Mastercard replaces SecureCode with biometrics
Following Apple’s lead, MasterCard is introducing biometrics at POS for online transactions. Currently the company uses SecureCode to verify identity, which requires the cardholder to enter a password in a pop-up window. However, people are creating more and more online accounts, making it harder to remember passwords. According to a survey conducted by Certify, the average person is thought to have to remember at least 19 passwords, and only a fifth of people never forget these passwords.
MasterCard will be testing an app similar to Apple Pay, which scans the cardholder’s fingerprint at POS. The credit card company’s app, however, scans both the cardholder’s fingerprint and face. The fingerprint scan requires the cardholder to simply touch the screen, while the facial scan requires the cardholder to look at the screen and blink once. According to MasterCard security researchers, by asking customers to blink, the app prevents thieves from simply holding up a photograph of the cardholder.
Following the facial scan, the app will convert it to 1s and 0s using facial recognition technology, and transmit this to MasterCard where it will be compared with a stored code representing the cardholder’s face. If the codes match, the purchase will be approved. This information will be securely transmitted and stored on the company’s computer servers, which is claimed to pose no security threat as it is an algorithm rather than an image.
Supported by smartphone manufacturers Apple, Blackberry, Google, Microsoft and Samsung, MasterCard will launch a pilot programme, testing the app on 500 customers.