biometrics around the world
Regulating Security Gives a Leg Up to Realistic AuthenticationAs September 2019 draws near, various PSPs are making their
moves towards full compliance with PSD2's regulatory technical standards
regarding security and functionality. This comes on the heels of the
implementation of another regulation, GDPR, whose online privacy rules also
made upheavals in the financial sector. And just like with GDPR, PSD2's impact
and consequences are yet to be seen.
PSD2 Boosts Biometrics
Among other things, PSD2's
security requirements have led to a rise in the use of biometric technology.
Many companies are making efforts to incorporate the technology into their
services.
Mastercard is testing its fingerprint-scanning chip cards in
South Africa and hopes to do the same in the UK. In the US, CaliBurger is
testing a system that links customer faces to loyalty cards, while Fujitsu is
developing payment terminals with palm and finger scanners.
This development is part of
the Strong Customer Authentication initiative, which requires several different
factors to allow a transaction to take place. One such factor is biometric
data, such as retinal scans or fingerprints, which is then combined with PINs
or passwords and device IDs to confirm customer identity.
Corporate to Implement Biometrics?
Biometrics are making inroads into corporate payments as well. A senior manager for Hitachi Europe, Elias Thomaidis, stated in 2018 that as the deadline for PSD2 implementation approaches, corporate PSPs are being encouraged to consider implementing biometrics as part of their own security measures, as well as their customers. But a point to consider in all of this is also the potential conflict between GDPR and PSD2.
While GDPR requires customer data remain private and secure, PSD2's aim of open banking requires banks to share customer data with their consent, since sharing and analyzing data is at the regulation's core. What will happen once both regulations are in full force simultaneously? Only time will tell.
E-commerce
The EU's Digital Single Market strategy aims to make e-commerce as easy and safe as possible for the European consumer. It stopped geoblocking, a practice where online retailers discriminated against customers on the basis of their place of residence and refused to ship to them or even accept payments from certain locations.
Rules are now in place that ensure all EU customers are treated equally. The strategy also guarantees full price transparency for cross-border parcel deliveries, which allows for increased competition within the delivery service sector and provides customers with more delivery options.
What the Future Holds
A new VAT for online sales is coming in 2021 and before that, new rules for online consumer protection will be in place in 2020. These will enable the removal of sites or social media accounts involved in scams and make tracing rogue online traders easier by requesting information from ISPs and banks.
Certainly, there will be both plenty of room for biometrics in all these sectors in the near future, like verification of every fifth transaction on a card with a fingerprint from a previously authorized device. And plenty of need, as well.
As the payments industry grows and becomes more diverse, it
makes sense to invest in and make use of the uniqueness biometrics inherently
bring to customer authentication.