Inherent Risk
Global financial and IT companies are unveiling many biometrics-based payment tools. Their information security risks have yet to be addressed, though.
MasterCard, for example, is currently testing a biometrics credit card in Europe and Apple, and Samsung Electronics applied fingerprint recognition to Apple Pay and Samsung Pay, respectively. Last month, Alibaba unveiled a face recognition-based platform of Smile to Pay. Microsoft is planning to adopt Windows Hello for Windows 10 so as to replace passwords with iris, face, and fingerprint recognition. In Korea, BC Card is working on similar techniques.
Experts warn that the new payment methods entail greater risks than existing ones. In September last year, a hacker group in Germany released video footage in which its members tricked the Touch ID Sensor for Apple Pay by copying fake fingerprints onto silicone rubber. This clearly shows the vulnerability of the fingerprint-based payments and remittances that is currently used in a number of mobile phones.
Experts also point out that multiple security measures have to be prepared in advance in order to prevent the use of fingerprints by force or stealing. “A viable alternative is to have a fingerprint other than one for payment registered for an automatic police report,” one of them suggested.