A Thing
The Green SheetGreen Sheet

Thursday, September 21, 2017

Apple's Face ID faces uphill challenge

Apple iOS user reaction to the new Face ID authentication system built into the iPhone X has been mixed. Face ID, unveiled Sept. 12, 2017, requires users to look at the screen to unlock the phone, access secure apps and enable Apple Pay. Despite Apple's claims that "all saved facial information is protected by the secure enclave" and that "processing is done on-device and not in the cloud to protect user privacy," many are skeptical of using facial recognition for identification purposes.

According to a survey conducted by Juniper Research Ltd., of the U.S. iOS users it surveyed, more than 40 percent said they are unlikely to use facial recognition as a payment security technology. By contrast, among contactless payment users overall, a majority considered fingerprint and voice recognition technologies more appealing, with 74 percent and 62 percent, respectively, likely to use these technologies.

Overconfidence in fingerprints

However, mounting evidence suggests that confidence in fingerprint ID security could be premature. Researchers at the New York University Tandon School of Engineering and Michigan State University College of Engineering found that partial similarities between fingerprints could render fingerprint ID systems in today's mobile devices susceptible to fraud.

"The vulnerability lies in the fact that fingerprint-based authentication systems feature small sensors that do not capture a user's full fingerprint," university researchers noted.

"Instead, they scan and store partial fingerprints, and many phones allow users to enroll several different fingers in their authentication system. Identity is confirmed when a user's fingerprint matches any one of the saved partial prints."

Researchers hypothesized that based on similarities among different people's partial prints a "MasterPrint" could be created. Michigan State University Professor of Computer Science and Engineering Arun Ross said, "As fingerprint sensors become smaller in size, it is imperative for the resolution of the sensors to be significantly improved in order for them to capture additional fingerprint features. If resolution is not improved, the distinctiveness of a user's fingerprint will be inevitably compromised."

Security a major concern

The Juniper survey also found that 32 percent of those who do not use contractless mobile payment methods were concerned about transaction security; only 14 percent within the contactless-payment user group expressed such concerns. Along similar lines, 10 percent of mobile banking users voiced doubts about transaction security, while among nonusers, 30 percent had reservations about security.

"Transaction security is a key barrier for mobile financial services adoption," said James Moar, Senior Analyst at Juniper. "Addressing these concerns will bring many consumers to the point where they will consider using such services."

According to Juniper, the number of U.S. contactless payment users grew by just 2 percent year-over-year, with a majority of deployments stemming from smartphone original equipment manufacturers (OEMs) such as Apple Pay, Samsung Pay and Android Pay. Among those surveyed, 73 percent of OEM-Pay users expected to increase usage compared with 39 percent of nonusers expected to start using mobile contactless payments.

For more information about the Consumer Attitudes to Mobile Banking & Contactless Payments: US survey report, visit www.juniperresearch.com. end of article

Editor's Note:

The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

2022 2021 2020 2019 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009 2008 2007
A Thing