July 6, 2015
The biometrics system in the payments business is about to get snazzy. While Apple Pay urged its users to fingerprint their purchases, MasterCard is taking a leap forward by asking them to take a picture of themselves, i.e., a face scan or more often called a selfie. Authentication techniques are the key to safer payments, especially in the card-not-present situations as in mobile payments. A verification technique which many banks and companies are currently piloting is Facial Recognition. Facial recognition based authentication is performed by matching a live facial image of a person with the person’s stored image for the transaction to be successful.
In a soon-to-launch test programme this fall, the financial services company will be offering its starter set of 500 consumers a face scanning software that will ascertain their purchases. Users will have to download an app onto their smartphones and choose between the fingerprint recognition software or the facial recognition software. Once the face scan selection is made, a user will have to verify his/her purchase with one quick tap where the smartphone takes a picture and approves the amount spent. The service aims to make identity theft more difficult as the app is reported to be designed with complete accuracy, most pointedly identity verification online, where face-to-face interaction is impossible. If Master Card’s face scan service flies with its users, PIN numbers and passwords will soon be a thing of the past.
Currently, MasterCard lets its customers set the secure code, which asks for a password when shopping online. This limits credit card number thieves and hackers from being able to use a card for online purchases. According to company reports, a secure code was used in 3 billion transactions last year. However, passwords often get forgotten or intercepted and MasterCard has taken the lead from Apple’s iPhone fingerprint scanner to offer a service for the mostly click-happy smartphone user. To get its facial scan service rolling, it has partnered with every smartphone maker, including Apple, BlackBerry, Google, Microsoft and Samsung. It is currently in the process of final discussions with two major banks whose customers will be a part of the pilot.
However, for those who guard their privacy and pictures on their smartphone zealously, the company has said that the facial scan app will not keep an actual picture of the user. The scan will map out the face, convert it into binary functions (1s and 0s) and transmit it over to MasterCard via the Internet. Security researchers of the company stated that the facial recognition happens only when a user stares at the phone and blinks,. This is the best way to prevent a thief from just holding up a picture of a user and fooling the system. The information of the facial scan will be stored in the form of an algorithm on the company’s computer servers.
Though critics are pointing out that storing data on a server may actually be a risky proposition as it is tempting for a hacker, others in the industry have put their faith that the financial services company will take adequate measures to guard its customers’ data. According to company representatives, though MasterCard is only at the testing phase, it might end up keeping facial scans on the device in the long run. Also in the pipeline for MasterCard are experiments with voice recognition (where online transactions can be approved by speaking into a smartphone) and technology in tandem with Canadian firm Nymi that will approve of transactions by recognising a customer’s unique heartbeat.
This move makes a lot of sense for MC, given that a lot of their partners and clients are seeing facial recognition go mainstream. It has to remain ahead of the curve to make sure it remains a large part of the transactions, irrespective of the medium and method. At LTP we see that banks are also seriously considering Multi-Factor Biometrics for Authentication