Mobile payments: biome-trick or treat?

Apple announced Apple Pay, its entry into the mobile payments market at the end of last year, and Spring 2015 marks the European launch. Mobile payments aren’t the future anymore; they’re the present – out there today, changing the way we shop. But if they are ‘the now’ already, what is next?

From a payment perspective we should be looking at biometrics as the next frontier. This may all sound a bit far-fetched for those still accustomed to taking out their debit card to pay for goods or services. Yet, biometrics is not something from the pages of a Philip K Dick novel –the technology is already being used around the world for a wide range of applications.

Fingerprint technology is currently the most commonly known form of biometric verification. In a nutshell, it works by matching the patterns of a fingerprint or the pre-scanned image. The image is never saved; it is in fact converted into an encrypted token, which in turn becomes a biometric key. The key, if ever compromised, cannot be re-fractured to produce the original image, making the solution secure.

>See also: 8 in 10 Brits would ditch passwords for biometric security

South African social security payments are already being verified using fingerprint technology, while in Vietnam consumers can register so that they can buy physical goods in store also by fingerprint, without their credit or debit card. MasterCard and Zwipe also unveiled the world’s first biometric contactless payment card that incorporates an integrated fingerprint sensor.

And it is not just overseas where fingerprint technology is being used. Those reading this on one of the more recent Apple devices (iPhone 5S and above) will have first-hand experience of the technology. You may have unlocked your phone by allowing the scanner to read the contours and ridges of your fingerprint. Touch ID is used by millions to unlock phones and verify purchases from the App Store, and more recently to log in to the Royal Bank of Scotland and Natwest banking apps.

Biometrics doesn’t begin and end with fingerprints though. Iris scanning (as seen in movies ranging from Demolition Man to Minority Report) is slowly making its way from airports and military use and into the payment space.

One such company bringing iris scanning to the masses is eyeLock with its Myris product. The science behind iris scanning is arguably more reliable than fingerprinting in many ways, and while possibilities for iris scanning remain a new frontier, it can currently be used to protect email and computer login, as well as internet banking and shopping.

With the starting pistol fired, there’s no reason this couldn’t be applied to more banking applications, on varying mobile operating systems or even appear in-store in years to come.

For mobile device manufacturers and debit and credit card companies, fingerprint or iris scanning technology removes any question of if the customer is actually present for the transaction and is significantly more secure than issuing a PIN.

With high-value contactless mobile payments requiring verification, biometrics offers a quick and easy to use method of verifying those payments. But is all of this safe?

This is a valid and important question to ask, especially with high-profile data losses often in the news, such as Target’s in the United States. In order for these payment options to be exercised, consumers need to have faith in the security of their data. This is where tokenisation comes in. 

With biometrics, much like mobile payments, the payment itself still relies on card data. Tokenisation is a highly effective way of mitigating security risks by substituting payment data with an alphanumeric code or ‘token’ when payment is processed.

>See also: Getting ready for a mobile payment world

Essentially, all your card data and personal information is boiled down into a sequence of numbers. This means that retailers have chosen a payment solution that tokenises their customers card data – should they be the subject of an attack, the data the fraudsters would have access to would be useless to them.

We may be some way away from the perfect biometric shopping experience, but it’s not as far as you might think.


Sourced from Mark Prior Egerton, Logic Group

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics

Mobile Payments