Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Tuesday July 16 2019, @02:22AM   Printer-friendly
from the biometrics-are-the-"account"-not-the-"password" dept.

Visa's vision for the future of payments is password-free

Visa believes the payment industry can move away from passwords in the next five years thanks to advancements in authentication and anti-fraud technologies that are already making "static" cardholder verification (CVM) methods such as signature and PINs optional.

With the ability of financial institutions and merchants to share 10 times more data with each other than ever before, and the growing sophistication of artificial intelligence (AI) that is making fraud detection faster and more accurate, Visa head of product Axel Boye-Moller believes that as this ecosystem evolves to be more secure, and AI and biometrics capabilities further mature, there is a future where legacy verification methods are eventually eliminated.

"Over the last few years as mobile technology has evolved, we're seeing increasingly biometrics included in mobile hardware -- that's really starting to take off as more and more banks and other providers start rolling out mobile payment solutions," Boye-Moller told ZDNet.

"But there's still a lot of ground to cover. Passwords can be incredibly frustrating. You forget them and they can be stolen."

[...] Additionally, Boye-Moller said as more payments are conducted via a mobile device, it becomes "very fiddly" to enter a password on smaller devices.

Increasingly, he added, there has been an explosion in the amount of connected devices that are accompanied by more online accounts and subscription-based payment requirements.

"We think biometrics is absolutely a critical part of that solution -- both convenient and secure," he said.

"The way they rolled out [mobile payments] standards is that every single transaction that is done or adopted is biometrically authenticated with a fingerprint or facial recognition."

While he said biometrics is part of the solution of moving to a password-free world, he believes it requires many other layers on top of that to drive more secure and convenient solutions.

"We believe that if we continue to collaborate strongly across industry we can we can reduce the current fraud rates by half by 2025," Boye-Moller added.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Insightful) by AthanasiusKircher on Tuesday July 16 2019, @02:40PM

    by AthanasiusKircher (5291) on Tuesday July 16 2019, @02:40PM (#867572) Journal

    The other step is authorization and this MUST be something you know. That is important because [...] Without these two steps [...] you cannot be sure [...] they really are attempting to complete the transaction.

    The question about the latter is -- do they really care about that? I'm serious. I haven't seen it from credit card companies yet, but my perception is that in recent years there's been a systematic push from corporations to undermine the traditional need for purchase authorization.

    Why? Because they know that many people just pay bills. They just pay for crap that arrives, rather than go through the hassle of returning it or fighting it. My mother used to be one of these people long before the internet -- she'd see some ad on TV for some magical item ("With 3 easy payments of just $19.95!) and order the thing. And it would arrive. And it wouldn't work. Or she didn't use it. Sometimes she didn't even get around to opening the box for a couple months. And then she'd have some idea about returning the item, but almost never got around to it.

    Lots of people are like this, but today even the slightest impulse is enough to get some piece of junk. "Ooh, that looks good!" you think, and Amazon's patented 1-click has the item on the truck to your door immediately. No time to think about it while you're entering an address or card number or even giving the most basic confirmation.

    But no, companies are interested in going far beyond this. We saw it with the debacle of in-app purchases, which Amazon and Google et al. fought for years to keep as "open" as possible. People complain that kids racked up $300 bills for Smurfberries or whatever, and others just say, "Well, you should have paid attention to your kids! Look at what apps they have, supervise them, don't allow purchases!" People forget that many of these platforms lacked even basic controls in the early days -- hence the lawsuits. There was originally no way to limit in-app purchases on some early tablets. No way at all. And when they did institute password protection, at first it was limited... and gradually they allowed more.

    You know why? Because I'm sure these companies did the math. And they realized for every person who complained that their kid bought X dollars in Smurfberries, there was another consumer to whom this happened, and that consumer just paid the bill... figuring it was somehow their fault or it wasn't worth the hassle to dispute it. What percentage of folks with small bills will just give up and pay them? 30%? 50%? 70%? Even payments for $20 or whatever add up when it's hundreds of thousands of people.

    Bottom line is that companies clearly want to break down the authorization component. They want you to order stuff by impulse or even accidentally and then forget to return it or give up and pay because it's too much of a hassle.

    Now, you might say -- credit card companies surely don't want that, do they? Well, why not? They skim a fee off the transaction too. Their main concern is outright fraud. With real fraud, they will lose money. So, this system needs to be good at verifying ID. But authorization? Credit card companies have a reputation for having greater consumer protections, but how many people actually dispute a bill if there's some chance they were at fault? Obviously they can't go overboard with this, but most of this isn't usually their fault anyway. How much "authorization" is wielded now by credit card companies when someone clicks on "Buy Now!" on Amazon?

    Nobody cares about authorization. They don't now, and companies continuously seem to be pushing for less and less safeguards before you make a purchase, because they probably see that it's profitable.

    Starting Score:    1  point
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3