“Selfie pay” is a bit of a misnomer. Instead of, say, letting you order takeout with a mugshot, MasterCard’s mechanism acts as a security check, authorizing usage of a credit card you’ve previously saved to your phone or tablet. Here’s how it works: you download MasterCard’s Identity Check mobile app to your handheld, point the device’s front-facing camera towards you, and snap a pic. MasterCard says its gone to great lengths to ensure the system isn’t easily fooled: its algorithms can tell the difference between you and a video recording, and you’re required to perform a “liveness” test — blinking your eyes — before selfie check will let you snap a photo. And that’s in addition to MasterCard’s other safeguards, MasterCard’s President of Enterprise Security Solutions Ajay Bhalla told The Verge. “We will have a lot of information about your transaction,” he said. “Where are you, where are the goods getting shipped, what is your location.”
Selfie pay will roll out to Identity Check users in more than a dozen countries including the U.S., Canada U.K. later this year, MasterCard says. The expansion follows a successful trial last year involving the California-based First Tech Federal Credit Union and the Children’s Miracle Network Hospitals. Pilot members came away with quite positive impressions, MasterCard says: more than 90 percent said they could see themselves using selfie pay or a similar form of biometric authentication “every day,” and 86 percent found it easier than entering a password or PIN.
If selfie pay still sounds like a big hoop to jump through every time you want to buy an app or rent a movie, not to worry — it’s optional. On supported devices like the iPhone 6 and 6S, Identity Check will let you alternatively authenticate with a fingerprint. And more broadly speaking, selfie pay’s less intended as a broad brush than a solution for services that require the additional layer of security afforded by biometrics: it’ll initially be limited to online retailers, MasterCard’s senior vice president of U.S. enterprise solutions Catherine Murchie told the Chicago Tribune.
But selfies are just the beginning. MasterCard’s actively experimenting with wilder forms of biometric authentication. One possibility is electrocardiogram (heartbeat) recognition. The company’s conducted consumer trials with the Nymi Band, a heart rate tracker, in Canada and the Netherlands. Its biggest advantage over selfies and fingerprints, Bhalla told The Verge, is its immediacy. “It’s constant authentication,” Users literally don’t have to lift a finger; readings are taken continuously in the background. “This technology can reside in your watch, can reside in any other wearable.”
Heartbeat recognition’s at least a few years off — it lacks the infrastructure to support it, Bhalla says — and so MasterCard’s hedging its bets, working on iris scanning and voice recognition tech in the meantime. As for selfie authentication, the company says it’ll hit users’ phones in the coming months.
