With the recent Equifax Inc. security breach raising the specter of widespread identity fraud, financial technology companies have developed new tools to improve banks' security capabilities.

Throughout PayThink, a conference hosted by SourceMedia this week on payments technology, bankers and fintech executives talked about the difficulties presented by the hack, which could impact up to 143 million Americans. With the flood of personal data available to fraudsters, banks need to ensure they have a robust security approach. Conference attendees repeatedly emphasized the need for layered security, which can authenticate users on multiple factors so that scammers cannot exploit a single vulnerability.

"The biggest problem with the Equifax breach is not the immediate impact. It's the potential down the line to create synthetic identities," said Jason Kontos, a sales director for Vasco Data Security.

Somewhat counteracting the increased risk from the Equifax breach is an array of security tools. Panelists talked about the potential to use biometrics to authenticate users, pointing to widespread adoption of thumbprint identification on smartphones; Apple recently announced its new iPhone will have face recognition ability, a technology already available on some Android phones. Pablo Cohen, senior vice president for Mastercard Inc., said there is also technology that can use consumers' heartbeats to positively identify users.

Some fintech companies are advertising machine learning tools as potentially revolutionary. Deepak Dutt, CEO of Zighra, attracted interest with his company's promise to use artificial intelligence to improve user authentication. Zighra's code creates a unique profile based on how each customer uses a phone, including the angle the phone is held while typing or browsing as well as the method of typing, such as whether users usually use thumbs or fingers to peck out text messages. Those elements, combined with more traditional red flags such as geolocation or unusual activity, can be used to pre-emptively shut down a financial account if a fraudster has taken control of a person's phone.

"We're bringing in a variety of data to create a holistic image of the user," Dutt said.

Conference attendees were somewhat skeptical of the technological promise. One of the more significant concerns were whether the technology would increase the rate of false declines, locking out the right customer because of a slight variation in phone usage. Dutt said the technology actually reduced the rate of false declines and would rely on multiple factors, not just a different angle of the phone during a text, to lock a customer's account.

Those concerns highlighted the tightrope that financial institutions walk when tackling cybersecurity issues. Throughout the PayThink conference, there was almost as much talk of preventing false declines as there was of improving security. When a payment is falsely declined, 39% of users abandon the card involved and 54% of declined cardholders reduced or stopped shopping with the merchant involved, according to research from Javelin Strategy & Research.

There was also talk at the conference of the limitations of security measures and that the Equifax breach might not be as troublesome as headlines suggest. David Pollino, deputy chief security officer for Bank of the West, said the vast majority of the information involved in the Equifax breach were already available to criminals either via legal commercial websites or illegally on the dark web.

"Is it a game changer that this information is out there? No, it's already out there," Pollino said. "Does it make it cheaper for fraudsters to buy? Maybe."

Further, there could be a paradoxical effect from the Equifax breach. Mark Hargrave, a partner with Stinson Leonard Street LLP, said the news about the breach will encourage corporations to adopt newer, stronger security measures, and prompt individuals to pay more attention to their credit reports. At the same time, fraudsters will continue to find new ways to circumvent the new tools.

Even some of the newest biometric technologies can raise fresh concerns. There is constant concern that fraudsters can "spoof" any security measure. For example, it is relatively simple for a criminal to send text messages that appear to be authentically from a bank. Some conference attendees raised the concern that biometrics, even consumers' faces, could be spoofed.

"It's a constant arms race and never-ending game of cat and mouse," Hargrave said.