Mastercard Selfie Security

Mastercard now accepts selfie photos and fingerprints as alternatives to passwords when verifying IDs for online payments.

16:30 23 February 2016

Credit card firm Mastercard now allows users to verify online payments using selfie photos and fingerprints following a successful trial conducted in the US and the Netherlands last year. The announcement was made at the Mobile World Congress tech show in Barcelona.

 

While experts see the biometric check's potential in cutting fraud, security researchers said that it could be easy for hackers to spoof the system.

 

The new verification system will be rolled out this summer in the UK, US, Canada, the Netherlands, Belgium, Spain, Italy, Germany, Switzerland, Norway, Sweden, Finland and Denmark.

 

To use the system, users must download an application on their smartphone, tablet or PC.

 

Users will still be required to provide their credit card details as normal. If further authentication check is required, they can provide a selfie and use the fingerprint sensor instead of typing their password.

 

Users who opt for a selfie will have to blink into the camera to prove they are not just holding up a photo.

 

Ajay Bhalla, chief of the firm's safety and security division, said: "Consumers hate passwords."

 

"We know the most commonly used password is 123456, so they are not secure, and people also use the same passwords for multiple sites. If one site gets hacked all the places that you use the same password get compromised - they are a big pain.

 

"In the modern world everyone has a mobile phone and there is internet connectivity everywhere. So, we should be able to use biometrics [instead] to authenticate ourselves."