Blog article
See all stories »

Biometrics: The future of payment authentication?

If you could authenticate online payments with a press of  your finger, a quick selfie or an iris scan instead of using a traditional password, would you?

Advances in payment technology not only have the potential to improve payment security, but also user experience. Biometric measures bypass passwords, which are becoming increasingly complex and are susceptible to being forgotten or stolen. According to a 2016 study by Visa, over two thirds of European consumers want to use biometric identification when making payments. Let's face it, nobody wants to type a password containing at least 10 upper and lower case characters and a special symbol every time they want to authorise a payment! So let's take a  closer look at what biometrics can offer!

Payment at your fingertips!

A report from Juniper Research entitled “Top 10 disruptive technologies in fintech: 2016” listed biometrics as the number one technology to transform ecommerce. According to Visa’s 2016 study, fingerprint recognition was voted the most favorable biometric authentication method by consumers due to ease of use and security. Fiserv’s report found that fingerprints trump passwords in terms of security in the eyes of consumers: 41% of consumers stated they would feel secure using a password as an authentication method to confirm their identity when using a mobile app, compared to 62% for fingerprint technology, thus proving that this technology holds huge potential for the payment security market! For some time now companies such as Apple Pay, Android Pay and  Square Cash, a peer-to-peer payment app, have been using fingerprints to add an extra layer of security to their payment processes for user peace of mind.

Pay with a selfie?

MasterCard has unveiled its plans to simplify the online shopping experience for its card holders with a new feature involving a popular pastime of many: taking a selfie! The company’s programme, called MasterCard Identity Check, enables users to verify purchases using their fingerprint or a photo of their face. In order to pay with a selfie, MasterCard requires users to firstly upload a photo which is converted into a binary string using facial recognition authentication technology. To authorise all future payments the user simply snaps a quick selfie, and if it matches with the original upload, the payment is validated. Some experts have questioned the security of such a method. MasterCard has insisted that it has security checks in place to detect suspicious behaviour such as detecting the user's location and where the purchase is being shipped to. Furthermore, the app requires the user to blink, in order to ensure that it is a live photo of the user, and not a fraudster taking a photo of a photo! MasterCard has explained that the new service will only be used for the moment in certain contexts where additional authentication is required. However, with a  number of companies expressing interest in payment by selfie, including e-commerce giants Alibaba and Amazon - who has reportedly filled a payment for payments via selfie, this area appears set to experience a lot of investment and development in the near future!

What else is out there?

Other methods are being developed including voice, heartbeat and vein recognition technology. Advancements are also being made in relation to behaviour biometrics. Sensors are already in most smartphones like the accelerometer, gyroscope, and of course GPS, which are possible to use in conjunction with other biometric measures to reinforce security.  There are numerous startups working on behavioral sensors, such as Biocatch, AimBrain and Plurilock.

As biometrics develop, so do security concerns. Sensors can be spoofed by duplicates and biometrics are not a binary measurement but are based on the probability of a match, leaving them more vulnerable to error. For the moment biometrics work best when used in association with other authentication methods. Although they cannot yet be used as a stand alone authentication, they are a good match as part of a holistic approach to payment authentication, especially with regards to improving user experience! It is clear that the biometric industry is working hard to innovate and meet consumers demands and whatever your stance on the subject, The Minority Report is looking less and less like a fiction film!



Comments: (2)

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 30 September, 2016, 10:43Be the first to give this comment the thumbs up 0 likes

Biometrics has been the future of payment authentication for the last decade or longer. Hope it moves into the present. But the recent spate of data breaches tells me that it might actually move into the past before that. I shudder to think of the equivalent of "password reset" in the biometric world.

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 30 September, 2016, 17:53Be the first to give this comment the thumbs up 0 likes

Even the government seems to be worried about the biometric equivalent of password resets now!

Bank regulators urged to address security of biometric data

Now hiring