Biometric Authentication and Check Verification for Bank ACH Payments

We all know that online and digital banking systems offer unparalleled convenience and speed. However, this convenience comes at a cost. A poor implementation of modern technologies leaves money and data susceptible to online theft and hacks. Studies show that online banking accounted for 33% of U.S. banks’ fraud costs in 2021. Hence, advanced banking systems require equally modern security technologies to protect pertinent data and money. In a previous blog, we discussed fraud detection and prevention for faster payment systems. This blog discusses biometric authentication and check verification for financial institutions and corporates to safeguard their payment processes further.


What is Biometric Authentication?

Biometric authentication technologies, aka biometrics, are technologies that rely on the unique biological characteristics of individuals to verify their identity. In simpler terms, biometrics use a person’s physical features, such as fingerprints, face ID, iris recognition, etc., to recognize them and perform sensitive functions. Examples of biometric authentication technologies:

  • Fingerprint Authentication
  • Voice Recognition
  • Face Recognition
  • Iris Recognition
  • Heart-Rate Sensors

Software providers often develop applications that rely on biometric authentication for banking and payments functions like:

  • Logging into online terminals,
  • Logging into smart devices (smartphones, computers, and laptops),
  • Authorizing payments,
  • eSigning documents,
  • Adding/modifying vendor/customer lists, and more. 

Biometric authentication is often considered safer than the conventional username-password combo because biometrics are infinitely harder to hack and cannot be replicated easily. 

(Back to top)


What is Two-Factor Authentication?

Fingerprint scanning and iris scanning are the most popular methods of biometric authentication. Face recognition has surprisingly gained much traction with the new iPhone Face ID technology. As hackers developed advanced means of creating and replicating synthetic identities that mimic individuals, cybersecurity developers found ways to fortify biometric functions further. 

Today, biometrics are commonly used with username-password combos to enhance the security of sensitive functions. Most hi-tech banking and payment applications require the user to authorize a function twice. Once with a username-password, and a second time with biometrics. Security measures that require the user to authenticate with a username-password combo AND a one-time password, biometric authentication, or an app-based login are known as two-factor authentication (2FA) methods. 

(Back to top)


Who Should Leverage Biometrics?

The first commercially available biometric technologies were available in the late 1960s. However, they were costly, not very accurate, and accessible only to large corporations. We can trace the large-scale commercial adoption of biometrics back to the fifth-generation iPhones launched in 2013. Today, most modern smartphones and laptops deploy some form of face ID or touch ID biometric authentication.

The evolution of mobile and digital banking has made sensitive banking and payment functions available at our fingertips with smartphones. So, ideally, every individual with a smartphone that stores confidential information such as bank details, customer identity details, payment authorizations, etc., should leverage biometrics. Additionally, the following cases should leverage advanced biometric technologies without fail:

  • Banks and Financial Institutions: These organizations often deal with sensitive identity and payment information for thousands of customers. They should use biometric data to limit access and authorize identities to secure applications/terminals.
  • Business Owners: Merchants should use biometric locks for their phones and other payment devices to safeguard money transfers and bill payments. Using secure applications for collecting payments and sending money to vendors helps them avoid cyberattacks from hackers.
  • Corporate Organizations: Large corporates, especially those supporting remote work, should enable biometric and two-factor authentication on all employee devices and application logins. They should also establish a robust network security framework and train their employees on the best security practices.
  • Banking and Payment Applications: More and more banks are developing mobile and digital payment applications for their customers. They should use two-factor authentication for authorizing payments. They should also enable the option to use, but not solely rely on, the native biometric technology on their customer’s devices for a quick-login experience. 

(Back to top)


Top 5 Benefits of Using Biometrics in Banking Security

Harder to Hack

The combination of biometric technologies with conventional username-password security is extremely difficult to hack and misuse.

Excellent Convenience

Banks use technologies such as fingerprint scanning and face ID to tokenize the login information of their customers. With advanced biometrics, customers quickly log in to their banking applications without entering their username-password every time. 

Electronic Signature Verification

eSigning documents with biometric authentication reduces paperwork and increases the security of banking processes.

Faster KYC (Know-Your-Customer) and Onboarding Processes

Banks and other financial institutions streamline new customer onboarding processes with modern biometric-enabled KYC to auto-fill customer details on new loan applications and bank account forms. 

Mobile Banking

Banks offer the convenience of on-the-go mobile banking securely with biometric authentication. 

(Back to top)

How to Get Started with Biometric Technologies for Payments?

  • Step 1: Identify the applications and websites you wish to protect with biometrics. Ideally, these include all applications that deal with sensitive customer data, payment information, or funds management.
  • Step 2: Identify the current stack of biometric technologies at your disposal. If your employees/customers are already using company smartphones, you can use the inbuilt Face ID and fingerprint scanners to enable biometric safety for the desired applications. In other cases, you might want to invest in identity platforms like Okta that help you set up two-factor authentication for your employees. 
  • Step 3: Train employees and customers to use biometrics. Create tutorials or give the necessary one-on-one training to help them use biometrics and two-factor authentication.
  • Step 4: Test and set up security policies to implement them across the entire employee/customer base. A simple security policy like mandatory periodic password change can go a long way in helping improve the security of your systems.
  • Step 5: Partner with cybersecurity and PCI-compliant payment experts to review your security policies and identify potential loopholes. These experts also help you set up the necessary complementary technologies like SMS payments, recurring payments, email invoicing, and IVR payments to help with credit card and ACH transfers.

Now that we have understood the basics of biometric authentication, let’s consider check verification, which is another vital payment security measure for financial institutions and banks.

(Back to top)


What is Check Verification?

Check verification is the practice of verifying the validity of a presented check/draft or the history of the account holder, or both. Check verification technologies essentially verify checks to prevent fake checks and fraudulent transactions before actually processing the check. This technology helps the merchant validate an account, if it is real or not, and also verifies if the said account belongs to the check writer. It curbs the fake check scam for both virtual and paper checks. Here’s a brief on how these technologies work.

  • Step 1: The sending party deposits an eCheck or a paper check for money transfer. 
  • Step 2: The receiving party leverages check verification tools to validate the following data:
    • Invalid Routing Number
    • Invalid Account Number
    • Invalid Check Number
    • Account Blocked
    • Routing Number Correct – No Account Found
    • Bank Account Closed
    • ACH Items Only
    • PBCL Details Values are Variable
    • Recent Stop Payments
    • NSF
    • Recent Returns, or High Debits
    • Non-Reporting Bank
    • Fraud or Stolen Checks Reported
    • Negative Data Found

More advanced check verification tools also use private bad data list checks, client and organization identity check, and negative data check to curb fraud further while receiving and sending money.

  • Step 3: In case of suspected fraud, the receiving party voids the check and asks the sender to present another valid check. The receiving party requests payments via a different method if the sender cannot produce another check. 

Most large financial institutions use check verification systems with complementary bank account verification technologies to process funds seamlessly. Additionally, National Automated Clearing House Association (Nacha) recommends the use of some of the following account validation methods to validate first-use consumer account information:

  • An ACH prenotification
  • ACH micro-transaction verification
  • Commercially available validation service

Nacha has also created a list of Nacha Preferred and Certified Partners that offer account validation services. 

(Back to top)


Which Organizations Should Leverage Check Verification?

Ideally, all members/users of the automated clearing house (ACH) network should use check verification technologies to prevent fraud. The following users benefit the most from such technologies:

  • Banks and Financial Institutions: Large institutions often deal with thousands, if not millions, of paper and eChecks daily. The need for real-time check verification systems to quickly identify fraudulent transactions. 
  • Merchants/Business Owners: Most modern business owners use eChecks or other digital payment methods to move money. However, some of them still rely heavily on paper checks. These organizations should leverage check verification software.  
  • Corporate Organizations: Corporate organizations that collect bill payments and process money transfers and payrolls with checks need these systems to identify their vendors/employees while preventing fraudulent transactions correctly.

Learn more about the essential components of check verification systems.

(Back to top)


Top 4 Benefits of Check Verification Technologies

Boost Check Acceptance

Organizations that deploy check verification tools readily accept checks without the fear of fraud. The best tools have tie-ups with financial institutions to update their negative-data database regularly, which helps with real-time fraud identification and prevention.

Improve Bottom Line Revenues

Merchants that accept payments via various payment methods actively capture a larger market than the ones that accept only credit cards or cash. While paper checks are almost out of fashion, they are still used for several B2B transactions. So, merchants that deal with industries that still heavily rely on check debit and ACH transactions should use these tools.

Prevent Costly Check Returned Fees

Identification of fake checks before processing them is the best way to prevent the costly check returned fees. Real-time identification of a phony check allows the vendors to request a different one or payment via an alternate payment method.

Identify and Prevent Fraud at POS (Point-of-Sale)

Most POS transactions are quick and happen within a few minutes. With real-time check verification, merchants verify checks and request an alternative payment method if needed within seconds. Such a fast service helps them maintain excellent turnaround times without compromising the customer’s payment and shopping experience.

(Back to top)


How to Get Started with Check Verification for Payments?

  • Step 1: It is important to note that Nacha mandates check verification at the account level. Following this practice is necessary to maintain compliance. Merchants who do not adopt these attract penalties, or worse, a complete block from the ACH network. Identify a check verification service provider. While comparing various options, don’t just look at the price. Instead, look for features, the size of the active negative-data database, and a responsive customer support team.
  • Step 2: Identify complementary security technologies. Merchants, especially the large corporations that deal with thousands of transactions daily, need to adopt several security technologies to detect and prevent fraud while adopting faster payment systems.
  • Step 3: Test and set up security features. Large organizations should ideally hire cybersecurity experts and ethical hackers to identify potential loopholes in their payment systems.

Use tools that help you identify the check’s validity and the check writer’s historical status. These tools help you identify repeat offenders before processing their checks. 

(Back to top)


Additional Payment Security Technologies to Consider

While adopting check verification systems, you should also consider the following secure payment technologies to accept online payments safely.

Hosted Payment Portals

The most advanced hosted payment portals help you collect payments online with various payment methods like ACH, debit cards, and credit cards. PCI-compliant hosted payment portals ensure that no sensitive customer banking information stays on your systems after the customer completes the initial transaction. Moreover, the top payment processors design custom payment portals that mimic your website to offer a seamless shopping experience.

iFrame Technologies

PCI-compliant iFrame modifies a small part of your website to collect relevant payment details from your customers. This technology reduces your liability for payment transactions since all payment details go through the payment processor’s secure site.

Tokenization and Encryption

Tokenization and encryption help you offer a seamless shopping experience with one-click payments for recurring customers. Learn more about tokenization and encryption.

(Back to top)


Choosing the Most Secure Payment Partners

You should consider the following factors while choosing a payment processing partner:

  • Technology Stack: The best payment processors offer several complementary payment technologies to enhance the merchant experience. Choose the one that offers technologies like SMS payments, IVR payments, email invoicing, etc.
  • Scalability: Organizations that want to scale rapidly should choose payment processors with the infrastructure and proven success to handle large volume transactions.
  • Uptime: Payment processors that offer near-perfect uptime ensure that your customer’s shopping experience does not take a hit due to technical problems.
  • Customer Support Responsiveness: Payment processors with dedicated support teams can help you set up new technologies and solve any problems quickly.
  • Nacha-Preference: Preferably, you should choose Nacha Preferred Partners to accept and process ACH payments. Here’s why you should always rely on such partners.
  • Customization: The best payment processors offer customization for your payment portals to offer an excellent shopping experience. They also help you with alternative, frictionless payment technologies that reduce cart abandonment issues.

(Back to top)

The best payment processors go the extra mile to offer unparalleled security and customization to their clients. We serve large corporations and small teams with innovative payment solutions to streamline payment acceptance processes. Speak with our relationship managers today to identify the best fit technologies for your industry.

iCG Pay’s innovative solutions help you accelerate payments simply, securely, and reliably.

We help businesses accept and process payments with our suite of next-gen customizable fintech solutions. Our automated technologies help you carry out ACH and credit card transactions on a single easy-to-use platform.