Forum: Is Face ID on banking apps too convenient to be secure?
Sign up now: Get ST's newsletters delivered to your inbox
Recent scam cases involving deepfakes have raised an uncomfortable question: When a banking transaction can be approved simply by face identification – without typing a password or one-time PIN – are we mistaking identity verification for informed consent?
While Face ID is technically secure, its seamless integration into mobile banking may unintentionally turn it into an automatic “approve” button, especially when transactions are triggered via external links.
For seniors with limited digital understanding, the distinction between logging in and authorising a transaction is often unclear.
The phone opens the banking app, the face is scanned, and money moves out, all within seconds.
This raises a broader issue: Should banking systems rely so heavily on frictionless biometric approval when friction itself may be a safety feature?
Desktop banking, which requires deliberate steps and device-based authentication, arguably offers clearer intent and better protection for vulnerable users.
As banks accelerate towards convenience and speed, are we adequately accounting for human behaviour – particularly among seniors – or are we designing systems that assume a level of digital awareness that not all users possess?
Perhaps the question is not whether Face ID is secure, but whether it is being trusted beyond what users truly understand.
Jimmy Chew
