The Future of Payments on Your Fingertips
Posted by Akhil Mootolikandy, Senior Consultant, Oracle Practice, Infosys
The cards and payments industry is buzzing with new innovation of contactless payments. Applications such as Apple Pay and Android Pay are already gaining popularity in the market. In contactless payments, devices communicate directly with point-of-sale (POS) terminals using near field communication (NFC). While the technology of NFC has been around for a decade, contactless payment is fuelling its aggressive adoption in the payments industry. Despite this, payment authentication still remains a cumbersome process owing to the need to generate one-time passwords or provide additional verification details. Let us take a look at how contactless payments can leverage innovation to make authentication easier for customers.
Fingerprint scanning for safe payments
Let us consider the example of Apple Pay to understand how two-factor authentication works for contactless payments.
Typically, a user can store his preferred payment mode in his device by manually typing in his credit/debit card details or by taking a photograph of the card. The iTunes application stores these details using a secure element encrypted hardware chip. Once the card details are safely embedded in the device, the user can issue payments by allowing the device to communicate wirelessly with the POS terminal using NFC antennae with a dedicated chip that stores encrypted payment information.
The second level of authentication is where innovation begins. Biometric sensors that are embedded in an iPhone's touch identity (ID) sensor can be used to authenticate any transaction. The user simply has to scan his fingerprint using the phone's touch ID sensor. For devices that do not support fingerprint scanning, Apple Watch can be used wherein the user is prompted to double-click on a button on the smart watch.
The use of such biometric sensors in both Apple and Android Pay applications can safeguard confidential customer information as only one-time tokens are sent to the merchant instead of the actual card details. Thus, even if the token is intercepted it cannot be traced to the card or used for additional transactions, thereby making contactless payments more seamless and secure.
Take a selfie. Authenticate your transaction
Recently, MasterCard launched a pilot program to authenticate payments using selfies through the MasterCard mobile application. After making a mobile payment, the user can choose to authenticate the transaction using either biometric sensors or facial recognition scanning.
For facial scanning, the user simply has to stare at the phone and blink once to authenticate payment. The facial recognition technology maps the user's face, converts it into binary code and transmits this code over the Internet to MasterCard.
There's more. MasterCard has partnered with a Canadian firm to develop technologies that can approve transactions by recognizing an individual's unique heartbeat.
Comparing these innovative ideas with the current method of payment authentication brings to mind what Tim Cook, Chief Executive Officer (CEO) of Apple said about magnetic strips being "outdated and vulnerable with exposed numbers and insecure security codes". Technology and innovation together hold the key to making the future of payments more secure than the present.
To know more, meet us at Booth #1101 at Oracle OpenWorld 2015. Infosys is a Diamond sponsor at the event.