Biometrics has been called “naked payment”, suggesting some kind of nightmarish scenario in which you dream of yourself clothes-free in the middle of a supermarket.
But, of course, it’s a way of stripping down ID technology to use unique physical characteristics to identify an individual and clear them for payment or access. “People are only going to get more accepting of biometrics,” says Stefan Persson, chief executive of Precise Biometrics, a leading developer of fingerprint identification software, citing growing acceptance of using mobile phones for payments as a pointer to the future.
So it’s goodbye to those pieces of plastic that pack out our wallets, get put through the washing machine, get lost, skimmed, stolen or sucked into an ATM. The card will go the same way as the cheque. Farewell to the PIN code, password amnesia or having to recall the name of your first pet or what you bought last Wednesday at 3.46pm. Well, maybe.
“Over time that does seem likely,” says Mark Nelson, senior vice president of open banking for Visa. “But it all requires baby steps to ensure consumer confidence doesn’t erode.” A Visa study last year found that consumers expressing confidence in using biometrics as a secure form of authentication is up to 84 per cent, compared with 59 per cent the year before. Visa is now working on a system to help banks incorporate biometrics into the ecommerce checkout process.
Alan Goode, founder of cybersecurity analysts Goode Intelligence, says: “There’s strong movement towards biometrics because it cuts out a lot of friction now in the system. “There’s a lot of action in this space, but widely different models and rates of adoption. There’s a lot of work on the ‘Martini principle’: being able to make a payment any time, any place, any where. And only biometrics allows that. Cards just don’t.”
Certainly there are concerns about going full-on biometric, for consumers and for retailers alike. Biometrics will potentially offer retailers a great deal more information about their customers, enabling them to create more bespoke experiences for them. It will help with other processes too, such as age verification for example, which will save time and costs. Biometrics might combine event ticketing, payment and identification in one fell swoop. While through facial recognition systems, already in use in China, biometrics might offer that naked experience, consumer convenience may also prove a downside of the technology to high-end retailers, for whom customer interaction is crucial to sales.
Implementation of the most seamless of biometric payment systems will cost money too, for retailers, for ATM and mobile phone manufacturers, even for online shoppers at home, as the hardware won’t be free. “So it’s a question of impact; the cost of deploying it,” says Mr Nelson. “What’s in it for the merchant? An improvement to the consumer experience will have to be very clear.”
Consumers, of course, will certainly have to adjust to biometrics’ new dynamic too, involving a potential loss of privacy and sense of being monitored. After all, if there are already biometric systems that can identify an individual through their unique physical characteristics, such as their fingerprint or iris scan, both perceived as the most trustworthy, veins and face, ears and even heartbeat, all of which continue to advance, the hot topic now is their behaviour biometrics. That’s the measure of identifying patterns in human activity: the way a person walks, the way they use a computer mouse or type on a keyboard, the way they hold a phone.
“It’s the cutting edge of making biometrics frictionless, collecting these datapoints on consumers in the background and scoring them. And the reality is that if banks and other financial institutions see this as a means of doing the heavy lifting to detect fraud, they’ll use it because creating the best user experience is what everyone is chasing now,” explains David Vergara, head of security product marketing for OneSpan.
“But it’s key to note that all the other variables will need to be used too. What there will be is a layered approach because none of these biometric techs can be an island of authentication in itself.” It may be some time before, as Mr Vergara puts it, “we’re into Minority Report territory” with people themselves being chipped, with so-called continuous authentication the norm, and artificial intelligence and machine-learning being an inevitable part of the mix. But even now biometrics has shades of Big Brother. Will the consumer accept this over the relative anonymity of a bank card, however Luddite using one might come to be seen?
“There are some concerns about bringing in biometrics for payments, especially after recent instances of social media companies misusing data,” says Mr Persson. “The customer will have to be comfortable with the use of their data. They will have to make a choice to accept it and each consumer’s data will have to be handled as an individual case because when it is used it’s likely to be in complex ways in the background without the consumer’s involvement. “And, of course, we will see people declining to provide their biometric data and preferring to continue to use a some kind of payment card. Helping them see the security advantages of biometrics is a big challenge for the industry.”
Security will certainly see an all-time high through biometrics. Mr Persson talks of the further possibility of various datasets being cross-matched so that, for example, a payment authorised via biometrics could be checked against the payee’s location, as identified through their mobile phone. But for some consumers this may prove too invasive. All the more so when payment cards are already very secure, with fraud rates low and consumers having zero liability anyway. Visa’s survey found 71 per cent of consumers express confidence in the security of cards, only 13 per cent short of that expressed in biometrics. Rather, the payments industry will most likely have to sell biometrics on convenience first.
Mr Goode observes: “With each level of biometrics, there will always be the question, ‘Is this useful or is this creepy?’ The fact is that biometrics can often verge on the creepy.” And Mr Nelson adds: “After all, the way you use a card to pay at a point of sale, especially contactless, is already pretty convenient. Getting consumers to change habits isn’t easy. Everyone in the industry seems to be waiting for that leap in experience that biometrics might enable. But getting to the scale of current card use will take time.” Indeed, it’s not all over for the card and PIN code, or at least not yet. At least, in the medium term, there will remain a place for a new generation of card that incorporates biometrics. We may well see such cards, eliminating the use of a PIN and with no limits on contactless spending, introduced as an intermediary step.
Besides, there is the industry’s readiness to overplay just how quickly biometric payments, while widely considered inevitable in the long run, will actually become typical. “At best you’d have to be cautious to call the death of payment methods we commonly use now, like cards, much as cards were predicted to bring the death of cash, which clearly hasn’t happened,” says Mr Goode. “Five years ago, payments by mobile phone were widely predicted to take over. And that hasn’t happened either. But it is a question of time.
As originally seen in Future of Payments published by Raconteur Media on 25th September, 2018 in THE TIMES.