Slashdot Mirror

← Back to Stories (view on slashdot.org)

MasterCard To Approve Online Payments Using Your Selfies

Posted by samzenpus on from the price-of-a-smile dept.

An anonymous reader writes: MasterCard is experimenting with a new program: approving online purchases with a facial scan. Once you’re done shopping online, instead of a password, the service will require you to snap a photo of your face, so you won’t have to worry about remembering a password. The Stack reports: "MasterCard will be joining forces with tech leaders Apple, BlackBerry, Google, Samsung and Microsoft as well as two major banks to help make the feature a reality. Currently the international group uses a SecureCode solution which requires a password from its customers at checkout. The system was used across 3 billion transactions last year, the company said. It is now exploring biometric alternatives to protect against unauthorized payment card transactions. Customers trialling the new technologies are required to download the MasterCard app onto their smart device. At checkout two authorization steps will be taken; fingerprint recognition and facial identification using the device's camera. The system will check for blinking to avoid criminals simply holding a photograph up to the lens."

3 of 77 comments (clear)

  1. Re:Incredibly flawed by jblues · · Score: 2, Interesting

    The system will check for blinking to avoid criminals simply holding a photograph up to the lens.

    So a video will work just fine then? This is a STUPID idea.

    Sounds pretty solid to me. What could go wrong? Industry giants like Google are involved. Except maybe. . .

    • Just recently, Google released an image detection / sorting feature that tagged people as the incorrect species. Jacky Alciné tweeted "Google, y'all fucked up. My friend's not a gorilla'.
    • In 2010, Nikon were accused of releasing a racist camera, as the blink detection feature, upon photographing Asians, would ask: "Did someone just blnk!?"
    • And don't foget to enable all the required features..
    --
    If it acquires resources on instantiation like a duck, then its a shared_ptr<Duck>
  2. Re:blinking? by Joce640k · · Score: 4, Interesting

    Cut two slots in the photo where the eyes are. Insert small pink Post-Its from behind. Flick them with your fingers. Blinking!!

    --
    No sig today...
  3. Re:Idiocy. Anyone have facebook photos? by Anonymous Coward · · Score: 2, Interesting

    Assuming that logging in to the app is done securely the first time it is installed, the app can then generate a strong private/public key pair and use that for identifying itself.

    Abusing the feature would then require at least:

    1) A valid private key, either by the initial setup or somehow stealing it from a device it was generated on, and
    2) Photos/video of the user

    The second is easy to come by nowadays, the first one is considerably harder.