regularly confirm the user’s identity during their session instead of just once at login, making it difficult for someone to pretend to be the user.
  • Real-time Anomaly Detection. Behavioral biometrics can detect subtle deviations from a user’s usual patterns, raising red flags for potentially fraudulent activity even before completing a transaction.
  • Enhanced Customer Experience. Unlike intrusive security measures, behavioral biometrics operates in the background, ensuring a seamless user experience while providing robust protection.
  • Regulatory Compliance. Vietnamese banks can enhance their fraud prevention abilities by utilizing behavioral biometrics. This will help them meet SBV’s security standards and adhere to industry best practices. Banks must go beyond mere compliance with regulations.

5 Actionable Steps for Vietnamese Banks to Get Started with Behavioral Biometrics

 

1. Start with High-Risk Use Cases

Don’t try to implement behavioral biometrics everywhere at once. Begin by concentrating on high-risk areas, like new account openings and logins. These are where deepfake, spoofing, and identity theft are most likely to occur. This focused approach will give you faster results and allow you to fine-tune your models before expanding.

2. Prioritize Passive Behavioral Biometrics

Detect fraud by analyzing how users type, move the mouse, and interact with devices without disrupting customers. Banks can use facial recognition to comply with SBV rules. They may also consider using voice recognition and signature verification for added security.

Feature Passive Behavioral Biometrics Non-Passive (or Active) Behavioral Biometrics
Collection Data is gathered silently and continuously in the background as the user interacts with the device or application. The system collects data through specific actions or challenges it initiates.
User Experience No additional actions are required from the user, making it seamless and frictionless. Users must perform a task, which can introduce some friction.
Use Cases Continuous authentication and risk assessment Step-up authentication or high-risk transactions
Examples
  • Keystroke dynamics (typing speed, rhythm, pressure)
  • Mouse movements (speed, acceleration, patterns)
  • Device orientation and motion
  • Scrolling and touchscreen interactions
  • Signature verification (signing on a screen)
  • Voice recognition (speaking a phrase)
  • Behavioral challenge questions (answering questions based on past behavior)
  • One-time passwords generated based on behavioral patterns
Key Differences Passive biometrics operates in the background, analyzing user behavior without explicit user engagement. This approach provides a seamless and frictionless experience. Active biometrics requires explicit user interaction, involving a conscious action to verify user identity. This approach intentionally engages the user, necessitating a deliberate action. While introducing some friction, it is typically minimal.

3. Combine with Existing Solutions

Behavioral biometrics should complement your existing fraud prevention measures, not replace them. Integrate it with facial recognition software and other tools to create a layered defense. This approach will help you reduce false positives and improve overall detection accuracy.

4. Focus on Explainable AI

To address regulatory compliance concerns, choose a behavioral biometrics solution that offers explainable AI. The system can explain why it flagged a behavior as suspicious, making it easier to justify decisions and prevent legal problems.

5. Partner with a Proven Vendor

Collaborate with a reputable vendor with experience in behavioral biometrics. They can help you design and implement a solution to address your specific needs and help you stay compliant with local regulations.

A Call to Action for Vietnamese Banks

Vietnam’s financial services landscape is rapidly evolving. To stay ahead and protect both customers and reputation, embrace a multi-layered security approach. Augmenting facial recognition with behavioral biometrics is not just a technological upgrade; it’s a strategic imperative.

By adopting this powerful combination, Vietnamese banks can build a more resilient defense against the ever-evolving threat of fraud, ensuring a safer and more secure financial ecosystem for everyone. 

The future of banking security is taking shape – embrace the evolution and stay ahead of the curve. It’s not a time to stay still.