Biometric payments: a solution for anti-fraud transactions

The development of consumer technology has created new expectations for shopping and payments. Nowadays, There are more ways to pay than ever on various channels. Nevertheless, it is not enough for today’s consumers who demand not only technological advances that simplify their payment experience, such as biometric payments but also higher levels of security against fraud.

That is why financial security takes on unprecedented importance, especially when the adoption of tools such as digital wallets or contactless payments is increasing.

Making a payment without needing to enter a PIN is becoming common, but is this practice secure?

It seems that, among all possible contactless payment types, biometrics through biometric payments is positioned as a robust and reliable solution to address new risks in financial transactions.

Let’s explore it.

What are biometric payments?

Biometric payments are a relatively new technology that delivers a different way of completing the authentication or authorisation process for payments, either at a physical point-of-sale (POS) or digitally via an application.

They replace inserting a card at the POS or, in the case of online transactions, entering a PIN and receiving an OTP code, thus streamlining the payment experience.

Biometric payments, therefore, refer to a method of authentication and authorisation of financial transactions that uses unique and distinctive features of a human to verify a person’s identity. These biometric features may include physical characteristics such as facial recognition, voice biometrics and fingerprints.

Rather than relying on passwords, PINs or other traditional authentication methods, biometric payments use the above unique features to confirm the identity of the individual making a transaction. They are also instrumental in fraud prevention, as biometric features are difficult to replicate or steal.

So, can biometric payments fight fraud?

Biometric payments have the potential to combat biometric fraud effectively because they use features of the human body to authenticate transactions. Nevertheless, the effectiveness of this technology depends on different factors.

First, the accuracy of biometric recognition systems is mandatory. The algorithms used to identify and verify biometric features must be highly accurate to avoid identification mistakes that could lead to fraudulent transactions or incorrect rejections of legitimate ones.

Furthermore, additional security measures need to be implemented to protect users’ biometric data. Data encryption is key to safeguarding biometric information during storage and transmission. Encryption ensures that only authorised players can access and use this information, reducing the risk of unauthorised access and misuse of the data.

It is also necessary to consider the interoperability and compatibility of biometric systems with different payment devices and platforms. 

Another point to take into account in this section is the inclusion of liveness detection in biometric payment system. This component helps to prevent identity theft attacks by making it much more challenging for impostors to use fake images or videos.

Types of biometric authentication used for biometric payments

There are several ways in which biometric payments are used, many of which involve mobile devices or smartphones. Here are three types of biometrics for payments:

• Voice recognition: In this case, the customer completes a transaction using spoken commands on their mobile device. The bank’s application, in this case, would use voice technology to verify the user’s identity and perform the payment request.

• Facial recognition: Instead of verbal commands, the consumer pays using facial technology. Authentication methods based on facial biometrics only ask the user to place their face inside the indicated oval, and the facial recognition algorithms compare the user’s face with the biometric template previously registered for this purpose.
• Biometric fingerprint payment system: it is currently the most widely used biometric payment method, especially in payment tools such as Apple Pay that use the biometrics built-in in the mobile phone to authorise a transaction. Nevertheless, using the phone’s fingerprint scanning system is not always secure.

Know about biometrics embedded in the mobile device as a method of authentication 

This system can also be used to make purchases in physical shops, as some financial institutions provide their customers with biometric payment cards linked to their bank accounts. It will be discussed in the section Other forms of biometrics in payments: biometric payment card.

Components of biometric payment system

As mentioned, biometric payment is increasingly gaining ground as a payment method. This approach relies on advanced algorithms and sophisticated devices. Using scanners such as fingerprint readers or facial recognition cameras, users can carry out transactions securely using their own data. This data is used to authenticate identity through an algorithm. Some of the elements of biometric-based payment technology are detailed below:

• Algorithms: Biometric payments rely on state-of-the-art algorithms responsible for processing the data and confirming the identity of users. These algorithms perform a biometric comparison of fingerprints, faces or voices.
• Hardware: For in-person payments, biometric scanners, such as fingerprint readers or facial recognition cameras, can capture a user’s biometric data. This data is sent to the authentication algorithm for verification and processing.
• ‍Mobile phones: The mobile phone can be used to authorise online transactions.
• Biometric payment cards: These debit cards remove the magnetic stripe and incorporate fingerprint sensors embedded in chips. This component will be discussed in more detail in another section.
• Servers: Once identity is confirmed, the transaction is processed on secure servers. These servers use encryption and other security protocols to protect customer data, ensuring the privacy of transactions.
• Payment applications: We find applications such as wallets and payment apps that allow users to authenticate themselves biometrically. These biometric payment methods are characterised by their ease of use, making transactions fast and secure.

But then, how does payment with biometrics work?

Biometrics is used in payments for authentication and authorisation purposes. Nevertheless, the process is different for e-commerce and in-person transactions.

Biometric payment on e-commerce

In this scenario, the customer’s identity is authenticated in an application. This method is at its peak, especially with the proliferation of open banking.

It is now common to find wallets that make use of fingerprint or Face ID to enable customers to make payments with contactless technology, such as Google and Apple Pay. Nevertheless, it is essential to remember that biometrics built-in devices are less secure than vendor biometrics. Banking applications can incorporate biometric authentication solutions from third-party providers to add a layer of security to their processes and personalisation.

Here is the biometric payment process using vendor biometrics:

1. Registration: First, the customer must complete the digital registration process at a financial institution that offers the biometrics payment option. During this process, the identity document is captured, and identity is verified by biometrics through a face capture. Once enrolled, the biometric template is stored for future transactions.
2. Initiation of the transaction: Once customers have a biometric template, they can purchase online. When they reach the payment gateway, they can use their face to authenticate instead of typing their card PIN.
3. Transaction authentication: Biometric data is captured and compared with previously stored data. If they match, the transaction is authorised, and the purchase amount is removed from the cardholder’s bank account and transferred to the e-commerce platform.

Biometric payment at physical points of sale

In this case, hardware is used to capture the customer’s image, typically using a high-definition camera, a totem or a modified point-of-sale system capable of capturing this information. Furthermore, the current trend indicates that this hardware can be used to accept payments and verify age, for example, when purchasing alcoholic drinks.

Mastercard carried out a biometric payment pilot programme in UK supermarkets, where consumers used their faces to pay instead of contactless cards, smartphones or PINs. Shoppers simply scanned their faces using the retailer’s app and associated their faces with a bank card stored on file.

The multinational financial services company’s pilot appears to be a fast-approaching reality that will leave behind product scanning and innovative checkout-free payment applications, such as Sainsbury’s SmartShop in the supermarket.

Other forms of biometrics in payments: biometric payment cards

Biometric payment cards are credit or debit cards with biometric authentication features to verify the cardholder’s identity before authorising a transaction.

If we refer to fingerprints, this card type incorporates a fingerprint sensor. 

To use this card, users should complete a registration process online or at a bank branch. In cases where this is done digitally, the user completes a guided process to register using a biometric reader sent with the card. Once registration is complete, the fingerprint data is stored on the card’s security chip and ready for use.

When the cardholder wants to make a purchase, they simply place their finger on the fingerprint sensor built into the card. The transaction will be completed when the card is inserted at a POS. It is important to say that biometric verification occurs on the card and not elsewhere.

Consumers are ready to switch from PIN to biometrics

Consumers seem to be increasingly willing to use biometrics. A Visa research revealed that 86% of Americans are interested in using biometrics to verify their identity or make payments. The same study found that 70 % of users consider biometrics easier to use than passwords, a problem in an increasingly digitised world.

Interest in biometrics in payments is also spreading to Europe. Another company investigation uncovered that 68% of Europeans see its use in this area as positive. The trend is even stronger in the United Arab Emirates, where a survey showed that 98 % of users are willing to use biometrics to pay.

The data suggest that biometrics is an alternative to traditional payment methods and that consumers increasingly demand contactless payment solutions. The biometric technology market is expected to exceed USD 55 billion by 2027.

In the current context, our biometric technology (MobbID) is the perfect ally to support businesses transitioning to the modern era of biometric-based payments.

Use cases where Mobbeel biometrics can be used for biometric payments

There are several use cases where biometrics play a key role in payments:

• Banking: Mobbeel biometrics can be used in the banking industry to authenticate users when performing financial transactions and prevent cyber fraud. It not only speeds up the payment process, but also increases security by requiring unique features such as facial or voice recognition.
• Online shopping: In e-commerce, MobbID ensures a seamless and secure payment experience. Users can authorise purchases using their biometric features, eliminating the need to remember passwords or codes.
• Retail: When shopping in physical shops, biometrics can be crucial in payment authentication. Customers can authorise purchases simply by using their biometric features, reducing the wait at checkout and the need to carry cash or even credit cards.

Feel free to contact us if you would like to secure biometric payment transactions using biometrics from Mobbeel, a leading anti-fraud solution.