Selfie in Online Payments - By Mastercard

MasterCard is embarking on two pilots, one in the US and one in the Netherlands, which use facial recognition technology for payment verification.

The card giant is working with International Card Services (ICS) on a trial that will see 750 ABN Amro credit card users ditch passwords, PINs and confirmation codes and instead pay online through fingerprint and facial recognition.

Participants in the three month trial will download the MasterCard app from the Apple Store or Google Play and register on the ICS site to get a code emailed to them for activating online payments. Then, during checkout in a web store, the consumer will receive a pop-up on their mobile phone, through which they can authorise the payment via finger scan or selfie recognition.

Arjan Bol, country manager MasterCard Netherlands, says: "Biometrical technology has been developed to improve both speed and safety of online payments. This test will prove exactly that. And what is easier - and more fun - than paying through a selfie or fingerprint?"

Meanwhile, in what is claimed to be a US first, more than 200 of the credit union's employees will test the "selfie pay" system that will verifying their identities via facial photographs or fingerprint scans conducted on smartphones.

The closed environment pilot will see participants make virtual donations to the Children’s Miracle Network (CMN) Hospitals as First Tech bids to gauge whether biometrics could deliver greater security and convenience to customers.

Greg Mitchell, CEO, First Tech, says: "Our members are some of the most technologically focused consumers on the planet, and being an innovator in the payments security space is evidence of our strong desire to meet our members’ unique needs."

With the likes of Apple Pay raising awareness, MasterCard says that its research shows that three quarters of people have now heard of biometric payments. While fingerprint scanning is the most common form of biometric authentication, facial recognition is gaining some traction, with Wells Fargo trialling it for mobile corporate access and firms in Taiwan and China exploring its use at ATMs.

5 Types of Services of Mobile Wallet

The main types of mobile wallet services are:

1. Payments and cards: Card emulation for contactless cards (credit, debit, prepaid), e-payments-based services (remote payments) or peer-to-peer payments with or without a stored value account
2. Coupons and loyalty: Coupons, gift cards, loyalty programs or any other commerce-based service for discounts or rewards
3. Tickets and transport: Any form of tickets, boarding passes or check-ins for means of transport or for venues or events like cinemas, concerts and so forth
4. Access and keys: Any type of access or usage allowance, like keys for cars, buildings, private homes, hotel rooms and so on
5. Identity: Any type of personal identification, like passports, driving licenses, employee IDs and so forth

Putting these services into the mobile wallet can provide quite a lot of opportunities for service providers and users.

4 possible areas of content in a mobile wallet

Proximity mobile wallets VS Remote mobile wallets

Proximity mobile wallets

A proximity wallet (also called mobile wallet or NFC wallet) is used for authorization and transactions involving entities that are physically close to each other.

The core usage scenario is a proximity interaction between the mobile wallet and the control or acceptance entity. This concept is based on card emulation and provides a container where the card data is represented. Proximity wallets follow the underlying idea of digitizing the physical wallet, which I described in the series introduction, “What is a mobile wallet, and how does it work?”

Like a card, the digitized valuables contained in the proximity mobile wallet can be exposed to acceptance terminals or authorities for the control or exchange of secure information. For example, a mobile ticket is shown to the conductor or at the check-in gate, or a virtual credit card is held against a payment acceptance terminal.

You can distinguish between light proximity wallets that allow the storage of visual valuables (QR codes, textual codes, images of documents such as identity cards and so on) and full NFC proximity wallets that enable card emulation using secure elements and NFC interfaces.

Remote mobile wallets

In contrast to proximity wallets, with a remote wallet (also called mobile wallet, digital wallet, cloud wallet or e-wallet) the parties and entities involved in the authorization and transaction process (like payer and payee) are not physically close to each other. Hence the usage scenario is a remote authorization and transaction among the involved parties.

Remote mobile wallets are conceptually and historically closely linked to e-payments. They allow secure storage of payment data (“card-on-file”) and user identification information. A remote wallet is primarily used for payment transactions within e-commerce and m-commerce. It usually does not have a broad variety of services like a proximity wallet. It is rather more an aggregator to bundle various payment methods like credit cards, bank data for credit and direct debit transfers and so forth.
Usually, the sensitive data is stored remotely on cloud servers (thus the term cloud wallet).

Furthermore, remote wallets can be connected with loyalty programs or further value-added services. Many remote wallets are also equipped with a central stored-value account (SVA) that allows users to make or receive payments using the enabled payment methods.

Many remote wallets are designed and used as a distinct payment method that can be embedded in merchant websites or apps. This means that the payment data details of the underlying payment method and sensitive customer information can be hidden from payees like retailers and financial intermediaries. The best-known example for such a remote wallet is PayPal.

Remote mobile wallets have been established in the e-commerce market for years and are becoming increasingly important in the field of mobile commerce. Remote wallet concepts have also been applied for mobile payment solutions that are decoupled from bank accounts. Often referred to as “mobile money,” such approaches have been successfully established in developing countries to provide financial services like cashless payments and cash deposits to the unbanked. M-Pesa by Safaricom is probably the most well-known example of that type of remote wallet.

Mobile wallet versus wallet service

There is a distinction between the mobile wallet and a wallet service. The wallet service provides the business context for a specific valuable stored in the mobile wallet. The mobile wallet itself is only the container to store digitized valuables, but it does not add any meaning to them.

Only in the business context of a service does the digitized valuable become meaningful; otherwise it is useless. In payments, for example, the credit card number is a digitized valuable that can be stored in a mobile wallet. The business context for this credit card number is the payment service that is provided by a bank (and/or the card scheme). The bank links the card number to the user’s account and authorizes the payments transaction. Hence, the bank is the payment service provider.

What is a mobile wallet?

What is a mobile wallet?

Terms like wallet and mobile wallet are still missing consistent definitions, especially across industries. The fundamental definitions of mobile wallets, however, have provided a foundation for defining the concept.

A mobile wallet is the digital equivalent to the physical wallet we already have in our pockets today. It is a container (or vault) to store digitized valuables for authorization. These valuables grant permission for usage or access to goods, services or places. They can be:

• A personal identification like an ID or social security card, driving license, health card, payments card, loyalty card, website access or login data, and so forth
• Non-personal means of authentication like tickets for public transport or events, car and hotel keys, gift cards and coupons..

How do mobile wallets work?

The digitized valuables stored in a mobile wallet can be represented in many different forms. They might taken the form of a number, like on a credit card or a password, a digital certificate, a QR code, an image of the owner or something else. These representations are linked to the owner’s sensitive personal information, which means that mobile wallets provide valuable access but also require protection.

Because of the storage of sensitive personal information, strong security is a major issue for mobile wallets. Therefore security features are important for a mobile wallet vault. Requirements for security may vary depending on the wallet’s content, since, for example, a loyalty card is certainly not as valuable as a personal ID or a car key.