譯/李京倫
The banking password may be about to expire — forever.
Some of the nation's largest banks, acknowledging that traditional passwords are either too cumbersome or no longer secure, are increasingly using fingerprints, facial scans and other types of biometrics to safeguard accounts.
銀行密碼可能要永遠絕跡了。
美國一些大銀行體認到傳統密碼不是太複雜就是不再安全,日益改採指紋、臉部掃描等生物辨識科技以確保帳戶安全。
Millions of customers at Bank of America, JPMorgan Chase and Wells Fargo routinely use fingerprints to log into their bank accounts through their mobile phones. This feature, which some of the largest banks have introduced in the last few months, is enabling a huge share of American banking customers to verify their identities with biometrics. And millions more are expected to opt in as more phones incorporate fingerprint scans.
Other uses of biometrics are also coming online. Wells Fargo lets some customers scan their eyes with their mobile phones to log into corporate accounts and wire millions of dollars. Citigroup can help verify 800,000 of its credit card customers by their voices. USAA, which provides insurance and banking services to members of the military and their families, identifies some of its customers through their facial contours.
美國銀行、摩根大通與富國銀行數百萬客戶慣常在手機上用指紋登入銀行帳戶。美國一些最大的銀行最近數月推出這個新功能,讓為數甚多的銀行客戶得以用生物特徵證明身分。隨著愈來愈多手機配備指紋掃描功能,預計還會有數百萬人加入這個行列。
其他運用生物辨識科技的方法也開始上場。富國銀行讓一些客戶用手機掃描自己的眼睛,以登入企業帳戶並電匯數百萬美元。花旗集團能藉由嗓音驗證80萬信用卡客戶的身分。聯合服務汽車協會為美國軍人及其眷屬提供保險與銀行服務,能透過臉部輪廓辨識某些客戶。
Some of the moves reflect concern that so many hundreds of millions of email addresses, phone numbers, Social Security numbers and other personal identifiers have fallen into the hands of criminals, rendering those identifiers increasingly ineffective at protecting accounts. And while thieves could eventually find ways to steal biometric data, banks are convinced they offer more protection.
"We believe the password is dying," said Tom Shaw, vice president for enterprise financial crimes management at USAA, which is based in San Antonio. "We realized we have to get away from personal identification information because of the growing number of data breaches."
這些舉動多少反映了一種憂慮,就是已經有那麼多億筆的電子郵件、手機號碼、社會安全碼等個人身分識別資料落入罪犯手中,讓這些個資保護帳戶的功效愈來愈小。雖然竊賊最終仍有可能找到偷取生物特徵資料的方法,但銀行都自認已提供更多保障。
聯合服務汽車協會主管企業金融犯罪管理的副總裁蕭歐說:「我們認為密碼正在沒落。由於資料外洩案例愈來愈多,我們體認到必須捨棄個人身分識別資料。」協會總部在德州聖安東尼奧市。
Long regarded as the stuff of science fiction, biometrics have been tested by big banks for decades, but have only recently become sufficiently accurate and cost effective to use in a big way. It has taken a great deal of trial and error: With many of the early prototypes, a facial scan could be foiled by bad lighting, and voice recognition could be scuttled by background noise or laryngitis.
Before smartphones became ubiquitous, there was an even bigger obstacle: To capture a finger image or scan an eyeball, a bank would have to pay to distribute the necessary technology to tens of millions of customers. A few tried, but their efforts were costly and short-lived.
生物識別科技向來被認為是科幻小說的玩意,大銀行已測試數十年,但直到最近才變得夠精準,且成本夠低、效益夠高而能大規模應用。這種科技的發展歷經大量嘗試錯誤的過程:許多早期的臉部掃描原型機可能會因照明欠佳而無法辨識,聲紋辨識機可能會因背景雜訊或辨識對象喉嚨發炎而辨識失敗。
在智慧手機變得十分普及之前,發展生物辨識科技更大的困難是:為了取得手指影像或掃描眼球,銀行必須花錢,才可讓幾千萬客戶能夠使用這種必備的科技。有幾家銀行試過,卻在投入鉅資之後短命收場。