Alibaba unveils 'smile-to-pay' tech

Alibaba unveils 'smile-to-pay' tech

Chinese e-commerce giant Alibaba is developing facial recognition technology that enables mobile shoppers to replace their passwords with selfies.

Showing off the technology during a presentation at the Cebit trade fair in Germany, Re/code says that Alibaba chairman Jack Ma told his audience "[Using] online payments to buy things is always a big headache. You forget your password, you worry about security. Today we'll show you a new technology, how in the future people will buy things online."

Ma pulled out his phone and bought a stamp from the Alibaba site, scanning his face with the handset's camera to confirm the purchase before promising that it would arrive at the office of Hannover's mayor within six days.

The technology is being developed by Alibaba's Ant Financial unit for use with the Alipay Wallet and online payment service, although details of when it will be rolled out to users have not been given.

Comments: (4)

A Finextra member
A Finextra member 17 March, 2015, 08:48Be the first to give this comment the thumbs up 0 likes

This is part of the drive towards passwordless experience where Alipababa is one of an illustrious line up of FIDO members engaged in launching new forms of strong authentication. Read more about UAF and U2F protocols that support this at The Passwordless Experience is set to transform the way we pay.

A Finextra member
A Finextra member 17 March, 2015, 09:06Be the first to give this comment the thumbs up 0 likes

It is very impressive to see new way of authentications coming to surface as the technology advances. Biometric or in a broader perspective "something you are" is very cool way of authenticating someone but at the same time compare to other authentication methods: if some reason or some way you loose it (or lets say if it is stolen) - there is no way to reproduce or recreate or change (your face, fingerprint, voice, iris etc). I am not against biometrics, actually support it and believe it would be the future of authentication. However it is wise to careful and wait till the way this technology getting more mature - before distributing your physical elements every where. As there is no return once it is stolen...

A Finextra member
A Finextra member 17 March, 2015, 17:17Be the first to give this comment the thumbs up 0 likes

Hmmmm anyone sees how this could go horribly wrong ? Can app really make difference between a real face and a poster size picture...

A Finextra member
A Finextra member 18 March, 2015, 09:34Be the first to give this comment the thumbs up 0 likes

Any solution using biometric data like fingerprints, facial expressions, iris scanning etc faces the risk of data theft. To mitigate this risk the vendors design solutions where biometric data is stored locally on the phone, in a secure co-processor. To authenticate the user, the mobile app asks the phone's operating system: "Please authenticate the user" and gets a ok/not ok response back. So far, all well. The biometric data is protected and will never leave the secure co-processor.

As far as I know facial reckognition is not a standard phone feature so in this case the Alibaba app would need to protect biometric data both at rest and when the app is using it.. and that's not easy. Also note that nothing restricts the app from sending the data to a central server with all the security and privacy implications that follows.