One of the growing trends in payments is the use of biometrics to authenticate the identification of a user. Biometrics is using part of the body – in most cases, a thumbprint or fingerprint, but sometimes eyes or veins in your palm – as identification instead of a password, PIN number or signature. And that’s exactly what makes biometrics attractive as an authenticator – there are no passwords or PINs to remember, no signature that can be duplicated, and nothing that can be left behind because you always have your fingers and eyes with you. Imagine how great it would be to not have to remember passwords or PINs, or to have to sign for transactions, and know that it is all safe and secure. With biometrics, no one can successfully fake your identity, because they physically aren’t you.
Much of the attention in payments over the last year has been on EMV, which has made great strides in transaction security. The non-United States “chip and PIN” version of EMV cards is considered safer and more secure than the US version, because it utilizes a PIN number rather than a signature. Additionally, the European EMV does not have a magstripe on the back – which can still be duplicated – as does the US version. However, both EMV versions are still more secure than traditional magstripe cards, which are easily duplicated and vulnerable to data hacking. Biometrics offers security beyond even what chip and PIN EMV cards can offer, because while passwords and PINs can be hacked, it’s not quite so easy to duplicate a body part.
Some mobile phone manufacturers and payments industry companies have already added biometric technology to their handsets. MasterCard is testing facial recognition for transaction authorization, and it may be ready this fall. China-based Alibaba is researching facial recognition for verification (“selfie pay”), and Samsung is looking for ways to use fingerprint, voice and iris recognition for Samsung Pay. Apple currently allows fingerprint authorization for iTunes purchases and payments with Apple Pay on iPhones and iPads. The research and implementation by payment industry giants such as these, coupled with a report from Juniper Research that states there will be 770 million biometric authentication apps downloaded annually by 2019, it is practically guaranteed biometrics will be coming to smartphones and payment terminals near you sooner than later.
However, as with any new technology, there will be challenges. Consumers will need to be educated on how to utilize biometrics, and companies using biometrics will need to gain the consumers’ trust, as they may be concerned with how their personal information is being used. And while the intention of increased security in payments and safer authentication processes that are more difficult to duplicate, biometrics still haven’t been thoroughly tested on the market. In other words, the potential for hackers to find – and exploit – any weaknesses in the biometrics system is very real.
Biometrics hold great promise in providing increased security, and as more players enter the market, the technology will improve and be joined by more biometric methods. However, because of some lingering issues, including the hacking potential, more investigation needs to be done before biometrics become the preferred method of authentication, meaning you’ll have to remember those passwords and PIN numbers for just a while longer.