Selfie authentication is a bad idea
09 September, 2015
category: Biometrics, Financial
We’ve all been there. You get into a checkout line at the grocery store and as you’re about to start loading groceries on to the conveyor belt you realize the person paying on front of you is writing a check.
Cue the heavy sigh and eye roll.
While running into a check writer might be an increasingly seldom occasion, I fear there might be something far worse on the horizon: the selfie verifier. Imagine being in the store, the person in front of you swipes their card and then pulls out their mobile device, activates an app, grabs a selfie, has it approved before finalizing their purchase.
This is going to take awhile – and that’s without factoring in the additional amount of time it’s going to take with the EMV transaction – and that’s assuming that the above scenario goes smoothly and the picture is accepted. What happens of the lighting is off or the person has trouble getting the right image or the device has trouble getting a data signal?
To be fair, I haven’t tested the selfie verification app from MasterCard, though I have tested similar technology in the past. The tech always works but there is a learning curve to using it properly. You have to figure out how high and close to hold the device to get the proper image. It’s not necessarily easy, especially at first.
It appears that MasterCard is trying to appeal to the younger consumer with this idea but when every other identity and authentication product is trying to remove the friction from purchases this is adding to it. The idea of pulling out my phone and taking a selfie to authorize a purchase just doesn’t seem like a good idea, and it will likely add significant time to a transaction.
There are much easier ways to add another factor of authentication to a transaction, one of which MasterCard is offering. Along with the selfie verification, customers will also be able to use a fingerprint if their device is equipped a scanner.
Using the mobile as an additional authentication factor for purchases is a good idea but it has to be quick and simple. It could be as simple as having a notification sent when a purchase has been made. This will enable individuals to keep better track of purchases and immediately notify them if an unauthorized purchase has been performed.
If the credit card companies want an additional authentication factor just have the notification sent to the mobile, have them swipe to activate an app and just hit a button confirming the purchase. There’s no need to add a selfie to the mix.
Financial services companies need to start offering better security options to customers. But can we say not to the selfie? There are other, easier ways to protect transactions.