MasterCard Rolls Out 'Selfie' Verification For Mobile Payments

An anonymous reader writes: MasterCard has announced plans to invest in facial recognition technology in the UK, in a push to reduce false decline transactions and increase security for mobile payments. Following trials in countries including the U.S. and the Netherlands, 'Selfie Pay' will be introduced in Britain this summer as part of the financial services company's identity validation process. Users will be able to choose between finger scanning and face recognition for verification, instead of traditional passwords or PIN numbers. Consumers will be asked to upload their pictures to be stored on MasterCard servers [paywalled]. These registered images will then be used as a reference every time a user opts for facial verification during a transaction.

I'm going to upload a dick pic

[Anonymous Coward]

Which will make things really awkward at the store.

Re:

[xxxJonBoyxxx]

Nah, I've been doing this at my farmer's market for years. Four mushroom stamps = fifth one free.

Re:

[Anonymous Coward]

Australia is way ahead of you. [dailymail.co.uk]

Re:

[rwise2112]

Australia is way ahead of you. [dailymail.co.uk]

Man! What a dick!

At least it

[goombah99]

Will work on Halloween unlike face recognition. But you'll have to stop using chat roulette or your bank account will be drained. I

Re:

[PopeRatzo]

Dear Mastercard,

Here is my selfie:

http://i.dailymail.co.uk/i/pix... [dailymail.co.uk]

I would like to order a case of beer, an Alfa Romeo 4C in black on red, and a bikini wax for the old lady.

Most people want convenience.

[Anonymous Coward]

Convenience, convenience, convenience. That is what sells to the majority.

Re:Most people want convenience.

[cayenne8]

I am NOT going to give my credit card companies, nor bank my picture or fingerprints.

They don't need it and I don't want them to have them.

Fuck it, if they try to force this in the US, I'll cancel my cards and just do all cash...which I try to do more and more every day anyway.

Re:

[Ravaldy]

Fuck it, if they try to force this in the US, I'll cancel my cards and just do all cash...which I try to do more and more every day anyway.

You being a little drastic. You've already given them far more than your fingerprint and picture so I'm not sure why that's your biggest concern.

As for cancelling the cards. I wish you good luck with dealing everything in cash. Last I checked most online stores require a credit card. You could proceed with a prepaid card but the inconvenience will eventually make you go back.

Re:

[theprophetof sarcasm]

I am NOT going to give my credit card companies, nor bank my picture or fingerprints.

They don't need it and I don't want them to have them.

Fuck it, if they try to force this in the US, I'll cancel my cards and just do all cash...which I try to do more and more every day anyway.

You did read the article right? It clearly says for Mobile payments. You know from like your phone. It will be housed on the phone, I how most use your fingerprint to unlock it. Why the sudden jumping of the grid conspiracy theory. Calm down man it's going to be on something you already use that has that information, no more no less.

Re:

[theprophetof sarcasm]

No, it won't, otherwise it would be (even more) useless. You'll have an app on the phone, which will upload the photo to Mastercard's servers for verification with a previously uploaded photo. And I don't know who are "the most" who allegedly use their fingerprints on their phones: did you count them one by one? I use a password, I have no intention to switch to fingerprint, and "the most" of those I know do the same.

There could easily be a generational gap here. Most people I know use their fingerprints to unlock their mobile phones. I myself use Samsung pay for most of my transactions. It has my fingerprint registered on the phone and uses the record from the phone to authenticate that it me. What's wrong with that? it works just well and is more secure than a pin... So "the most" people that you know are they to crazy off the grid conspiracists or an older generation?

Re:Most people want convenience.

[ShaunC]

My objection to using my fingerprints as a means of authentication is that they're permanent and irrevocable. If someone gets ahold of my passwords, I can change them. My fingerprints, not so much.

Re:

[cayenne8]

It will be housed on the phone, I how most use your fingerprint to unlock it.

I don't give my phone my fingerprint either....I have complex passcodes. You can't be forced by the authorities to give those up, but they can make you press your thumb/finger on the sensor to open it up.

Re:

[innocent_white_lamb]

I use my credit cards (American Express and Mastercard) to pay for everything that I possibly can because I get a cash refund by doing it that way. I get 1.25% refund from American Express and 1% refund from Mastercard for most things and 2% from Mastercard for charges made at grocery stores.

Therefore, when I pay by credit card I am getting a discount on everything that I buy, up to and including things like my municipal water bill.

I'm aware of no other way that I can get those kinds of discounts on just a

Re:

[ShanghaiBill]

Two factor is a user selectable option. You get to pick if you want face-id, thumbprint, and/or PIN. You can also set thresholds, so that, say, any transaction for less than $20 goes through automatically, but a thumbprint is required for $20 to $100, and a thumbprint plus a PIN is needed for anything over $100.

Re:

[JcMorin]

Why not just an app on your phone that you click accept or denied? No need to enter a pin...

Re:

[Ravaldy]

I've been saying this for years but the major challenge is allowing the transaction to go forward when that is not available like travelling to another country with roaming off or simply in the middle of nowhere with no access to data all together.

I think there's a way to make this work and considering the big CC companies have plenty of resources at hand I'm surprised things are moving quicker.

Re:

[montrealdakar]

The good old SMS works pretty much everywhere

Re:

[Ravaldy]

Trust me when I say it DOES NOT!

Just travelling up north between towns you lose signal for kilometers.

Re:

[hawguy]

I've been saying this for years but the major challenge is allowing the transaction to go forward when that is not available like travelling to another country with roaming off or simply in the middle of nowhere with no access to data all together.

I think there's a way to make this work and considering the big CC companies have plenty of resources at hand I'm surprised things are moving quicker.

The app can keep a set of one-time-use codes for times when your phone is off the network. Use of such codes could trigger more stringent fraud protection for those transactions.

Re:

[hawguy]

I've been saying this for years but the major challenge is allowing the transaction to go forward when that is not available like travelling to another country with roaming off or simply in the middle of nowhere with no access to data all together.

I think there's a way to make this work and considering the big CC companies have plenty of resources at hand I'm surprised things are moving quicker.

The app can keep a set of one-time-use codes for times when your phone is off the network. Use of such codes could trigger more stringent fraud protection for those transactions.

Or it can just keep a private key for each user and generate codes with that private key on its own when it's off network -- the bank can validate those offline codes against their copy of the public key. They can rekey periodically so even if someone compromises the app, the key has a limited lifetime.

Re:

[Ravaldy]

That's hackable. The other solution has codes generated by the servers. I think it's safer.

Re:

[hawguy]

That's hackable. The other solution has codes generated by the servers. I think it's safer.

Both solutions are hackable. If someone can hack the app to get to the private key, they can hack the app to get to the set of pre-generated codes. I'm assuming that you're not suggesting that public key cryptography itself is hackable.

But the nice thing about PKI is that the app doesn't have to set an upper bound on how many transactions can be completed offline, while if a static set of single-use codes is downloaded, that puts a hard cap on how many transactions can be completed offline.

Anything that can

Re:

[Ravaldy]

I think your solution works good as long as the key is re-generated on a regular basis. The problem with a static keys stored locally on a device is that a copy of the device = ability to generate transactions at will. Obviously we can keep finding loop holes until we lose the will to live but what you and the other fellow suggested makes it such as smaller problem than it currently is.

So now, lets get coding and push this. Sounds like we have enough brain power and ideas to go make tones of money and becom

Re:

[Ravaldy]

That's a great idea!

Chip cards a step back

[goombah99]

Yeah you noticed this too? What were they thinking? It's not an eternity but it really slows down what used to be a quick transaction when you buy a cup of coffee or something quick and easy. For you an extra thirty seconds might not matter but for the vendor it will add up. If they were doing 30 transactions an hour it will have an impact. Drive throughout aim for twice that.

Re:

[slashping]

I've noticed many ATMs are poorly designed, and do the operations such as scanning the card, entering PIN, printing the receipt, counting the money, and cueing the user to take back the card in slow sequential order, instead of combining as many actions as possible.

Re:

[vux984]

That's not poor design, that's deliberate design.

Too many people left things behind when it happened at once. So now the card doesn't come out until AFTER you take the money.

(At least if you forget the card, its probably not that big of a deal); since it's useless without the pin.)

Plus doing multiple things at once leads to much more difficult to handle error conditions; which is something you don't want to do when dealing with money. So each step is an atomic transaction. Don't do X until we know that Y wa

Re:

[slashping]

That's not poor design, that's deliberate design.

It's deliberately poor, yes. With a bit more thought, you can do multiple things at once and still do them correctly. It's not like it's controlling a nuclear reactor or a jumbo jet. There's only a handful of things going on at the same time.

Re:

[TheRaven64]

Too many people left things behind when it happened at once. So now the card doesn't come out until AFTER you take the money.

Are you sure? That's a regression if it's really the case. The normal design is to not release the money until after the user has taken their card because the user's attention is on the goal (getting the money) and once that's achieved they are very likely to forget anything else associated with the task (including getting the card). In the UK, instances of people leaving cards in machines dropped hugely in the '80s when they switched the order from release-money-then-card to release-card-then-money.

Bu

Re:

[jratcliffe]

Me too. My usual breakfast place had to add a second terminal (still just one checkout) because the credit card cycle time slowed down so much.

What prevents the bad guys ..

[Anonymous Coward]

What prevents the bad guys from taking a selfie of your picture?

Re:

[Flavianoep]

WHAT? How can someone take a selfie of someone else's picture? It is not how selfies work!

Secure? or Convenient?

[QuietLagoon]

Is this really more secure? Or is it just more convenient?

Re:

[Anonymous Coward]

You could get around this kind of "security" just by holding up a photo.

Re:

[gweilo8888]

In which case you hold up your iPad to the camera and play a short video. This is an idiotic idea, and there's no way on god's green earth I'd participate in something so easily circumvented. You'd need dedicated hardware incorporating more than just a regular still / video webcam for this to provide even remotely-meaningful security.

Re:

[Anonymous Coward]

No, most of these applications are designed to mitigate that by asking for the person to blink or smile or something. Now: an emulated video feed might work once, but they should also be doing comparisons to previous logins to avoid the same video loop from being used multiple times. Simple crop/distort/stretch and additive noise to create variation should confound naive image hashing so they would do well to use image features to do that analysis but the false positive rate will go up the more sensitive th

Re:

[The-Ixian]

I was thinking about this.

A picture of yourself is hardly private information and so there must be something more to this than a simple image verification.

I am thinking infrared or motion are going to be integral elements to this.

Re:

[TheRaven64]

Fingerprints work fine for authentication if there is a human checking that it's actually your finger going on the reader (and not, for example, a jelly baby) and if the value of the thing that it's protecting is low enough that it's not worth printing custom finger coverings that mimic someone else's print. They're most useful for deterring casual attempts. Using them to unlock a phone means that some random stranger who picks up your phone can't instantly unlock it. An adversary that wants to invest ti

Re:

[thegarbz]

This is how it is done in commercial units. However the key problem here is: are they going to be using commercial units? Nope. So now you're stuck with whatever technology is most common in a cell phone.

Re:

[pr0fessor]

Well, I have a brother that is not a twin but even my sisters used to have trouble telling us apart, not so much now he has a beard and short hair I keep a clean shave and long hair. I imagine if we had the same hair and facial hair style we could fool the facial recognition software fairly easy.

Re:

[tlhIngan]

Is this really more secure? Or is it just more convenient?

Neither. It's for vanity. It's to appeal to the millennials to give them one more selfie opportunity, so they can charge their card AND post about their new purchase on social media at the same time.

If's to encourage sales, which means more revenue for MasterCard in the end. If they had a doubt whether they wanted to buy something, well, the ability to take a selfie of it will hopefully convince them to buy.

Re:

[alphatel]

Now that they got your features, they are likely to mint a currency in your honor, aka facecoin.

Re:

[slashping]

But what if you're really a doge ?

Re:

[NEDHead]

Per apps, per apps not

Revoke?

[Anonymous Coward]

Suppose it's as secure as a password.

A password can be changed/revoked when you think it's insecure.
Suppose we also had this kind of protection from photos. I wonder what it would look like.

"He's smiling but didn't shave but looks bored" therefor it's authorized? "Wait, he revoked that as well" "umm, let's go with unshaven, fluffy bunny hat, asymmetric smile..."

I know it's easier but it is not a password.

Re:

[cayenne8]

This is awesome - can they tie to my passport?

Yeah, but what if you don't have a passport?

I'd dare say most US citizens do not have a passport, and never have had one....so, not really a common denominator.

This should be fun...

[__aaclcg7560]

Every time my friend tries to use Apple Pay with his iPhone, his bank automatically deactivates his debit card and he has to call in explain what the fraudulent activity he was trying to commit.

Payments only?

[drew_kime]

Will this also replace PIN numbers at ATM machines? /grammar

Re:

[dogvomit]

Will this also replace PIN numbers at ATM machines? /grammar

I've often wondered if FET transistors are involved when you type your PIN number at an ATM machine that uses LCD displays.

—George

Re:

[fisted]

There's probably one or two in the RAID array.

Wow

[drew_kime]

"RAID array" is ... redundant.

Mind. Blown.

So let me get this straight...

[Ghostworks]

...Mastercard is going to consider a selfie run through facial recognition to be as good as a fingerprint. So in order to be able to steal, say, Jessica's money, you need to have her card number and a large photo of her face you can hold up in front of your own face. Or if the transaction is monitored by a clerk who might be marginally competent, you can be more subtle and wear the the photo on a tee-shirt, taking a photo of your chest to pay. Maybe the phone itself is the ID, and the selfie just supposed to be proof that you are in possession of the phone? And all of this assumes that you have to upload the photo through an app and can't just text a saved image. If that's not true it's yet another point of failure.

I supposed possessing a card and a photo (or card and phone?) is marginally better security than just card. But my PIN isn't on Facebook, or in my phone's camera folder, so this is worse than just entering a PIN on your phone. The only value of the scheme is in using the phone as a side channel (harder to snoop on than a public keypad), or a as form of ID all it's own. So why not just put the existing identifier (the PIN) on the side channel, and not introduce novel way to fail?

This feels like when banks started letting you check your account over twitter because they just "didn't get it."

Re:

[slashping]

...Mastercard is going to consider a selfie run through facial recognition to be as good as a fingerprint

Could be correct. Fingerprints aren't very secure either.

Re:

[Anonymous Coward]

At least you can't download most people's fingerprints from Facebook.

Re:

[Anonymous Coward]

They should skip straight to full handprints instead so they can call the new service FacePalm.

Re:

[davew666]

You have to blink whilst doing the selfie, to make sure it isn't a photo http://www.bbc.co.uk/news/tech... [bbc.co.uk]

Re:

[psithurism]

You're mastercard requires a fingerprint? All my master card requires from me, after a number, is a "signature." I frequently spend several hundred dollars on my card and leave a small squiggle, assuming the touchscreen worked that day, to confirm it was definitely me who made the purchase.

Instead of having just a number (which has been taken from me at least twice before), this person needs to spoof my phone and have acquired pictures of me. It's not perfectly secure, but this is orders of security above t

I'm now convinced...

[Anonymous Coward]

The future is stupid.

Re:

[Ravaldy]

It's one reason why it is important for people to die...true immortality would result in way too much political power in the hands of people who are hopelessly trapped in the past.

That's only true because the ideas that come out are ridiculous and lack wisdom. If anything, the work force holds on to older talent because they avoid or minimize non sense.

Age DOES NOT equal lack of wanting to move forward but youth does equal thinking outside the box because of lack of wisdom. This thinking outside the box is usually well paired with wisdom as crazy ideas can be tamed to idea with large potential.

There are always people that refuse to accept change no matter what age. Every single perso

'Privacy' agreement

[kheldan]

I'm sure part of the 'privacy' agreement that will go along with this, is the 'sharing' of the exemplar photo and/or fingerprints with their 'partner' companies, which no doubt will also include the government. For safety purposes, of course. Really, the government only wants to know where you are at all times and everything you're purchasing for your own safety, really they do!

Bollocks.

Re:

[Actually, I do RTFA]

which no doubt will also include the government.

Fuck the government, it will no doubt include Facebook.

The government just wants power over me. Advertisers want to target my psychological weaknesses to take everything I own and put me in debt forever. (Not that I think they'll succeed to that extent, but private companies will probably have worse consequences for me.)

Re:

[Actually, I do RTFA]

I'll grant you that the potentially worse result belongs in the governmental column. But the expected worse results is definitely in the corporate one.

For one, the delta for the government power is less. The government really doesn't need Mastercard, they already have my Photo ID pictures.

For another, they can show up at my house tomorrow and march me off for no reason (other than, you know, my rights.) Already have that power.

The government however is restrained by various reasons. Whereas, I've never

Here's hoping

[ThatsNotPudding]

Here's hoping the algorithm is good enough to pick up the fear in someone's eyes that have a knife held up against to them out of camera view.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[pr0fessor]

I have a brother that's not a twin but even my sisters had trouble telling us apart until we started wearing different hair and facial hair styles. His friends would often stop me in stores because they thought I was him and sometimes still do if they haven't seen him recently. Aside from the obvious difference in cameras, hair, and clothing styles of the era we both also look just like pictures of our father at around the same age.

Revoke credentials

[manu0601]

How are they going to cope with the problem that biometric credentials cannot be revoked once they have been compromised?

Foolproof

[garryknight]

I've always used a simple, foolproof method of my own invention.

"Can you identify yourself, sir?"

*Pulls out small pocket mirror*

"Yep, that's me all right."





I think "foolproof" is the right word...

Samsungs face detection...

[Colin Castro]

was beatable by a photo on my iPhone of the same person. I doubt that these "facial recognition" banking apps will be any more secure.