To make card payments more convenient and secure, issuers are looking to integrate biometric fingerprint technology into their cards. Our research shows that two thirds (66%) of consumers anticipate biometric fingerprint payment cards will be released this year.
The banking industry, therefore, needs to embrace this technology, or risk falling short of consumer expectations.
Fingerprint biometrics in payment cards are nearly here, but one barrier remains: the cost of the sensors needed to analyse each person’s biometric fingerprint. Many manufacturers are now looking to reduce the size of their sensors to reduce costs. Whilst this may save money on silicon, bigger remains better when it comes to biometric fingerprint sensors.
By using a larger sensor, the card is able to capture a greater surface area and, therefore, more detailed biometric data of a person’s fingerprint. Consequently, accuracy is inherently improved, as the biometric template captured has more data to inform fingerprint authentication. In essence – the smaller the sensor, the more touches required by a user to obtain the same amount of information that would be gained from just a couple of touches of a larger sensor.
Usability, accuracy and reliability: the key is size!
Not only does the size of the sensor affect the usability of it, but also the reliability. If the sensor has only captured a small part of the overall fingerprint, trying to match this in everyday use will be extremely difficult.
People are unlikely to place their finger on a sensor in exactly the same position every single time, so it is important that the sensor is large enough to capture the fingerprint at a variety of ergonomically friendly angles, including the tips of the user’s thumb. This pinching action, known as ‘tip touching’ is very natural when handling a payment card and must, therefore, be accounted for.
The biometric data obtained from fingerprints can also be extremely volatile and anything from varying pressure when touching the sensor, to scarred tissue on the fingerprint, can affect the fingerprint authentication process. Inconsistencies in our fingerprints can cause ‘false negative’ responses. This is when a valid biometric sample is provided, but the system falsely rejects it.
A high number of false rejects simply will not suffice. Failed matches when trying to authenticate a payment in store would not just prove inconvenient for consumers but could also cause significant delays for the retailer taking the payment. In an age where consumers have become accustomed to seamless payment processes – multiple failed attempts to match a fingerprint are not an option and could hinder the mass adoption of biometric fingerprint payment cards.
Recognition with fingerprint biometric sensors
In order for a first-time match to be possible, a high-quality biometric fingerprint template must be created in the initial enrolment process – and to achieve this a larger sensor is critical. Larger sensors require fewer touches to enrol the fingerprint – the smaller the sensor, the more times an enrolee needs to touch the sensor in order to capture an image of the whole surface of the finger.
Some manufacturers are getting around this problem by partially enrolling the fingerprint and then adding data to the template once the card is in use. According to a new study from New York University Tandon School of Engineering, ‘partial’ fingerprints are less likely to be unique than full prints, making smaller fingerprint-based security systems less secure and more vulnerable than previously thought.
This method of enrolment, known as dynamic enrol, is leaving a huge security hole in the use of fingerprint biometrics and putting users at risk as a result. If a template can be changed, then over time the fingerprint biometric data originally enrolled onto the card can be gradually replaced. These ‘climbing attacks’ mean that potential fraudsters could use a card that has only been partially enrolled and add their own biometric fingerprint data to it, eventually replacing the fingerprint of the original owner.
For the payments industry, where security is paramount, a smaller sensor could be creating more security threats than solving them. If consumers and financial institutions are to fully embrace biometric fingerprint payment cards as a means of authenticating payments, then necessary measures to ensure optimal security must be taken.
The State of Technology This Week
Is bigger really better, then?
Despite the clear benefit of larger sensors, many manufacturers retain the perception that they should be as small as possible. Whilst for mobile manufacturers sensors need to fit on tight display screens, with payment cards this isn’t a problem. Although payment cards don’t have a power source, they have a large area of unused space which can facilitate a larger, more secure sensor.
Brands entering the payments arena will be differentiated by sensor size, with those adopting larger sensors driving the rollout of biometric fingerprint technology to the mass market. The acceptance and usage of fingerprint biometrics in everyday payments is dependent on accuracy, usability and most importantly security – all of which depend on sensor size.