Biometrics can revolutionise mobile payment security, say analysts Frost & Sullivan
London, UK – Payments carried out via mobile devices have significantly increased in recent years. During a ‘card not present’ process, a personal account number (PAN), expiration date, and card validation code (CVC) are not enough to secure a transaction. Biometrics that provide high levels of security and an intuitive customer experience might be the solution for secure mobile payments.
“Protecting the mobile device itself is a first step necessary to secure mobile payments. Although a personal identification number (PIN) can do the job, in 2011 more than 60% of smartphone users were not using a PIN to protect their mobile access,” noted Frost & Sullivan global programme director, ICT in Financial Services, Jean-Noel Georges.
Over the past decade many biometric projects have emerged with the aim of enabling user identification on mobile devices. In Europe, the MOBIO (Mobile Biometry) project is noteworthy, with the aim of developing advanced biometric tech solutions for authentication on personal mobile devices. Leveraging the existing technologies embedded within these devices (e.g. headphone, microphone and camera), the optimal solutions included voice and facial recognition, and bi-modal authentication.
“The time is now right for biometric technology to emerge as a secure solution for mobile applications that require high levels of security, particularly payment,” said Mr Georges. “From a pure-payment security point of view, biometrics has already delivered significant advantages.”
The need to have a simple and intuitive payment solution precedes success. Natural Security, for example, developed a biometric point of sale (POS) solution based on fingerprint (veins or digital) recognition. The fingerprint reader connects to a contactless object (contactless card) to verify that the identified personal data matches the information stored on the card. This is a practically effortless payment mechanism that does not require a PIN or card and provides a great customer experience.
“One potential mobile development could have a huge impact on biometric security solutions; rumours persist that the next iPhone will include a fingerprint sensor. Given that Apple acquired Authentec with its TouchChip product family in 2012, this is a strong possibility,” added Mr Georges.
Remembering PINs could soon become a thing of the past. With biometrics, the user is the unique key to device, application, and payment security, making it a high rank of protection. But even if these technologies are ready, the cost and complexity of integrating them into mobile devices make widespread roll-out a huge challenge.
Moreover, the end user will need time to accept this new way of interacting with his or her device. Other projects have already appeared that use an individual’s personal magnetic field as an identifying signature. “We expect to see biometrics becoming increasingly prevalent over the course of the next 3-4 years, driven by a desire among vendors and consumers alike to be better protected when accessing mobile services,” summarised Mr Georges.