Biometric Payments: The Future of Transactions or a Privacy Nightmare?

Biometric payments are on the rise globally, leveraging methods such as pay-by-face, fingerprint recognition, retina scans, voice payments, and pay-by-palm. The increasing demand for faster, contactless, and frictionless transactions is driving the surge in biometric payment adoption.

However, privacy and security remain significant concerns that must be addressed. With privacy protection laws evolving worldwide concerning biometric data, it remains to be seen whether biometric payments will thrive or decline.

Why Biometric Payments?

With the advent of COVID-19, contactless payments have become the preferred mode of transactions worldwide. The pandemic has accelerated the shift towards contactless methods due to their ability to minimize physical contact. This shift has paved the way for a wider acceptance and adoption of various contactless payment technologies, including biometric payments, which offer added convenience and security.

Another factor driving the adoption of biometric payments is the speed of transactions. Biometric authentication methods enable swift and seamless payment processes, reducing wait times and enhancing the overall customer experience.

With biometric authentication, a person's unique biological traits become their payment method. This convenience eliminates the need to carry physical cards or cash, making it easier and more secure to complete transactions.

Implementations

China's biometric payment systems are highly advanced, with pay-by-face technology implemented by AliPay, which was launched as far back as 2015.

Amazon One is a payment system offered by Amazon that works by reading users' palm prints. It’s used by retailers like Whole Foods Market, Amazon Go, and Amazon Go Grocery.

Difference from Mobile Biometric Authentication

In mobile biometric authentication, fingerprint or facial recognition data is stored on the mobile device and used for authentication. The biometric payment methods discussed in this article involve biometric data stored in a data center of the solution provider and used for verification.

Privacy concerns

Because they involve capturing and storing sensitive information, biometric payment systems can raise privacy concerns related to:

• Data breaches: If a biometric database is breached, the information could be accessed without authorization, which could lead to identity theft or unauthorized system access.
• Data sensitivity: Biometric data is unique and irreplaceable, unlike a password that can be reset. Once compromised, there's no recourse for the individual, and they're at a higher risk of identity theft.
• Unauthorized secondary use: Biometric data could be used or disclosed without authorization
• Collection without consent and surveillance: Biometric data could be collected without consent and used for surveillance.

We’ll also see stricter biometric laws taking shape across the world, which could lead to the decline of biometric-based payments. Europe, being at the forefront of privacy protection, has drafted an AI Act that includes provisions for banning certain uses of biometric data for privacy protection purposes.