The Risks And Rewards Of Biometric Payments
With the recent trial announced by Mastercard of a biometric card, the practicality of this technology has raised its head again as a key discussion topic. Among its potential benefits, according to supporters, are its ability to speed up payments, reduce queues, and offer more security than a standard credit or debit card.
With the biometrics market expected to be worth $18.6 billion by 2026, the potential for this technology is huge.
However, opponents point out that while the convenience of waving a hand or smiling at a camera has potential, there are still big risks if the technology goes wrong – foremost among them are concerns over privacy, security and cost.
Face not recognised, please unlock with pin
While facial recognition has improved over the last few years, there are still errors. For instance, we are all familiar with those frustrating moments when our phones do not recognise our faces for some reason, requiring a PIN to open instead. While this is a minor inconvenience to get access to a text message, when it comes to paying a bill, it could cause huge problems.
Error rates are now less than 0.1%, an impressively low number, but when partnered with the millions of transactions that happen every day that is still hundreds, if not thousands, of moments where biometric authentication could fail.
To reduce the chance of failure, companies will need to have access to several different forms of authentication, such as fingerprints, vein patterns, iris scanning, facial recognition and more. While reducing the risk of errors and fraud, each system has its own accuracy rates and problems that firms need to be aware of. For example, facial recognition can sometimes be thrown off by glare from glasses, and vein pattern relies on high-quality photos in the first instance and ensuring that subsequent scans are not affected by different light conditions.
You can’t change who you are
The trade-off in ensuring success for biometric payments is that companies will have to store more personal data of their customers. This is fundamental to how the technology operates and will reduce the chances of errors, but it also raises the stakes for the company holding the data.
For instance, while a data breach today may result in passwords and usernames being leaked, this information can be changed and updated relatively quickly and easily. Biometric data is much harder to change, and although the processes of using that data may be harder, the rewards are greater – where people might have different passwords for various systems, biometric data would in theory give access to any account where this information is used as a means of entry. Securing these databases is essential.
As well as security concerns, consumers may be reluctant to share such sensitive information with large companies, with ongoing questions around privacy and rights on how those companies use the data of their users. For example, in countries with less protection for individual rights, such as China, a facial database could be used to identify and target certain groups of people by the state authorities, as has already been seen with the Uighur people. If the public becomes distrustful and refuses to share information with payment firms, any biometric technology beyond just unlocking a smartphone will struggle to get off the ground in a meaningful way.
If this is to be overcome, it will be essential for firms and governments to work together to improve regulations and processes. This will help build trust in the new technology, and create conformity across countries on how data should be handled and secured. Firms in turn will benefit from being able to focus on one set of rules, in the knowledge that the rights of people in different locations are being protected.
Who is paying for this all?
Any deployment of new technology comes with a cost. In this case, it will require new devices that can read biometric information to be installed in every shop, restaurant and hospitality location, potentially costing billions.
At the moment some high-end biometric systems can cost up to $10,000, a significant cost if you run a small business. After all, it is not the kind of investment that can justify itself through additional business – payments can still be made by other means. It needs consumer behaviour and expectation to reach a point of critical mass where biometric payment becomes expected rather than a novelty. But until the technology reaches an affordable price where it is feasible for businesses to make this investment, there is no way for it to enjoy widespread adoption. It's a ‘chicken and egg’ situation – one of widespread availability and mainstream adoption will drive the other but if neither comes first, biometric payments will continue to struggle.
There is no doubt that schemes like Mastercard’s are going to start happening more frequently, and likely do offer a snapshot of what the future of payments will look like. It is also not as much of a leap in technology as some people believe. For instance, platforms such as Apple Pay already use facial recognition to authorise payments. Bringing in other forms of Biometric payments will remove friction from the authentication process, and no doubt when the technology is ready, customers will love it if it is user friendly enough.
However, we are still a distance away from this becoming a mainstream form of transaction. A lot of work needs to be done to reduce the cost of the technology itself so that everyday businesses can afford it, while serious conversations need to take place to ensure regulations are in place to protect individuals’ data and rights. Otherwise, it will struggle ever to be a viable option.
About the author: Ashish Bhatnagar is Client Partner at Cognizant.