An experimental project by MasterCard is reviewing how facial scans taken with mobile devices could be used for online purchase authorizations.
CNNMoney reported that MasterCard is looking at using facial recognition and fingerprints as more secure and simpler ways of authorizing consumer purchases made using mobile devices.
MasterCard is expected to launch a pilot program this fall with about 500 customers who will use fingerprints and/or facial scans to confirm their identities with MasterCard, enabling their mobile purchase transactions to be approved without having to manually enter passwords or security codes.
The initiative will ask customers during their mobile check-outs to hold up their smartphone and snap a photo of themselves, the report continued.
“The new generation, which is into selfies … I think they’ll find it cool,” Ajay Bhalla, who heads security research for MasterCard, told CNNMoney. “They’ll embrace it.”
MasterCard is conducting the scan testing because passwords that are used today can be forgotten, stolen or intercepted, which leads to data theft and losses for card issuers and retailers. MasterCard customers today can use the company’s “SecureCode” service, which requires a password when shopping online, the report continued. The service, which prevents thieves from stealing a user’s credit card information, was used for some 3 billion transactions last year, according to MasterCard.
MasterCard plans to test out the scanning identification system with the 500 customers and expand it publicly once it is proven and working well, the story reported. To make that happen, the credit card company is now working with smartphone vendors to get them to build the capabilities into their phones. Users will have to download an app to use the service, according to CNNMoney.
Once enabled, a pop-up will appear that will ask for a user’s authorization via a fingerprint or facial scan after they pay for an order, the report continued. If a facial scan is chosen, users will look into the smartphone camera and blink once to activate a scan.
“MasterCard’s security researchers decided blinking is the best way to prevent a thief from just holding up a picture of you and fooling the system,” the story reported.
The scans are not captured as photographs but instead create a code that remains on the device to identify a user, mapping out their face and converting it to 1s and 0s that can be transmitted over the Internet to MasterCard, according to the report. The company is also experimenting with voice recognition for online transactions as well.
