MasterCard prepares customer verification options using selfies, voice timbre and heart rate
Welcome our dear readers to the pages of the blog iCover ! We inform you that MasterCard has announced its intention to introduce additional options for authenticating users of their products through a selfie and a fingerprint, which allows us to leave in the past the need to enter a PIN code, password and confirmation code. The company conducted the first test series of these access control technologies back in 2015 and now, assessing the opinion of the informants, concluded that they could be widely distributed at the level of the payment system. About these and other MasterCard plans, announced by the company in Barcelona at the MWC 2016 exhibition, we will describe below.
According to a survey of groups participating in a pilot project in the Netherlands and the United States, 92% of self-testing access control technologies using the selfie favored such a solution, finding it quite comfortable.
Authentication will be carried out through a mobile application downloaded on the user's smartphone or tablet. When making a transaction, the client will receive a push-notification, which will launch the application. The first step, as before, is to enter the bank card data. Further, the user can choose and, if desired, confirm the operation with the device’s camera self-photograph or by placing a finger on the sensor, if there is one. In order to eliminate the possibility of unauthorized entry using a photo-imitation imitation, the company resorted to a very original way: during the snapshot, the user is asked to wink. The resulting selfie image is processed by the program into a code of zeros and ones, and then it is read in the form of a code, and not an image.
')
According to representatives of the company, face recognition service through self is an alternative option that can be used by the client and only in emergency cases, while MasterCard will receive maximum information about the transaction and the user himself ... "We will have a lot of information about your transaction" - Ajay Bhalla, president of corporate sector security, said somewhat ambiguously. For example, ... “We can find out where goods will be delivered or what your location is ie at the time of purchase, "- he added.
The user authentication service via self is not the only one considered by MasterCard as an alternative to the traditional methods of entering a PIN code, password and confirmation code. The possibility of entering from a wearable device, by means of heart rate recognition by a special built-in "cardiograph sensor", is considered as additional. The company conducted the first series of tests of this verification method at the end of last year using Nymi bracelets.
At the same time, the lack of a unified infrastructure becomes a real obstacle to the massive and early implementation of the proposed solutions. In addition, a natural question arises: can holders of MasterCard cards suffering from heart rhythm disorders take advantage of this option.
As for the verification of users on the selfie - here, according to Bhall, everything is quite simple and accessible. At the early stage, it is planned to introduce technology in the UK, and by the summer of this year - in another 13 countries of the world - Canada, the Netherlands, Belgium, Spain, Italy, France, Germany, Switzerland, Norway, Sweden, Finland and Denmark - said the Fainential Times .
As noted by the online edition, with the support of the smartphone technical capabilities, the company will provide the ability to authenticate via fingerprint. In the future, the possibility of confirming access by identifying the voice timbre is being considered.
The main goal of innovations is to simplify the procedure for confirming identities when making a transaction from mobile devices and further increase the level of payment security using advanced biometric authentication technologies.
The problem is that, according to MasterCard, despite the development of technology and free access to information about the numerous facts of fraud, many customers are still typing simple passwords, like 123456 or blocking many different accounts, sites and devices with one password. Having gained access to at least one of them, an attacker will get carte blanche for access to the rest without any problems. Representatives of the company claim that the biometric data of users will not leave the company, and the technologies themselves exclude data transmission in a form that would allow them to be stolen or intercepted. And, as security experts rightly say, identification methods increasingly rely on information about who you are, and not about what information you possess. And it really works - you can hack into the cardholder’s account, you can choose or change the password. Making these operations with his face, voice, or vein pattern — somewhat more difficult — Bhalla jokes. And MasterCard innovations in this regard are fully consistent with the spirit of the times.
It should be noted that MasterCard is not the only one who is testing progressive access technologies using face images and other customer identification tools. Alibaba, a popular Chinese online sales platform, has already introduced a payment option after confirmation by photo.
Certain achievements in this direction are demonstrated by IT giants Google, Samsung and Apple, which provide the ability to make a payment after confirming a biometric fingerprint pattern. An alternative solution is the technology of viscular identification by scanning the vein pattern on the fingers of payment card holders for a long time and successfully used in payment terminals of Japanese banks.
In this case, the observation of the pattern of veins provides television camera with infrared illumination. Image input is accompanied by its binarization, which allows to isolate and identify a unique vein pattern.
A source
Dear readers, we are always happy to meet and wait for you on the pages of our blog. We are ready to continue to share with you the latest news, review materials and other publications, and we will try to do everything possible so that the time spent with us will be useful for you. And, of course, do not forget to subscribe to our headings .
Our other articles and events
According to a survey of groups participating in a pilot project in the Netherlands and the United States, 92% of self-testing access control technologies using the selfie favored such a solution, finding it quite comfortable.
Authentication will be carried out through a mobile application downloaded on the user's smartphone or tablet. When making a transaction, the client will receive a push-notification, which will launch the application. The first step, as before, is to enter the bank card data. Further, the user can choose and, if desired, confirm the operation with the device’s camera self-photograph or by placing a finger on the sensor, if there is one. In order to eliminate the possibility of unauthorized entry using a photo-imitation imitation, the company resorted to a very original way: during the snapshot, the user is asked to wink. The resulting selfie image is processed by the program into a code of zeros and ones, and then it is read in the form of a code, and not an image.
')
According to representatives of the company, face recognition service through self is an alternative option that can be used by the client and only in emergency cases, while MasterCard will receive maximum information about the transaction and the user himself ... "We will have a lot of information about your transaction" - Ajay Bhalla, president of corporate sector security, said somewhat ambiguously. For example, ... “We can find out where goods will be delivered or what your location is ie at the time of purchase, "- he added.
The user authentication service via self is not the only one considered by MasterCard as an alternative to the traditional methods of entering a PIN code, password and confirmation code. The possibility of entering from a wearable device, by means of heart rate recognition by a special built-in "cardiograph sensor", is considered as additional. The company conducted the first series of tests of this verification method at the end of last year using Nymi bracelets.
At the same time, the lack of a unified infrastructure becomes a real obstacle to the massive and early implementation of the proposed solutions. In addition, a natural question arises: can holders of MasterCard cards suffering from heart rhythm disorders take advantage of this option.
As for the verification of users on the selfie - here, according to Bhall, everything is quite simple and accessible. At the early stage, it is planned to introduce technology in the UK, and by the summer of this year - in another 13 countries of the world - Canada, the Netherlands, Belgium, Spain, Italy, France, Germany, Switzerland, Norway, Sweden, Finland and Denmark - said the Fainential Times .
As noted by the online edition, with the support of the smartphone technical capabilities, the company will provide the ability to authenticate via fingerprint. In the future, the possibility of confirming access by identifying the voice timbre is being considered.
The main goal of innovations is to simplify the procedure for confirming identities when making a transaction from mobile devices and further increase the level of payment security using advanced biometric authentication technologies.
The problem is that, according to MasterCard, despite the development of technology and free access to information about the numerous facts of fraud, many customers are still typing simple passwords, like 123456 or blocking many different accounts, sites and devices with one password. Having gained access to at least one of them, an attacker will get carte blanche for access to the rest without any problems. Representatives of the company claim that the biometric data of users will not leave the company, and the technologies themselves exclude data transmission in a form that would allow them to be stolen or intercepted. And, as security experts rightly say, identification methods increasingly rely on information about who you are, and not about what information you possess. And it really works - you can hack into the cardholder’s account, you can choose or change the password. Making these operations with his face, voice, or vein pattern — somewhat more difficult — Bhalla jokes. And MasterCard innovations in this regard are fully consistent with the spirit of the times.
It should be noted that MasterCard is not the only one who is testing progressive access technologies using face images and other customer identification tools. Alibaba, a popular Chinese online sales platform, has already introduced a payment option after confirmation by photo.
Certain achievements in this direction are demonstrated by IT giants Google, Samsung and Apple, which provide the ability to make a payment after confirming a biometric fingerprint pattern. An alternative solution is the technology of viscular identification by scanning the vein pattern on the fingers of payment card holders for a long time and successfully used in payment terminals of Japanese banks.
In this case, the observation of the pattern of veins provides television camera with infrared illumination. Image input is accompanied by its binarization, which allows to isolate and identify a unique vein pattern.
A source
Dear readers, we are always happy to meet and wait for you on the pages of our blog. We are ready to continue to share with you the latest news, review materials and other publications, and we will try to do everything possible so that the time spent with us will be useful for you. And, of course, do not forget to subscribe to our headings .
Our other articles and events
Source: https://habr.com/ru/post/390995/
All Articles