Verification and authentication were high profile areas of discussion in the payments arena in 2016, with many sighs of the debate continuing in 2017. The widespread integration of EMV technologies in 2016 incented much of the fraudster technology minds to turn to card not present transactions and identity hacking. As stated by the author of the article, many of us are less than inclined to utilize unique and arbitrary passwords to protect our data access points, encouraging vendors to increasingly incorporate biometric identity verification. But this gives rise to its own set of issues.
Think about it – you’re storing people’s fingerprints, facial recognition scans, etc. These are not things that can be replaced. Biometric data is a juicy target for bad actors for this very reason, making wholesale storage of this information risky. So while a match of a biometric template to itself for verification must be made somewhere, enterprises wanting to replace passwords with biometrics should be conscious that biometrics are risky to store.
The proposal of tokenizing one’s biometric signatures to ensure an additional level security as put forth in the article is well-taken, especially with the prospect of having the biometric markers hacked and having an even steeper climb in re-establishing one’s identity. Mercator Advisory Group’s understanding of how merchants and financial institutions are tackling this complex issue will be laid out in a forthcoming series of reports. Stay-tuned.
Overview by Joseph Walent, Associate Director, Customer Interactions at Mercator Advisory Group
Read the full story here