QĐ/2345 Face Authen

Overview

Effective from July 1st, all banking apps are mandated to implement additional authentication measures (2345/QĐ-NHNN). Specifically, for high-value transactions, the collection and verification of users' facial biometrics against the Ministry of Public Security's database is mandatory to ensure security and prevent fraudulent activities.

Unlike other banks where the mandatory collection and verification during transactions can be abrupt and cause inconvenience for users, OCB's facial authentication provides detailed guidance and a user-friendly interface. This allows users to easily collect and verify their facial data through various methods.

My Contribution

UX Research
Clear business with PO
Concepts & Designing UI
Hand-off UI for Dev

Business requirement

One of the notable points of 2345/QĐ-NHNN is the requirement for banks to apply additional authentication measures for high-value transactions. Specifically, customers will have to perform facial authentication when:

  • Logging into the digital banking application for the first time on a new device.

  • Making online transactions with a value of over 10 million VND per transaction.

  • The total accumulated transaction value in a day exceeds 20 million VND.

Prior to this, users must have their facial biometrics collected while ensuring the confidentiality of customer information for convenient transactions.

The challenge

A. Concerns about new technology and regulations

  • Lack of awareness of regulations: Many users may not be aware of or fully understand Decision 2345, leading to concerns about the collection and storage of biometric data, especially facial data, which is sensitive personal information.

  • Complex procedures: Having to perform an additional facial authentication step can interrupt the user experience, especially when they are in a hurry or making transactions on unfamiliar devices.

B. Difficulties in the authentication process

  • Image quality: The quality of the phone camera, lighting conditions, or shooting angle can affect the facial recognition process, leading to unsuccessful authentication.

  • Changes in appearance: Users may have difficulty authenticating if their appearance has changed significantly from the time they previously registered their face (e.g., growing a beard, hair, wearing heavy makeup...).

  • Technical errors: Facial authentication systems can experience errors, causing delays and inconvenience for users.

All of these difficulties can lead to a disrupted user experience during transactions.

UX solution

A. Encouraging users to collect facial biometrics

Actively encourage users to collect facial data through in-app and out-of-app notification channels, as well as display information using callouts on the interface. This approach helps users better understand the regulations, while proactively registering their faces, reducing anxiety and avoiding interruptions during transactions.

B. Improving the experience of collecting and authenticating faces

  1. Collecting facial biometrics

    • Provide clear information: Clearly explain to users the purpose, process, and benefits of collecting facial biometric data.

    • Simplify the authentication process: Coordinate with Trustingsocial to design a simple, easy-to-use facial authentication process that supports a variety of devices and lighting conditions and the latest anti-deepfake technology.

    • User support: Provide timely technical support to users in case of failure or system error.

  1. Xác thực khuôn mặt

Sau khi đã thu thập khuôn mặt nếu người dùng thực hiện giao dịch với số tiền lớn hoặc đăng nhập trên thiết bị mới OCB cần:

  • Cung cấp thông tin rõ ràng: Nếu người dùng đã thu thập khuôn mặt trước đó rồi để tránh bất ngờ, cần giải thích và nhắc lại rõ ràng cho người dùng về mục đích, và lợi ích của việc thu thập dữ liệu sinh trắc học khuôn mặt (có thể nhắc một lần).

Have a good trip 😉