For many years now, virtually the entire world has become accustomed to plastic cards – punching in PIN numbers or swiping cards to make withdrawals or payments.
The use of fingerprint readers has followed closely as a useful additional authentication method. But how about walking into a supermarket and paying for your groceries with – of all things -a ‘selfie’ of your face?
Welcome to the era of facial payments. That certainly doesn’t mean your broad smile or good looks – that criteria might erroneously disqualify and aggravate a good number of honest and well-to-do shoppers.
Rather, it’s one of the soon-to-come advances in facial recognition techniques that will enhance the ability of security systems to identify buyers positively.
Jerome Traisnel, in an article published late September in finextra.com, explained in more detail exactly how this works:
1. In order to pay with a selfie, MasterCard requires users firstly to upload a photo which is converted into a binary string using facial recognition authentication technology.
2. To authorize all future payments the user simply snaps a quick selfie, and if it matches with the original upload, the payment is validated.
3. MasterCard has instituted security checks in place to detect suspicious behaviour such as detecting the user’s location and where the purchase is being shipped to. Furthermore, the app requires the user to blink, in order to ensure that it is a live photo of the user, and not a fraudster taking a photo of a photo.
MasterCard has explained that, for now, the new service will only be used in certain contexts where additional authentication is required. However, with a number of companies expressing interest in payment by selfie, including e-commerce giants Alibaba and Amazon – this area appears set to experience a lot of investment and development in the near future.
As recently explained by Conner Forrest for techrepublic.com, Mastercard will debut this new system dubbed ‘Identity Check Mobile’ in partnership with BMO Financial Group. The system will allow mobile users in North America to verify their identity for mobile payments with a selfie or fingerprint in early 2017.
According to a press release announcing the expansion, BMO customers in the US and Canada will have access to the technology sometime in the first half of 2017. The feature was rolled out in 12 European markets the first week of October.
Mastercard and BMO partnered on a soft launch earlier this year, according to the release, and conducted a survey after the initial roll-out. They found that 74% of respondents said biometrics–like fingerprints or selfies–were easier to use than traditional passwords, and 90% said they believed they would use biometrics for online payment security in the future.
By eliminating the need for traditional passwords, and speeding up the mobile payment process, the goal is to increase the conversion rate for online shopping.
“Making the online payment experience near frictionless and more secure is a priority for Mastercard,” Ajay Bhalla, president of enterprise risk and security for Mastercard, said in the press release.
“Moving this technology beyond the pilot phase is a significant milestone in the evolution of payments. Online payments are being revolutionized and now we are making Identity Check Mobile a reality for commercial use in the U.S., Canada, Europe, and soon, the world,” Bhalla concluded.
Mobile payments are booming, and a report from IEEE (the Institute of Electrical and Electronics Engineers) claimed that this payment method could officially kill cash by as early as 2030. Broadening the options for payment verification could speed the adoption rate for mobile payments while, hopefully, adding some extra security.
In March, Google launched its own innovation in the mobile payments space, adding a hands-free option for verification.
A pilot program called Hands Free uses wireless technologies to prove a user is in a store, and they can complete a purchase by giving the cashier their initials. Another version of Hands Free relies on images only, matching a picture taken of the purchaser to a picture in their profile.
Is the success of the Mastercard/BMO initiative, therefore, a foregone conclusion – just awaiting the final rollout in order to reap the full benefits?
Not so fast. According to Justin Lee for biometricupdate.com, it remains to be seen whether the technology will succeed. The challenge, though, is not so much on the side of the technology– it has more to do with how well and quickly end users adapt to it.
Lee quoted John Rakowski, director of technology strategy at AppDynamics who stated that Mastercard Identity Check Mobile’s adoption “will depend greatly on user experience.”
“In order to win over users, MasterCard’s app needs to run invisibly and be ready to anticipate behaviour based on contextual data, such as the tilt of the phone,” Rakowski said.
“The technology will only catch on if customers feel comfortable enough to use the app, it feels intuitive and meets performance expectations. For MasterCard’s tech team, what the customer does before and after the payment is as important as the transaction itself.
For example, if biometric fingerprint technology is used in conjunction with the selfie across a quick succession of bill payments, performance issues might arise.
When an app packs in during the middle of a transaction, the customer is often left in the dark, and won’t know if the payment has gone through, causing more issues than the new feature sets out to solve.”
Despite whatever teething problems may arise, biometric technology still seems poised to be guaranteed its place as the future of payment authentication. Recent indications of this trend are encapsulated by the following notable developments:
– A report from Juniper Research titled “Top 10 disruptive technologies in fintech: 2016” reportedly listed biometrics as the number one technology to transform ecommerce;
– According to Visa’s 2016 study, fingerprint recognition was voted the most favorable biometric authentication method by consumers due to ease of use and security;
– Fiserv’s report found that fingerprints trump passwords in terms of security in the eyes of consumers;
– 41% of consumers stated they would feel secure using a password as an authentication method to confirm their identity when using a mobile app, compared to 62% for fingerprint technology, thus proving that this technology holds huge potential for the payment security market.
Other methods that are being developed including voice, heartbeat and vein recognition technology. Advancements are also being made in relation to behaviour biometrics.
Sensors are already in most smartphones – they include the accelerometer, gyroscope, and of course GPS, which are possible to use in conjunction with other biometric measures to reinforce security.
According to finextra.com, although biometrics are not entirely foolproof and therefore cannot yet be used as a stand-alone authentication, they are still a good match as part of a holistic approach to payment authentication — especially with regards to improving user experience.