Hurrah, the need to remember numerous passwords may soon be over, and our fondness for taking countless selfies will be positively encouraged! (Selfie sticks are still a big no-no, however.)
Following successful trials in the Netherlands, US and Canada, Mastercard launched ‘selfie pay’ in 12 European countries on October 4th. This new payment technology enables online shoppers to authenticate themselves using facial recognition or fingerprints, rather than the now old-fashioned method of pin codes or passwords.
Identity Check Mobile requires users to download an app to their PC, tablet or smartphone, and take a selfie so the system can create a digitised map of their face that is then stored on Mastercard’s servers to be used as a reference point for authentication, similar to those used in biometric passports.
When making an online purchase, credit card details will unfortunately still be needed. But, in the instances where further authentication checks are obligatory, customers will receive a pop-up screen on their mobile phone asking them to authorise payment through a password, scan or photograph.
Users will be asked to look at their phone’s camera or to use their fingerprint sensor rather than to type in a randomised selection of letters or numbers from their password. If facial recognition is chosen, then the user simply looks into the camera while blinking to prove that they are real, and not a photo, in order to stop transactions being held up or declined due to being falsely flagged as fraudulent.
Consumers in the Netherlands embraced the new technology, with 92% rating Mastercard Identity Check as more convenient than passwords, with fingerprint recognition preferred to facial recognition. 83% felt that it was more secure than passwords, and 73% felt it would reduce fraud. Users strongly endorsed the use of biometrics as the way forward, with 77% wanting to continue using them to complete a payment.
Ajay Bhalla, president of enterprise risk and security for Mastercard, asserted in a BBC interview that “consumers hate passwords”. He also added that biometric authentication is more secure as passwords can be hacked, stolen or forgotten. “We know the most commonly used password is 123456, so they are not secure, and people also use the same passwords for multiple sites,” he says. “If one site gets hacked all the places that you use the same password get compromised – they are a big pain.” Note to self; consider changing passwords!
On average, people enter passwords eight times a day, for 10 different online accounts or apps they use regularly, with more than one in five using the same password for everything, while 58% rely on a handful of variations! “We want to identify people for who they are, not what they remember,” Ajay Bhalla declared in an interview with CNN Money.
Security experts have welcomed the move to biometrics for online payments, but have suggested that they are not infallible and can be compromised. However, they are still significantly more effective than current practices.
Mastercard aren’t the only bank to use biometric technology; HSBC launched facial recognition technology for its business customers in September. Atom Bank, the UK’s first mobile only bank, launched a banking app earlier this year that uses both face and voice biometrics at log in. International money transfer digital company Azimo uses a fingerprint biometrics system, and many Japanese bank ATMs have a reader that scans fingerprints to enable cash withdrawal.
Nor are Mastercard the first company to use facial scans. Both Microsoft’s Windows 10 and Google’s Android operating systems allow users to unlock devices by looking at their cameras. Apple Pay, Samsung Pay and Android Pay have already introduced consumers to the concept of using their fingerprints to authorise payments.
The 12 European countries where Selfie Pay will soon be available are the UK, Austria, Belgium, the Czech Republic, Denmark, Finland, Germany, Hungary, the Netherlands, Norway, Spain, and Sweden. The technology will be rolled out across the world in phases next year!