In May 2022, Mastercard launched its version of a biometric payment system. The new system means that shoppers will be able to pay at the checkout or in mobile apps simply by smiling or waving their hand in front of the camera using facial recognition technology. One of the alleged benefits of biometric systems is that they are a more secure method of payment than a credit or debit card.
Mastercard is working with partners that include NEC, Payface, Aurus, PaybyFace, PopID, and Fujitsu Limited to launch the program, which will provide an overarching framework of minimum standards, as week as specifications and guidelines that address security, biometric performance level, and data protection in the context of in-store biometric payments.
Biometric payment systems will make retail transactions more convenient
Similar biometric methods of payment have been rolled out by world-renowned retailers. For example, in August 2021, Amazon gave customers $10 in credit in return for using its new biometric palmprint scanners dubbed ‘Amazon One’.
These biometric point-of-sale (PoS) systems are a popular example of how retailers are looking to improve the customer experience through digital platforms. According to Idemia, a leader in biometrics and cryptography, 74% of consumers have a positive attitude towards biometric technology. They see the technology as a way of making the in-store experience easier and more efficient, eliminating long queues at checkout.
There are concerns over how safe the data is, and if it will be misused
However, there are concerns over data storing when it comes to biometric systems. With this new rollout, retailers would be in possession of a large amount of sensitive, personal data from consumers. If a system is hacked, and biometric data is compromised, the risk of fraud is significantly higher and less easy to resolve. Passwords are simple to change. You cannot get a new smile or wave.
The secure processing of customer details is regarded as crucial, since PoS platforms have become a primary target for hacking attacks. Retailers must ensure that highly sensitive transactional data is encrypted and cannot be retrieved from the system. Security has gained a lot of attention after various major retailers suffered large-scale data breaches in the past few years, which included customers’ credit card details from the PoS systems.
Effective security measures are a must if retailers are going to implement these technologies into the payment process. PoS systems are susceptible to ransomware attacks. For example, PoS malware accounts for 65% of data breaches within retail, according to Palo Alto Networks 2021 statistics.
There are also concerns over how the data collated by retailers could be used by third parties. Amazon’s facial recognition technology was previously sold to law enforcement in the US. This prompted several lawsuits in various states with the claim that this amounted to using biometric data without the permission of the individual.
Companies with operations in Europe are also subject to the GDPR. Whether data is misused or hacked by a third party, companies could be fined up to 4% of annual turnover, or $20 million, whichever is higher. Retailers must have effective systems in place to protect sensitive consumer data gathered through biometric payment systems. In this sense, biometric payment systems like Mastercard’s have the potential to make the retail payment process more convenient and quicker for consumers. However, retailers incorporating this into their digital platforms will need to ensure that the data collected is protected. Otherwise, it could cost them reputationally and financially.