Goodbye passwords, hello prints?
Biometrics — identification through fingerprints, retinal scans, voice recognition and facial recognition — promises to propel payments on mobile devices. In fact, some experts say biometrics holds the key to more widespread adoption of mobile payments.
“Biometric sensors could make passwords and PINs a thing of the past,” says Nish Modi, senior vice president of payment technology company Worldpay.
Mobile payments in general and biometric-enabled mobile payments in particular remain in their infancy. In part, experts say, that’s tied to concerns over identity protection. A March survey of North Americans by 451 Research found that 24 percent thought mobile payments were more secure than traditional credit cards, but 27 percent thought they were less secure.
Worried your financial information may have been compromised? Check your credit report for free at myBankrate.
Still, Norm Merritt, president and CEO of ShopKeep, which offers an iPad-based point-of-sale and payments system for small businesses, says interest in mobile payments has grown since the introduction last year of Apple Pay, which lets you store your debit cards or credit cards to create an electronic wallet.
With certain Apple devices, a person can make a mobile payment through the Apple Pay service at thousands of locations, such as McDonald’s, Whole Foods, Walgreens and even Coca-Cola vending machines. Touching the device’s fingerprint pad authenticates the transaction. In March, Apple rival Samsung announced it would roll out its own fingerprint-based payment system called Samsung Pay. That same month, Google revealed its version: Android Pay.
Although places like McDonald’s and Walgreens have welcomed biometric-based payments, many merchants lack the technology needed to allow such transactions, experts say. On top of that, many consumers own mobile devices that aren’t advanced enough to permit biometric-based mobile payments. Furthermore, 85 percent of iPhone 6 users haven’t even tried Apple Pay, according to a March survey for InfoScout and PYMENTS.com.
The biggest hurdle to consumer adoption of payment methods such as Apple Pay and Samsung Pay could be fears over data security.
“Once we see more and more merchants beginning to accept biometric mobile payments, consumer usage will increase,” Merritt says. “However, while this is a step in the right direction to combat fraud, thieves will adapt their methods to the new technology. They will seek out the weak links, which right now are the independent retailers.”
Using your voice as a password
Logan Lemberger, vice president of development at online money-transfer service WireCash, understands why consumers are concerned about security when making fingerprint- and retina-triggered transactions.
“Those methods, while seemingly novel, are challenging from a security angle,” Lemberger says. “The software on phones and devices simply takes your fingerprint or retina and translates that into a piece of data. That piece of data can be stolen from a device and used for validation just like any other stolen data element. This is at least how more educated crooks operate.”
That’s why WireCash has turned to “voiceprints” to help verify payments. A voiceprint comprises hundreds of mathematical models measuring traits such as tone, cadence and pitch, Lemberger says. “We don’t rely on it solely, though it is another piece of the puzzle,” he says.
Jean- Noel Georges, global director of the digital identification program at research company Frost & Sullivan, says innovative technology such as biometrics is bound to draw criticism and raise doubts.
“Biometrics is a simple way to be identified. There is no need to memorize anything like a PIN to validate the payment,” Georges says. “Personal data is stored on a secured chip by using cryptography, and personal biometric information is not exchanged externally.”
The only drawback? You can’t hand your mobile device to someone else to buy something on your behalf as you would with a debit card or credit card, Georges says.
Terry Hartmann, vice president of applications at information technology giant Unisys, thinks consumers should be confident about the most common biometric payment tool — fingerprint verification — as it ensures no one else can use your phone to make a payment, while pretty much anyone can use your credit card.
“People are warming up to biometrics in response to the value of the perceived increase in security. They feel like it will keep them more safe when they do business,” says Cameron Camp, security researcher at IT security company ESET.
A key tool in fraud protection
What does the future hold for biometric payments?
Modi says he envisions biometric technology being “rapidly incorporated” into the financial sector, with mobile banking apps already beginning to replace traditional wallets, and Visa and MasterCard planning to replace online password systems with biometric verification this year.
Merritt says he foresees biometric authentication being a key component of a “balanced breakfast” menu of anti-fraud technology for mobile payments.
The biometrics concept, Merritt says, is “here to stay. There are just too many potential advantages for the merchant, consumer and (card) issuer. The next two years will be very interesting as the obstacles are identified and dealt with.”