What is driving the growth of biometric security in payments?
We can see that the use of biometrics in payments is growing both in the developed and developing countries, although the driving forces behind the use tend to be quite different in the different economies. One common denominator is that biometric technology is achieving a higher degree of maturity, and the investments needed to implement it are becoming more affordable. Another common driver is the need to enable secure payments that do not rely on plastic cards. For instance, Internet payments (card-not-present transactions) could be made less fraud-prone by using a fingerprint scanner on a mobile phone to authenticate the consumer. In developing countries, biometrics is one important enabler of financial services to the unbanked population. Moreover, biometrics can prevent identity fraud in the banking industry. And fraud prevention is always an important driver.
How do you see biometrics changing the payment landscape over the next five to 10 years?
There are many payment environments that rely on physical tokens (like a plastic card) or on static passwords or PIN codes. The reliance on passwords is especially large in e- and m-commerce environments, which has various drawbacks. Passwords can be key logged and are commonly reused. In addition, strong passwords are not easy to remember. Biometrics can change the payment experience by making it more convenient for users. One should realize, however, that biometrics is not the silver bullet that can solve all authentication problems, though biometrics can be an important factor in enhancing the risk management practices for transaction approval. I think it’s good that biometrics is slowly becoming part of our daily lives as fingerprint scanners are incorporated in the latest mobile handsets. The path to enter the payment domain is being paved.
What barriers do you see to the expanded use of biometrics in transaction security?
First of all, biometric traits are unique and irreplaceable characteristics of an individual and, therefore, they need to be handled more carefully than simple passwords. There are some significant privacy concerns around the use of biometrics, as compromised data cannot easily be replaced. The liability in case a biometric database is breached is difficult to estimate. That’s why many solutions today rely on local storage of biometric data, giving consumers control. But the privacy concerns are still an important issue. Second, a lot of additional development is needed relative to standardization in biometrics. A number of good standards are already in place, but industry-wide recognition in the payment domain is still to be seen. Not only to guarantee interoperability among all parties, but also to test and certify the ecosystem according to a common framework. Lastly, there are a multiplicity of biometric traits that could be used (such as fingerprint, facial recognition, iris scan, etc.), and every trait has different strengths and weaknesses. A lot of experimenting is going on, and time is needed to evaluate market responses. The payment industry is highly regulated, standardized and with little margin for error. That’s a natural barrier for the entry of any new technology.VIEW THIS EXPERT'S LINKEDIN PROFILE