Last October, MasterCard revealed that it was testing new ID-verification solutions that used, among other things, facial recognition, to quickly and securely identify cardholders when shopping on their mobile devices. Now the company says the so-called “selfie pay” system is ready for the masses, and that it is working on a way to authenticate users via their heartbeats.
MasterCard announced this week that it will officially launch selfie pay, also known as MasterCard Identity Check, through a partnership with large banks in the U.S., Canada, the U.K., and some other European countries in the next several months.
Instead of memorizing a password – or spending 10 minutes to reset a forgotten password – MasterCard Identity Check uses biometrics (facial and fingerprint scans) in order to complete transactions.
Under the selfie pay system, consumers who download MasterCard’s app are able to authenticate their online purchases by holding their smartphone or tablet to their face to take a quick photo.
To ensure that someone isn’t trying to trick the system, MasterCard says it has created an algorithm that can detect a fraud. As part of that algorithm, users are required to blink while taking the selfie.
Ajay Bhalla, MasterCard’s president of enterprise security solutions, tells The Verge that the facial recognition system will only be used in certain scenarios where further authentication is required.
Additionally, its security is based on whether the transaction appears normal.
“We will have a lot of information about your transaction,” Bhalla said. “Where are you, where are the goods getting shipped, what is your location.”
Bhalla tells The Verge that the company isn’t stopping with selfie pay. In fact, MasterCard is also exploring other alternatives including heartbeat recognition, which would use a sensor to read a customer’s electrocardiogram.
The company conducted trails of heartbeat recognition last year using the Nymi bracelet that can detect consumers’ unique electrical signal produced by their heart.
“It’s constant authentication,” says Bhalla. “This technology can reside in your watch, can reside in any other wearable.”