MasterCard wants to replace passwords and PINs with selfies

Shawn Knight

Posts: 15,240   +192
Staff member

In the ongoing search for the successor to unsecure passwords and PINs, financial services giant MasterCard is taking a modern approach to authenticating transactions called MasterCard Identity Check.

Last year, MasterCard completed a pilot program for a feature that allows users to authenticate online transactions using facial recognition. Dubbed by many as "Selfie Pay," the app maps the user's face and requires them to blink to eliminate fraud by using a still photograph. The company says its algorithms can also detect if someone is trying to fool it by using a video.

Ajay Bhalla, MasterCard's president of enterprise security solutions, told The Verge that the facial recognition system won't be used to authenticate every transaction. Instead, it may be utilized if the context of a purchase seems abnormal such as, for example, if you're shipping an item to an unfamiliar address.

It may seem silly to some but it could come in handy if your phone doesn't have a fingerprint scanner.

Following the successful trials, MasterCard said it will be rolling out the technology to 14 countries over the summer including Belgium, Canada, the Netherlands, the US, the UK, Spain, Italy, France, Germany, Norwary, Switzerland, Denmark and Finland.

Within five years, Bhalla believes the technology will be ubiquitous. It's unclear if that prophecy will indeed come to fruition but it's encouraging to see large players like MasterCard moving past the traditional password and PIN approach.

Image courtesy Flickr

Permalink to story.

 
Genius! Now all I have to do is hold up a picture of some *****'s face to the ATM in order to clean him out! Those anti-spoofing measures will be effective for about 15 minutes. I foresee a lot of Russians wearing masks of FB users.
 
Last edited:
Back in the day, 90's, criminals used laptops in bags, with scanning hardware to walk past shoppers, and take credit card info.

Years later the genius card companies, deemed it a wise idea, to make NFC chip n pin cards, so you could pay faster. Although, if you think about it, its scanning your bread, your lettuce, and your 20 other items at the self serve checkouts that takes forever.

So in their infinite wisdom, they took an idea, that criminals came up with, not them, and claimed it as their own. Which has fallen into the hands of the criminals once more, as they have now exploited the NFC chips, and take your money again by simply walking by.

So, this, selfie idea, is the next phase in the, we are so far behind the criminals, we look stupid, lets shout out ideas and just go with anything at random.

Good luck with that.
 
Genius! Now all I have to do is hold up a picture of some *****'s face to the ATM in order to clean him out! Those anti-spoofing measures will be effective for about 15 minutes. I foresee a lot of Russians wearing masks of FB users.

"maps the user's face and requires them to blink to eliminate fraud by using a still photograph."

Did you read the article or just skim it?
 
As soon as the resolution of selfie cameras becomes high enough they'll likely move to a bio-metric retinal scanner. This is simply a stepping stone towards that, facial recognition suffers too many shortcomings, something as simple as growing a beard will render your face unrecognizable. However it could be combined with FLIR to create a near unbeatable system, but my money is still on the retina scanners when they do become the norm for all security measures.
 
While it certainly isn't practical on the merchant level, I am surprised that retinal technology hasn't progressed to the stage of being useable at many (certainly not all) business places and all banks. Of course, there would have to be one master file of each retina photograph and that would be subject to hacking, but it would certainly be an improvement over the P/W and PIN technology currently being relied upon......no?
 
MINDLESS.

Mastercard is operating on the assumption that everyone a) has a cellphone, b) has it in their possession and c) is a smartphone to boot. Sort of like AirBnB trying to use FB as a verification of identity.
Just mindless!
 
Genius! Now all I have to do is hold up a picture of some *****'s face to the ATM in order to clean him out! Those anti-spoofing measures will be effective for about 15 minutes. I foresee a lot of Russians wearing masks of FB users.
no, it requires a new shot and they require an eye blink when shooting the pic, it uses a longer exposure and has safeguards that compare images as it is created.
 
MINDLESS.

Mastercard is operating on the assumption that everyone a) has a cellphone, b) has it in their possession and c) is a smartphone to boot. Sort of like AirBnB trying to use FB as a verification of identity.
Just mindless!
I agree, I currently fail on all three criteria you mention.
 
Genius! Now all I have to do is hold up a picture of some *****'s face to the ATM in order to clean him out! Those anti-spoofing measures will be effective for about 15 minutes. I foresee a lot of Russians wearing masks of FB users.

Did you even read the article if this thing is smart enough not to be fooled by video you think a picture will do it?
 
What if you wanted to use your parents credit card? And also with the 21 percent interest my master card charges you'd think they'd actually update to the chip system already. The money again doesn't go to employees. It's actually illegal. Judge marilyn said loan sharks aren't allowed to charge over 16 percent. My discover card still doesn't have the chip. Knowing wall street's attitude on hiring any employees, I wouldn't worry about picture identification until the turn of the century.
 
Last edited:
To hell with this idea, it's stupid. I'm not minded to smile into some camera with a stupid, cheesy grin plastered all over my mug everytime I want to transact. They'd better come up with something a bit better than this.
 
So um yeah, why not just move back to the old card payments where you had to put the card in a device that then "copied" the details to a piece of paper that then had to be taken to the bank...
Even if they would have an algorithm that would be able to recognize videos n stuff it wouldn't still be able to recognize most of the people who live in places where there's a proper winter...and what about those who don't shave for 2 weeks...?
 
MINDLESS.

Mastercard is operating on the assumption that everyone a) has a cellphone, b) has it in their possession and c) is a smartphone to boot. Sort of like AirBnB trying to use FB as a verification of identity.
Just mindless!

And Apple Pay is operating on the assumption that everyone has an iPhone.
 
Back