A new line of defence for your data

Mastercard users will soon be able to verify their identity using fingerprint scans or facial recognition when they shop online. Ruth Jackson looks how biometric security could soon become the norm.


The chances of cracking this code are tiny
(Image credit: This content is subject to copyright.)

Mastercard has announced that by April next year all its users will be able to verify their identity using fingerprint scans or facial recognition when they shop online. But it's not just Mastercard that's jumping on the biometric-security bandwagon.

High-street banks HSBC, Halifax, Barclays and Nationwide all now allow customers to log into their internet banking using fingerprint scans on their smartphones. Meanwhile, TSB has introduced iris recognition to its mobile banking, and Barclays offers iPhone users the option of paying people via Siri (the phone's "personal assistant"), thanks to voice-recognition technology.

The upsurge in using biometrics for identification comes as a new EU law requires online payments, or telephone payments, to be verified using two out of three factors: "knowledge" (for example, a pin or a password), "possession" (such as a card or your phone), and something unique to the customer (such as a fingerprint).

Subscribe to MoneyWeek

Subscribe to MoneyWeek today and get your first six magazine issues absolutely FREE

Get 6 issues free

Sign up to Money Morning

Don't miss the latest investment and personal finances news, market analysis, plus money-saving tips with our free twice-daily newsletter

Don't miss the latest investment and personal finances news, market analysis, plus money-saving tips with our free twice-daily newsletter

Sign up

But it's understandable to have questions about how secure biometrics are. Thankfully, fingerprint-ID or facial-recognition systems are very difficult to hack, so long as the technology is up to scratch. Moreover, the banks don't store your biometric details anywhere; instead, they are kept on your phone, so hackers can't access a database of biometric information. Essentially, this means there is very little chance of your biometric data being stolen.

When Apple first launched Touch ID, it said the chances of someone cracking your fingerprint security were one in 50,000. Meanwhile, Face ID's chances of being compromised are around one in a million, as it is a 3D scan of your face. But as with most new technology, there have been cases of people besting it. Last year German criminals managed to get around the Samsung Galaxy S8's iris scanner by using a picture of the device owners' eye and a contact lens. HSBC's voice recognition was also compromised when the twin brother of a customer managed to fool the security system with his similar voice.

Although these stories are worrying, the key point about biometric security is that it works as part of a wider defence system. As EU law now dictates, it has to be used alongside at least one other security system. Just make sure that you are taking advantage of all security measures offered, and guard your data closely.

Investors stuck on a sinking platform

Barclays' new stockbroking platform, Smart Investor, has failed to live up to its name. Ever since its launch last year there have been reports of people being locked out of their accounts and left unable to trade.

Six months on, unhappy customers are reportedly still struggling to leave the platform and move their investments elsewhere. Some people are finding themselves locked out of their accounts for up to three months owing to processing problems.

Rival stockbroking platform Hargreaves Lansdown has said that a third of all transfers to it from Barclays are taking three months or longer, with customers unable to deal online or see their accounts during that time. Meanwhile, IG has said transferring to its platform is taking an average oftwo months.

Barclays customers who have stuck with the new platform are also still experiencing problems. Last month there was a two-week delay in payment of a Shell dividend, and then the wrong amount was paid out to some accounts. To try and make amends for the problems Barclays didn't charge fees from August to November, but now some customers are demanding compensation for losses they've incurred due to the chaos.

Pocket money Lloyds bans customers from buying bitcoin

The UK financial regulator is advising the 1.6 million customers with interest-only mortgages to contact their lender as a matter of urgency to avoid losing their homes, says Aime Williams in the Financial Times. Around 20% of all mortgage borrowers have interest-only mortgages, which means that when their loan expires they must repay all of the capital as a lump sum or risk having the lender force a sale of their property.

A 2013 study by the Financial Conduct Authority (FCA) found that around a fifth of borrowers did not understand the terms of their loan, or weren't sure if they understood them or not. The FCA is particularly concerned about those who took out large loans just before the financial crisis, adds The Daily Telegraph. With house prices falling in some parts of the UK, some people could find themselves in negative equity. Interest rates are likely to "bounce back" too. Switching to a repayment mortgage today will bump up monthly payments, but could significantly reduce costs and stress over a 25-year mortgage term.

Around 1.8 million people who "overpaid" for power of attorney (POA) arrangements between April 2013 and March 2017 are entitled to a refund, says Lucy Warwick-Ching in the Financial Times. A sharp increase in registrations has meant that the Ministry of Justice, which was supposed to charge only enough to cover costs, has now amassed an estimated £89m surplus.

The amount owed depends on when the POA was registered, but the maximum refund, if the fee was paid between April and September 2013, is £54 per POA. To apply, visit Gov.uk/power-of-attorney-refund.

Lloyds has become the first British bank to ban customers from buying bitcoin after its value halved in two months, says Alex Matthews on ThisIsMoney.co.uk. The company's decision to prevent its nine million credit-card customers from using their cards to buy the cryptocurrency came amid fears that it "could be left footing the bill for unpaid debts". In the US, JPMorgan, Bank of America Merrill Lynch and Citigroup have already banned bitcoin purchases, and "a growing regulatory backlash" has seen investors "scrambling to sell".

Ruth Jackson-Kirby

Ruth Jackson-Kirby is a freelance personal finance journalist with 17 years’ experience, writing about everything from savings and credit cards to pensions, property and pet insurance. 

Ruth started her career at MoneyWeek after graduating with an MA from the University of St Andrews, and she continues to contribute regular articles to our personal finance section. After leaving MoneyWeek she went on to become deputy editor of Moneywise before becoming a freelance journalist.

Ruth writes regularly for national publications including The Sunday Times, The Times, The Mail on Sunday and Good Housekeeping among many other titles both online and offline.