Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

Mythbusting: debunking the common misconceptions around biometric payment cards

David Orme, Senior Vice President at IDEX Biometrics ASA

From mobile phone access to passport control, the use of biometrics is on the rise. Now, with biometric trials taking place across the payment sector, fingerprint authorisation payment cards look set to reach the market tipping point by next year. As these biometric smart cards become a daily fixture in our lives, they will bring many benefits, including extra security, convenience and reliability.

However, despite the benefits it brings, biometric technology in payment cards is still often misunderstood. There remain a number of misconceptions about the future of biometric payment cards that could be a barrier to global adoption.

So, to unravel the fact from biometric fiction, it’s important to outline some of the most common myths and misconceptions surrounding fingerprint biometric smart cards. These reveal the truth and will debunk the misapprehensions of the physical biometric smart card as a product, its transactional processes, infrastructure and support.

The truth behind fingerprint data storage

As a growing number of security breaches continue to hit the headlines, the public have become ever more aware of the need for biometric data security. This concern has led to the common misconception that biometric data for fingerprint payment cards is stored on a central database. But this is not the case.

Instead, upon registration, the owner’s fingerprint image is immediately transformed into an abstract biometric certificate via encryption technology. This is then stored in the secure element of the card’s EMV chip and the owner’s data never leaves the card. In this case, even if the fingerprint data was somehow extracted from the payment card, it cannot be used without the encryption key to unlock the biometric certificate.

Along with security concerns, it is also problematic for card manufacturers to store biometric data in a centralised database. If biometric data was held in a central location, the user would need to visit a secure site in order to register the fingerprint to be matched to the card. Instead, with user data stored on the payment card, the user is able to register their fingerprint at home through a remote enrolment process.

From registration to transaction: the reality

In fact, the at-home enrolment process breaks down friction points associated with biometric fingerprint registration. In order to achieve this, card issuers should supply a single-use, battery-powered enrolment sleeve allowing them to complete the fingerprint registration process, wherever they are.  With a single-use sleeve, the device only works for registration and cannot be used to override the fingerprint stored on the card

While battery power is needed from the enrolment sleeve during registration, outside of this process the payment card works in ‘passive mode’. This means that the level of power required to transmit an authentication signal from the card to the Point-of-Sale (POS) system is drawn from the terminal itself. So, despite the misconception, no battery is needed to power the card itself.

Another common concern, from both consumers and retailers, is the issue of what happens if fingerprint authentication fails during a transaction, say due to damage to the card. Would they be unable to complete their payment?

Well, just as with any digital transaction, there will always be a certain card authentication fail rate that produces false positives or negatives, because of unforeseen circumstances or damage to the card’s antenna or contact chip. However, as the primary function of biometric smart cards is for contactless transactions, a method with fewer physical strains on the card, it is likely there will less issues with card damage and failed transactions.

In addition, while the biometric sensor makes the need for PIN authentication redundant, the PIN will still function. This means the PIN can still be used as a fail-safe in the rare event of a failed authentication attempt, ensuring the consumer can still complete their transaction.

No need for new payment infrastructure

One of the most important biometric myths to debunk is the perceived need for new banking and payment infrastructure in order to use biometric payment cards. Merchants can be reassured that consumer fingerprint smart cards work with existing infrastructure at PoS systems, so there is no issue accessing money.

In addition, these new cards will work with the current contactless ATMs and PoS systems on the high street. This means consumers can use contactless technology in conjunction with fingerprint authentication for secure end-to-end contactless cash withdrawals and in-store transactions, without the need for a PIN.

It’s also not just in-store card-present (CP) transactions that would benefit from fingerprint biometric security. By combining a new dynamic digital CVC display with fingerprint authentication biometric smart cards will generate unique one-time-passwords (OTP) that can be used to secure e-commerce or card-not-present (CNP) transactions as well.

While fingerprint biometric smart cards are primarily thought of as a payment technology, their potential as an authentication goes far beyond payments. As well as contactless transactions, biometric smart cards can also provide authentication for physical and virtual access control, such as to offices and company networks or mass transit ticket systems. When incorporated with biometric fingerprint data, smart cards can also prove valuable to combine government IDs, healthcare access, and payments, all into one single, convenient and secure identity card.

The cost of the card

Finally, while many of the perceptions covered here have proved to be false, one of the most common accurate impressions of biometric cards is that they will cost more than existing bank cards. Given the complexity of technology needed in biometric development these cards will inherently be more expensive than current cards used by consumers. This is also higher due to the current lack of market penetration – which would bring savings from economies of scale in the future.

However, given the level of increased security biometric cards provide, it’s likely that many consumers are willing to pay a modest fee for a more secure bank card. Work is also underway to reduce these product costs further. Advanced technology, such as hot lamination, is currently being developed to aid the capacity for mass production of biometric smart cards, which will help further scale down card price points.

The benefits of biometric payments

Through films such as James Bond and Mission Impossible, we have become used to seeing futuristic images of fingerprint scanners or facial recognition as tools used in extreme circumstances, but not in our everyday lives. This has left us with many misconceptions and skewed ideas about biometric technology. Yet, these sci-fi interpretations don’t offer the full picture of biometric technology. Despite additional production costs, biometric smart cards bring many added benefits to our lives, and could ultimately introduce savings in the long run, by increasing payment card security and reducing the threat of card fraud. When we set out the truth of biometric payment cards products and processes, it’s clear the technology has the potential to bring greater security and convenience to our payment transactions.

As biometric technology evolves, its inclusion in the payment ecosystem will make one of our most everyday experiences — shopping for goods — not only more secure, but also easier and more reliable.