Mastercard’s biometric programme raises privacy concerns

Mastercard’s biometric ‘wave to pay’ initiative uses customer gestures as part of its identity security but experts are concerned about data privacy

Global payments network leader, Mastercard, has launched a new biometric payment initiative called 'wave to pay' that uses customer body language to manage its verification and security. 

While payments using physical gestures have struggled to obtain widespread adoption among consumers, Mastercard is using the new technology to keep pace with agile fintechs and stronger competitors in the marketplace.

According to reports, retailers using the scheme enables customers to pay in-store with a gesture, such as a smile or a wave. The solution requires customers to sign up initially - and this is incentivised via loyalty programmes based on purchase history. 

Biometric security and customer privacy concerns

But the new initiative has reignited debate regarding privacy concerns for customers and some voices of dissent have expressed their doubts about expanding the biometric verification space when users are not comfortable with their physical data being stored and used. For example, Red Rocks Amphitheater recently dropped the Amazon palm scanning following revolts from artists who cited hacking and surveillance as two reasons why biometric data should not become commonplace.  

Suzie Miles, a partner at lawfirm Ashfords, recently told the Guardian newspaper, “Mastercard themselves have recognised the data and security concerns that come with the use of biometrics. A password can be changed, your smile and wave can not. If biometric data is hacked then the risk of fraudulent activity could be considerably higher than current payment methods.”

Furthermore, in August 2021, concerned US senators issued a letter raising questions over biometric payments and data privacy practices. And in China, although Ant Group has planned similar  roll outs at checkouts with facial recognition technology, privacy issues have halted adoption of the technologies.

However, Mastercard has since stressed that data would be converted into a digital template and encrypted, and that any facial images used to generate that data would stay native to the device.

In a statement, the credit network giant said, “Once enrolled, there is no need to slow down the checkout queue searching through their pockets or bag. Consumers can simply check the bill and smile into a camera or wave their hand over a reader to pay.”

Biometric rollout for Mastercard payments will set a standard

As the debate continues to rage, Mastercard has said its solution will set a potential standard that could accommodate shops of all sizes. It is also partnering with with Fujitsu, NEC, Payface and other companies to establish baseline requirements for performance, privacy and security.

Speaking about the new programme roll out, Ajay Bhalla, Mastercard’s president of cyber and intelligence, said, “Payments is a wide space, and we are trying to offer what customers want. 

He said that the credit network payment giant would be an “enabler of the ecosystem”, providing unified privacy and security standards for the innovation.  “It’s important that we make sure that data is handled properly and the transaction is safe. Everything is done with consumer consent.” 

Biometric security in payments is already being used

While biometric security in the digital payment space has been in use for several years, the most popular method is via a fingerprint, which is used at the point of operation for a device, such as a smartphone. Payments can be made through that device as long as the verified user is operating it. 

Facial recognition is another security option, with Apple having introduced the technology to its mobile devices in 2016. Advanced facial recognition software for use in the latest digital payments verification is coming from companies including Japan’s NEC, Brazil’s Payface and California-based PopID. 

According to reports, Mastercard has also been trialling holographic pay units called Charlie Bibby - and the first pilots will be launched at a chain of Brazilian supermarkets run by the St Marche chain.


Share

Featured Articles

Sumsub: Identity Fraud up 73%; how can Fintechs React?

Identity Fraud Rates in Fintech Rose 73% Between 2021 and 2023. In This Deep-Dive With Sumsub, we Look at Ways Fintech can Overcome the Fraud Challenge

World Bank CEOs in Private WEF Fintech, Global Economy Talks

Global Banking CEOs, Including JPMorgan Chase’s Dimon, Meet Privately at WEF in Davos to Discuss Fintech Competition, Regulations and the Global Economy

Boston Consulting Group: How Banks can see Valuations Soar

Banks Could Increase Their Valuations by a Combined US$7tn in the Next Five Years Should Steps be Taken to Promote Growth, Says Boston Consulting Group

Worldline & Google: Enhancing Digital Payments Through Cloud

Digital Payments

How Significant is SEC’s Approval of Spot Bitcoin ETFs?

Crypto

Introducing the Global FinTech Awards in 2024

Financial Services (FinServ)