IN-DEPTH 22 September 2016
Could biometrics alone revolutionise gaming security?
A combination of new technologies is needed to make gaming easier and safer says David Poole, Business Development Director, myPINpad
By David Poole
What’s top of the wish list for the mobile gaming industry? That's an easy one − getting churn under control. The industry is plagued with high churn rates and is constantly looking for ways to tackle this.
Of course, a proportion of this churn is customers who will only bet on big ticket events such as the Grand National and FA Cup Final, so these can be discounted. But what about the serious gamers; the ones who play regularly but then vanish just as soon as another operator bats their eyelashes and gives them a come hither look with better odds, offers and games?
What keeps customers playing and keeps them coming back? The simple answer is a great experience at every stage of the process, from registration through to deposit, through to playing through and finally, to paying out.
All of these, bar the actually playing stage, can be given undue friction by the KYC and anti-money laundering regulations the industry has to comply with. And this is where the customer journey can, and will, suffer. And an unhappy customer is a customer who is likely to churn to another operator.
The industry is locked in an ongoing debate about how to improve these three critical stages, but the general agreement is that authentication methods have to be made more simple and frictionless without compromising on security.
In the search for new technology to enable this, biometric security is increasingly being touted as the way forward.
Biometrics, using a unique physical characteristic as a means of identification, is nothing new. Fingerprint identification has been used since the 19th century. But now biometric technology is being used increasingly, most notably on mobile devices, to authenticate transactions and actions.
Anyone who owns an iPhone, for example, will be used to using their thumbprint to unlock their phone and authorise iTunes purchases. So it is a process that is growing in familiarity, trust and popularity.
The question, then, is: “Is this fit for purpose to enable authentication for registration, deposit and withdrawal with online gaming operators?” I would argue that the answer is no, not alone.
As experts in authentication and security, we know that no one security method alone is infallible. Single-factor authentication, even with biometrics, will never be enough to give the full level of security needed, especially in a security conscious industry such as online gaming.
Security works best when it is a mix of various authentication techniques. Looking at the iPhone again, if you switch it off, you need to enter your passcode (either a four or six-digit number) when you switch it on again to unlock the phone for the first time. After that, you can use your thumbprint. It is the same with iTunes purchases; first time you make a purchase from the App Store after switching your phone back on, you need to enter your iTunes password.
This mix of something that you have (the phone), something that you are (your thumbprint) and something that you know (passcode and password) helps keep the iPhone safe without compromising the user experience.
So the benefits of adding an extra layer of security, which remains relatively unobtrusive, is clear.
Biometrics have the power to make the critical security aspects of the online gaming experience friction free. But with adding an extra layer of security with passcode or PIN the security, and thus legal compliance, can be made far more robust.
David Poole is an executive with 20 years at the forefront of new technology and payment processes in the UK and USA. Prior to joining the myPINpad team in 2013 David held a managing director position at mPOS technology company, Miura, founded to reshape electronic payments. At Miura David oversaw the commercial success of the company during the three years he held this position