At the Mobile World Congress, MasterCard announced its plan to roll out its “pay-by-selfie” facial recognition program as an alternative to passwords when verifying IDs for online payments. The technology is expected to be pushed this summer to 15 countries including the UK, Netherlands, Belgium, Spain, Italy, France, Germany, Switzerland, Norway, Sweden, and Finland.
To use the new feature, customers will have to download MasterCard’s app to their device. After entering their credit card information during online payment, users have to hold up their device and take a quick selfie to verify the transaction.
The app already has a number of ways to make sure that it isn’t used for fraud. In order to prove that the picture is not just a photograph, the user has to blink. MasterCard also says that its algorithms can determine if someone is trying to trick the system by using a video. MasterCard chief of security solutions Ajay Bhalla, says “Nobody likes being falsely accused of something, but that’s what it feels like when a transaction is falsely declined. As criminals have become smarter, efforts to prevent fraud have resulted in an increase in genuine transactions being declined.”
MasterCard’s move towards using biometrics to verify payments follows a pilot project with Dutch credit card firm International Card Services (ICS), with participants being able to complete online purchases without the need for PIN codes, confirmation codes, and passwords. The use of fingerprint or facial verification allows mobile users—most of whom already have devices with the hardware to do it—a more convenient means to do that. MasterCard says that the pilot has resulted in commercial interest from around the world, and that it projects to launch the technology in the US later this year.
Since the boom of e-commerce, traditional credit cards have been the target of cybercriminals who have found numerous ways—from malware to phishing schemes and skimmers—to take advantage of the weak security behind traditional credit card payment systems. The numerous threats that have plagued credit card payment systems has since led to the development of different payment processing technologies that allow for more convenient and more secure transactions.
In October 2015, the US has implemented a set of rules where the liability for credit card fraud shifts from the card issuers to the merchants unless they upgrade their payment processing systems to those that support EMV chip technology, with PIN-based authentication that can address fraud incidents that involve lost and stolen cards. MasterCard’s new solutions could help pave the way for more secure mobile transactions, with the use of verification methods that are harder to cheat.