Should Credit Cards Read Finger­prints?

The tech­nol­ogy now ex­ists to link a con­sumer’s fin­ger­print to a credit card. Is this a glimpse into the fu­ture, or a throw­back to the early days of bio­met­rics?

ISO & Agent - - INSIDE 07/08.2017 - BY KATE FITZGER­ALD

The grow­ing adop­tion of bio­met­ric au­then­ti­ca­tion in phones and tablets has some con­sid­er­ing put­ting the tech­nol­ogy into plas­tic cards.

The wide­spread use of fin­ger­print au­then­ti­ca­tion in mo­bile de­vices has made many con­sumers com­fort­able with the tech­nol­ogy. So is Mastercard’s test of a bio­met­ric pay­ment card a case of plas­tic catch­ing up to a modern tech trend, or is it in­stead drag­ging bio­met­rics back in time?

The chal­lenge is bring­ing the tech­nol­ogy to the point of sale. Most ef­forts rely on spe­cial hard­ware, such as the fin­ger­print read­ers used by the de­funct Pay By Touch or, more re­cently, the Near Field Com­mu­ni­ca­tion read­ers re­quired by Ap­ple Pay, which uses the iphone’s Touch ID sys­tem as part of the pay­ment process.

Mastercard’s re­cent ef­fort shifts the hard­ware bur­den to the card it­self, with the fin­ger­print sen­sor built into the plas­tic. It’s some­what rem­i­nis­cent of the re­cent wave of multi-ac­count cards such as the re­cently shut­tered Plastc, which al­lowed users to lock and un­lock the card with a se­cu­rity code.

It’s a catchy idea that may ap­peal to cer­tain is­suers seek­ing ca­chet with con­sumers, but for a va­ri­ety of rea­sons Mastercard’s bio­met­ric card is un­likely to be an in­dus­try “game-changer,” said Brian Ri­ley, direc­tor of the credit ad­vi­sory ser­vice at Mer­ca­tor Ad­vi­sory Group.

Clearly pay­ment card fraud is a top con­cern for is­suers, mer­chants and con­sumers, thanks to a steady pa­rade of data breaches in the news and grow­ing con­cern about shar­ing per­sonal data, Ri­ley noted, but the most ro­bust so­lu­tions can’t be shrunk down to the size of a credit card.

Europe’s new PSD2 stan­dards, for ex­am­ple call for multi-fac­tor au­then­ti­ca­tion around pro­to­cols such as Ac­count In­for­ma­tion Ser­vice Provider (AISP) and Pay­ment Ini­ti­a­tion Ser­vice Provider (PISP) that use tri­an­gu­la­tion to au­then­ti­cate con­sumer trans­ac­tions us­ing a com­bi­na­tion of se­cu­rity tools and data stored in the cloud, ac­cord­ing to Ri­ley.

“New multi-fac­tor card se­cu­rity pro­to­cols rely on the full fea­tures of a mo­bile de­vice, com­bined with to­k­eniza­tion, with emerg­ing models in­clud­ing 3-D Se­cure 2.0, due out later this year,” Ri­ley said.

Ri­ley also pointed out that ad­ding a fin­ger­print mech­a­nism to a plas­tic card could even add new lay­ers of vul­ner­a­bil­ity, such as how hack­ers used gummy bears to repli­cate finger­prints when Ap­ple Pay launched.

That said, is­suers and card net­works have an op­por­tu­nity to re­fine their ap­proach as the tech­nol­ogy comes to mar­ket. “Mastercard will con­tinue to test many vari­a­tions of the pay­ment card that sup­ports its global busi­ness,” Ri­ley pre­dicted.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.