Mastercard is exploring facial recognition as an alternative to SecureCode, its security software that asks online shoppers for a password to make purchases.
Users in the trial can hold their phone up as though taking a selfie to approve transactions.
“The new generation, which is into selfies… I think they’ll find it cool,” the firm’s security expert Ajay Bhalla told CNN.
One security expert told the BBC facial recognition should be complemented with “extra layers of security”.
“Google tried facial recognition on Android phones and there were a lot of problems in the early days”, said Ken Munro, security researcher at Pen Test Partners.
“People realised you could take a photo of somebody and present it to the camera, and the phone would unlock.”
The company said the technology was used in three billion transactions last year.
In March, Chinese shopping brand Alibaba demonstrated a facial recognition app, but hasn’t brought it to market yet.
Mastercard’s facial recognition trial involves 500 users in the United States.
“Mastercard will want this to be secure because they’re dealing with money. But there is a case for adding extra layers of security,” said Mr Munro.
“If an ordinary password gets compromised you can simply revoke it or change it.
“What happens if your facial recognition data gets stolen? You can’t change your face.”
Mastercard said it was also exploring fingerprint security and voice recognition, which could make life easier for customers.
Mr Munro was clear that the best security would be a little more “cumbersome”.
“Ideally I’d like to see facial recognition used in conjunction with a Pin. Both systems have flaws, but work brilliantly when you combine them.”
Culled from bbc
Posted by Nonny Vuga