k_Street Consulting, LLC Blog

k_Street Consulting, LLC has been serving the Washington area since 2009, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

MasterCard Wants Your Selfie, But it’s Not for What You Think it’s For

MasterCard Wants Your Selfie, But it’s Not for What You Think it’s For

Payment via mobile devices is still a relatively new concept. With newer smartphones, it’s now easier than ever to pay your bills or send money on a whim. However, this also brings up an important topic; what’s the best way to handle mobile payments, and how can those who accept and process these payments ensure maximum security?

The answer might lie in two-factor authentication.

Specifically, MasterCard wants to introduce biometric-based two-factor authentication to its system, starting with the UK this summer. The technology discussed is a “selfie” based system that allows users to take a picture through an application, which is then compared to an image stored. The idea is that selfie-authentication, and other methods of biometric technology like fingerprint scanning, can help to prevent credit card fraud.

More than anything else, MasterCard is attempting to limit how many legitimate transactions are being declined while users are traveling abroad. Apparently, this is a bigger problem than actual credit card fraud. As reported by The Financial Times, there’s roughly $118 billion worth of false declines every year, which is considerably more money lost than is the case with credit card fraud--13 times more, to be specific. By using biometrics technology, MasterCard is looking to handle both the fraud and false decline problems.

Of course, the question that needs to be asked is whether or not these technologies are secure for users. Phones, tablets, and other mobile devices can be hacked just as easily as any desktop infrastructure. ITProPortal offers some insight into what will be necessary for mobile payment systems to take off:

“User devices are notoriously prone to penetration by cyber criminals – whether that’s as a result of users adapting their devices or overriding device security parameters, or using unsecured public WiFi when transacting online. Which means biometric data will need to be encrypted to ensure it cannot be stolen – otherwise we open a whole new vector for identity theft. What’s more, rigorous PCI standards already exist to protect users and merchants, especially where liability is concerned should things go wrong. What’s not clear in this scenario is whether liability will shift – and to whom. Quite simply, we’re in new territory here.”

What’s most interesting here is the liability aspect; if a user isn’t securing the mobile device used for payment, can they be considered at fault for the theft of their data? If so, it completely changes the way that financial institutions and payment compliance works. Also, what happens if biometrics are hacked? You can’t exactly issue a new face or a fingerprint with a new credit card number. These are critical possibilities that need to be addressed before biometric two-factor authentication for mobile payment systems can be implemented.

What are your thoughts on mobile payment authentication using a selfie-based system? Let us know in the comments.

According to Hackers, Windows 10 Security Passes t...
Tip of the Week: How Tracking Your Net Worth Can B...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, 21 November 2024

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Blog Archive

2013
January
February
March
April
May
June
July
August
September
November