back to article Mastercard rolls out pay-by-selfie across Europe

MasterCard’s "selfie pay" will be coming to Europe next year after trials in the US, Canada and the Netherlands. The financial services firm  is rolling out biometric technologies that will allow European consumers to authenticate their identity without a password, but with a selfie, in order to provide customers with a more …

  1. Dan 55 Silver badge
    Flame

    "Banks have typically been good about walking the line between convenience and security.”

    No, they are effing useless. Buy a train ticket then when you get the card back buy another one, because, I don't know, a friend doesn't have change or something (i.e. two transactions within a short time) and your card gets blocked. If a merchant in Outer Mongolia where you've never been or have any intention of going charges your card they wave it through.

    And if your contactless card gets stolen and you get it cancelled, it can still be used by the thief for contactless payments until the expiry date.

    1. Voland's right hand Silver badge

      Re: "Banks have typically been good about walking the line between convenience and security.”

      You use HSBC, don't you?

      They blocked my card every time I booked a holiday because I book flight, hotel, car and parking within 15 minutes separately (to ensure I have all the pieces of the puzzle). After having to pay "demand driven" price increases twice because of the cretinous clueless HSBC fraud detection, I gave them a final warning - unless they get a clue and can recognize a standard travel purchase pattern they will be fired.

      They did not get a clue. And got fired.

      Just switch to a bank which has bought some proper fraud detection software instead of a call center full of clueless people in a hot and humid location (I know guys who develop it in Eastern Europe and who has bought it from them).

      1. scrubber
        Flame

        Re: "You use HSBC, don't you?”

        Do I look like a Mexican drug cartel?

        1. Voland's right hand Silver badge
          Joke

          Re: "You use HSBC, don't you?”

          Do I look like a Mexican drug cartel?

          Like a whole cartel? No. Like an individual drug lord? Maybe... You never know...

  2. allthecoolshortnamesweretaken

    That's it. I'm going back to cash.

    1. Bumpy Cat
      Coat

      Technically Her Majesty is using pay-by-selfie when paying by cash.

      1. Marketing Hack Silver badge

        What about Princes William or Charles?

        "My mom's good for it."

  3. Cab

    Erm...

    “Passwords remain very common because they always work, but of course can be stolen or discovered..." Fortunately my face remains entirely secret at all times.

  4. Richard Jones 1
    Happy

    Challenge time? Or Crafts Moment?

    Nice picture of someone, carefully crafted eye shaped cut outs, match the old eye subject with a new one, now blink please. It cannot possibly go wrong can it?

    1. MOH

      Re: Challenge time? Or Crafts Moment?

      Or just a short video of someone blinking?

  5. wikkity

    revolut do a good job

    Whilst on holiday this year I took a revolut card with me, the security options are good. You can set an options to disable/enable ATM withdrawals, online/card not present purchases or magstripe payments. Plus you can tie it to your phone to allow location based security, it does work as I forgot I had that set up and left my phone in the hotel (work kept ringing me) and couldn't withdraw any cash.

    Of course if someone steals your phone and card it could be circumvented but you need a pin to access the app to enable any disabled options..

  6. Yugguy

    Round of applause

    For the first person to try using a picture of their dick.

    1. Dan 55 Silver badge
      Coat

      Re: Round of applause

      What, you mean they get the round of applause when they try to pay in Subway?

      Just a coat, obviously.

    2. macjules Silver badge
      Coat

      Re: Round of applause

      For the first person to try using a picture of their dick.

      Kim tried that and it rejected Kanye's face.

  7. adam payne Silver badge

    What would happen if you photobombed someone?

  8. Anonymous Coward
    Anonymous Coward

    ALL YOUR FACES...

    ... ARE BELONG TO US!!!

  9. adam payne Silver badge

    What would happen in the case of twins?

    1. lglethal Silver badge
      Joke

      Well that depends on which one happens to be the Evil twin...

      1. Trigonoceps occipitalis

        As some identical twins are mirror images of each other, it would be the one with the mirror.

  10. Pen-y-gors Silver badge

    Security?

    From a security viewpoint, financial fraud will never be completely eradicated,

    ...and we'll make sure it isn't by regularly coming up with stupid new ways for security to be compromised.

  11. Valerion

    Got it

    Step 1 - Steal Simon Cowell's credit card

    Step 2 - Go to party shop, buy hilarious cardboard Cowell mask.

    Step 3 - Profit!

  12. Mahhn

    next up

    Malware (from google play of course) is used to capture your data during purchases on your phone. Data is sent to crook that uses an emulator to relay the captured data as if it was a live transaction. (even full android, iphone emulation) Ka Ching ka ching, ka ching.

    If it's data, it can and will be stolen.

  13. Alister Silver badge
    Mushroom

    This is all going to end in tears

  14. Deltics

    I'll just leave this here

    Identity <> Authorization (or if you prefer: Identity != Authorization)

  15. israel_hands
    FAIL

    My Face Is Not A Password

    My face is just my face. It's the "who I am". Equivalent my username, and while it may be slightly more secure than an alphanumeric username*, if it's compromised once, it's compromised forever. Which is exactly why it should never be used as a password analogue.

    What they're doing is just utterly fucking clueless. They need to at least couple it with a password to provide some level of actual security, instead of binning security completely and saying "Hey, at least now you don't need to remember a password."I wonder how their customers would feel if they did just that, told them not to worry about a password or PIN, just enter your name into any cashpoint then tell it how much you want to out. And if they did the sensible thing, and coupled it with a password/PIN/other authentication factor, then what would be the point of using a photo in the first place? It's gimmicky shit that is actively making the world a worse place. A pox on the fuckwit who devised it.

    *And I'm not at all convinced it is because of the whole single-factor lose-it-once/lose-it-forever thing.

  16. Anonymous Coward
    Anonymous Coward

    Identical twins?

    Evidently the imbecile's at Mastercard didn't think this through at all did they?

    Although it will be the preferred app terrorists will use to collect their ransom demand from the captive card holder (of course getting themselves on the selfie too). Means they can complete the transaction without having to put their gun down for even a moment.

  17. ultrastarx1

    the obvious problem here is the required blink, it should be a wink, would make working retail a much more flirty environment..

    Me thinks shurely shome solution could be considered involving nipple tassles??

    Visa could take clockwise

    Amex could involve a trampoline

  18. Jin

    Criminals would be delighted

    “User passwords are typically the easiest point of attack", so it is recommended to use your face with the user password as a fallback means against false rejection so that you/criminal can log in either by your face (videoed face) or your password. Is this a wise idea?

    This video explains how biomerics makes a backdoor to password-protected information.

    https://youtu.be/5e2oHZccMe4

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019