Which? uses cookies to improve our sites and by continuing you agree to our cookies policy.

‘Biometric’ banking: how to log into your bank account with your eyes

TSB's new eye tech means you can send money virtually ‘hands free’

TSB bank will roll out new ‘biometric’ technology to its online banking customers this month, which will enable you to log in to your bank account just by looking at your smartphone’s camera. 

Formed as part of the upgrade to its online banking app, customers who have a high-end Samsung S8 or phablet style S8+ smartphones will be able to use this new iris-scanning technology.

According to TSB, it uses ‘Samsung Pass’ technology, which encrypts and secures the data on your phone, and will remove the need for memorable information, passwords and other IDs. The bank say that iris scanning is over six times more secure than using a fingerprint sensor.

TSB, which was spun-off from Lloyds Banking Group in 2013, is the first European bank to offer this to customers.


Are biometrics 100% safe?

Chaos Computer Club is a German-based group of 5,500 hackers who have ‘ethically hacked’ into banks, government and other services with the intention of improving security and privacy for consumers since their formation in the early 80’s.

In May this year it claimed to have breached Samsung’s iris scanner by taking a photo in night mode; applying a contact lens over an eye and printing out the image.

It’s not clear how far a criminal would go in their pursuit of somebody’s online banking details.

A TSB spokesperson said: ‘Regardless of how people log in, we continue to use a multi-layered approach to security. We look at customer, device and transaction behaviour to help make sure our customers’ accounts are secure.’

Not the end of Pin codes

Earlier this year, Lloyds Banking Group announced a partnership with Microsoft to allow customers to log into their accounts using facial recognition, while Santander has launched voice recognition technology.

Voice and video ID is also used by challenger and online banks such as Atom, Monzo and Starling. Find out more these new banks in our challenger and mobile banks guide.

Andrew Laughlin, investigative tech journalist at Which?, said: ‘Biometrics are likely to be the de facto security measure in the coming years, but the issue now is that solutions such as fingerprint and iris scanners are spotty in terms of effectiveness and so usually require a ‘traditional’ back up measure such as a PIN code.

‘So, while biometrics can in theory add extra security, the technology has a way to go yet before it’s the complete solution.’

If you’re unable to access your bank due to an eye condition, there are other authentication measures available, such as a fingerprint scanner.

Common conditions such as dry eyes don’t typically affect the iris – the coloured part of your eye – but if you’ve been drinking enough alcohol to affect your pupil dilatation, you may struggle to log into your app.

Eye scanning tech is nothing new and has been used at British airports since 2006 to speed up passport and immigration checks.

It appears that this has encouraged the public to be more open to biometrics.

According to a study by Mastercard and Oxford University, 93% of people prefer biometrics – such as a fingerprint, an iris scan or a selfie– to log in to their bank online.

TSB’s announcement will see the bank to begin to move away from Lloyds Banking Group legacy IT systems. But the use of biomtrics will only be available to a small number of customers who use the latest Samsung phone.

Barclays: paying a pal using Apple’s Siri

Meanwhile, Barclays have integrated the Apple personal assistant Siri into its mobile app to give customers the option of paying a contact by voice.

To make a payment, you just say, for example, ‘Pay Adam £20 with Barclays’ into the phone’s microphone and then place your finger over Apple’s Touch ID circular pad to authorise the payment. This can be done without logging into the Barclays app.

If you say ‘Pay Sam £30’ and you have two or more Sams in your address book, Siri will bring up the results on the screen (shown below). To select the right one you either tap the contact you want to send money to on the screen, or read out the relevant mobile number, account number or sort code and the persons name.

To use the Siri feature with Barclays mobile banking you need to have a iPhone 5s or a later version, as well as iOS 10/11.

There were 30 transactions a second on banking apps in the UK in 2016, according to a report from the British Bankers Association. 19.6m people regularly used their banking apps in 2016, up 11% on the previous year.

Back to top