I am in no way against biometrics, they are absolutely intrinsic to the future of non-cash payments and the implementation of true identity management in general. What I’m completely sick of is the “Password is dead, biometrics is here!” hype perpetrated by those with a blatant self-interest.
If the password was dead, we would not have a multi-TRILLION £/$/€ industry currently predicated on the 4 digit PIN; the branded payment card. Organisations up and down the payment card food chain, from the schemes to the end merchants would not be spending billions on the perpetuation of the technology if the password was actually dead.
The payments industry is not trying to reach the < two billion people with biometric-enabled smartphones, they are trying to reach the SEVEN billion people with money, half of whom have no access whatsoever to formalised banking as we know it, let alone a £400 mobile device.
Yes, there are ongoing fraud issues, and yes there are viable alternatives, but ask the average person on the street if they need mobile payments authorised through some form of biometrics and they will simply ask what’s wrong with their credit card? Too many biometrics companies are trying to change the world without applying common sense to the real issues. They are not solving a problem, they are trying to create a demand.
The challenges the payments industry face are myriad, and include;
- Enormously complex and expensive infrastructure geared towards current payment methods and protocols – [There’s no starting over from scratch]
- Global acceptance of current operational standards by all country’s financial authorities – [Requires amendments to most laws and regulation]
- Older technology that does not port securely onto consumer controlled mobile devices – [You cannot exclude the card brands from this move.]
- Difficult transition path from legacy infrastructure to new – [Where do you start, and what direction do you go in?]
- Increasing pressure from retail to provide improved customer journey / experience –[Retail and consumers expect more.]
- …and so on.
Fraud due to poor authentication is not the problem, it’s an inconvenience, the real problem is that payments are heading from ‘plastic & PIN’ to ‘mobile and multi-factor’ whether we like it or not, and the only practical and secure way of doing so is to do it properly from the beginning. This will be an industry wide effort or it will fail, and no biometrics company on the planet has the answers alone.
Battling fraud is not just about proving that you are the one attempting a transaction, it’s about being able to attribute your entire identity into the desired result. Just because I can prove I’m trying to buy a TV does not mean I have any intention of paying back the loan I took out to get it.
So smart phones have the ability to turn the industry standard Personal Identification Number (PIN) into a Personal Identification Vector (PIV), one that is not only TRULY personal (i.e. fully consumer customisable) but builds in a multitude of other authenticators into each transaction. It is here that biometrics really comes into its own; being able to seamlessly add the something-you-are authentication factor to EXISTING processes.
Biometrics tells us what you are, is does not define WHO you are, and it’s the who-of-you that defines the future of your payment options.
[If you liked this article, please share! Want more like it, subscribe!]