Here’s some good news for the selfie generation! MasterCard is initiating a pilot program to test the viability of facial recognition for approving transactions. This new app would allow people to verify their transactions by simply holding their phones up to their face, and approving transactions.
While speaking to CNN Money about their new application, Ajay Bhalla, MasterCard President of Enterprise Security, said, “The new generation, which is into selfies… I think they’ll find it cool.”
One of the biggest challenges with the current SecureCode technology that MasterCard customers use nowadays is that passwords are easily forgotten, and not that hard to intercept or steal.
However, it does make your credit card information more secure though, and its popularity can be seen in the 3 billion transactions it was used in the last year.
In fact, several banks are looking into using biometrics to verify transactions to make them more secure, but so far, such scanners haven’t made their way into the mainstream yet.
How It’ll Work
MasterCard’s trial will involve 500 customers using a number of different devices to test out the new feature. After a customer downloads the MasterCard phone app, they’ll get a pop-up to confirm your transaction via a fingerprint or facial recognition.
If you opt for the facial recognition method, you have to blink at the phone once, and that will approve the transaction.
Spoofing the System
The primary concern with this system is how easy it was to spoof the facial recognition feature on Android phones. People could unlock someone’s phone with a simple picture or animated image on their own phone. It was as easy as that.
To counter that, MasterCard is using a nifty feature that actually maps out your face and sends the digitized data to the server for authentication.
That data in machine code is used as your password. While a few security analysts fear that this could result in a breach of privacy, some security specialists are actually backing this workaround by saying that they don’t actually use your picture for anything, but instead use the map points like a code or password.
The best part is that this just might be a plausible solution to this spoofing problem.
Another plausible solution is combining facial or fingerprint recognition with a password or pin, to make things a lot more reliable and considerable. While it might sound a hassle, two-factor authorization on social media websites, email, and other online services has proven how useful and secure it can be. Replace one of those steps with facial or fingerprint recognition, and you have a solution that might just be as foolproof as can be.
So what do you think about this new feature? Do you think it has potential? Let us know in the comments below.