ANNA introduces biometric checks to combat account fraud

British neo-bank ANNA has introduced new biometric re-authentication measures aimed at preventing unauthorised access to business accounts.

ANNA, which supports more than 100,000 UK small and medium-sized enterprises with its business and tax application, is among the first financial institutions in the UK to implement biometric 're-authentication' procedures. These measures are designed to stop individuals from using accounts they may have accessed illegally.

If an ANNA account is accessed on a mobile device not originally associated with it, a biometric re-authentication is triggered, typically requiring the user to take a selfie. If the facial recognition does not match the original account owner's face, the account is immediately suspended. This is part of ANNA's broader effort to bolster security.

To enhance security measures further, ANNA has introduced ongoing random biometric authentication checks that also necessitate a customer selfie. These measures aim to block fraudulent access, whether through phone theft, scams, or laundering money through 'mule' accounts. According to ANNA, these steps are implemented without adding friction for genuine customers.

Leven Li, ANNA's Chief Compliance Officer, stated, "ANNA was one of the first in the industry to start pushing these changes live and we continue to make updates and improvements. Our random biometric re-authentication programme went live this week and we expect that other financial institutions will likely follow our lead."

Li further commented, "While these measures are mainly aimed at detecting accounts accessed and misused by criminals who have not been through our Know Your Customer process, there's no friction at all for our regular customers. It's just a quick selfie - which we are all used to doing - and it's keeping our customers and their accounts much safer from day-to-day threats, like fraudsters trying to scam their way in or phone snatchers who try to access accounts by bypassing security protections."

The implementation of these new security measures aligns with the Payment Systems Regulator's recent rules aimed at reimbursing Authorised Push Payment (APP) fraud. The rules mandate that payment service providers, including ANNA, must reimburse eligible claims from customers impacted by APP fraud up to a specified limit.

Under the new regulations, service providers are allowed to impose a £100 excess on claims and may share the reimbursement costs equally between the sending and receiving payment service providers. Additional protections must also be put in place for vulnerable customers.

ANNA has also emphasised its current systems, which ensure that potential customers are correctly identified using national databases like CIFAs. The systems are in place to protect customers from potential fraudsters, as only UK residents and UK businesses are eligible to open ANNA accounts.

In addressing the growing issue of fraud, especially concerning the creation and use of 'mule accounts', ANNA remains dedicated to keeping ahead of fraudulent tactics by continuously enhancing its security measures.