Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Top Stories

AUTHENTICATION BY ‘SELFIE’ – WILL MASTERCARD BRING A SMILE TO THE PAYMENTS WORLD? HOW SECURE IS IT AND HOW HAS THE MARKET RESPONDED?

Sascha Breite

Sascha Breite, Head of Future Payments at SIX Payment Services

Sascha Breite

Sascha Breite

An increasing number of companies are working on new procedures that quickly and conveniently prove the identity of users making payments. Sascha Breite, Head Future Payments at the payment specialist SIX Payment Services, gives the idea a reality check and examines other European initiatives.

At the Mobile World Congress in Barcelona, MasterCard announced the launch of a new authentication solution: payment by ‘selfie’. This follows last summer’s announcement when, MasterCard stated that it wanted to make passwords and payment codes superfluous.

The rise of the selfie is unstoppable. MasterCard is now counting on self-portraits for its payment procedures. Cardholders will soon be able to take a selfie at the supermarket cash register instead of entering a password in order to identify themselves as the genuine user.  By the middle of 2016, MasterCard’s German customers should be able to prove their identity and authenticate payments using a ‘selfie’. Following this “Selfie Pay” is said to be launched in Austria in 2017.  Ajay Bhalla, the head of MasterCard’s security department is convinced that the “selfie generation” will welcome and use the new feature.

Blink to beat misuse

For the procedure to work, users must install the MasterCard app “Selfie Pay” on their smartphone, tablet or PC, and save a sample picture of themselves. A unique code is created using the image data. The selfie taken at the point of payment is then transmitted to MasterCard in an encrypted form and compared with the saved code. Alternatively, customers can prove their identity with their fingerprint, according to a BBC report. Once the user is successfully identified, all they need to do is confirm the transaction.

However, cardholders must not forget to blink in the selfie. The software uses this eye movement as a means of ensuring that a fraudster is not just holding up a photo to the camera. MasterCard seems to be aware that this security measure alone is insufficient. Yet to date, the company has only mentioned vaguely other security measures. A spokesman said that the system recognises attempts at fraud because it evaluates other data. However, security researcher Jan Krissler from the technical university of Berlin (TU Berlin) moved a pencil over the eyes of a photo – which a scanner interpreted as blinking and thus the software accepted the payment. There are more extensive means of face identification by way of 3D models which offer significantly better fraud prevention but these are still in the development phase.

Is the payments market moving to a password-free world?

Banks, financial institutions and payment service providers are working to create a world which functions without the need to input passwords. They are counting on unique biometric features, such as customers’ fingerprints or voices, or even the blood flow in their fingertips to authenticate payments. “Consumers hate passwords,” states Bhalla with conviction. Apparently the most-used password is 123456. This is in itself very insecure, but in addition many people also use the same password for multiple purposes. “If they are hacked, the intruder has access to almost all their data,” explains Bhalla.

Payment by ‘selfie’ is only one of a number of authentication initiatives currently being developed. In 2015, at CeBIT, Alibaba boss Jack Ma demonstrated the payment procedure “Smile to Pay“, an app that recognises and authenticates customers based on the shape of their face. Google is currently testing a “Hands Free” app and the UK’s Atom Bank is planning to introduce face scanners. Barclays, a UK-based financial service provider, has developed an authentication procedure that measures the bloodflow in a customer’s finger. Deutsche Bank is also planning to introduce biometric verification processes with a system that recognises whether the accountholder or a third party is holding the mobile phone being used for a payment. Payment transfers are already feasible via fingerprinting at Deutsche Bank.

New EU directive on payment services

MasterCard tested “Selfie Pay” in a pilot program with 500 participants in the United States and the Netherlands in 2015. According to a BBC report, it will be rolled out in 14 countries this summer, including the UK, France and Germany. The launch in Austria is scheduled for 2017. Yet in countries like Germany, where people are concerned about data protection, MasterCard will not find it easy to convince people to make even more of their personal data available.

It is likely that MasterCard will not reveal any details on security until the service is launched. But an EU directive passed in 2015 obliges providers of mobile payment services to use a strict client authentication procedure through “the use of two or more elements categorised as knowledge (something only the user knows), possession (something only the user possesses) and inherence (something the user is).”

Ultimately, the more data companies gather, the more money they can demand for it. The amount of data that MasterCard, Google & others collect depends on customers’ habits – and whether they are prepared to change them.  Time will tell whether users really prefer to constantly make photos of themselves rather than remembering a password. Some people therefore see MasterCard’s “Selfie Pay” app as a marketing stunt rather than a genuinely market changing development.

There is a school of thought that believes that fingerprint checks are simpler to implement and use in practice. It is clear however that MasterCard will attempt to persuade existing and new customers of the benefits of its new payment function. If it   proves popular amongst the selfie generation, it may spread beyond this group to the wider population.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post