One of the biggest challenges faced by electronic commerce (e-commerce) merchants as they seek to increase online sales, is that consumers cannot remember their passwords, according to MasterCard’s president for enterprise security solutions, Ajay Bhalla.
In a recent interview with GT News, Bhalla, who has been with MasterCard since 1992 and whose innovations include the MasterCard Titanium card, noted that the current technology for digital authentication for online purchases, SecureCode, is more than a decade old and password-driven. Research across various markets suggests that just under 84% of consumers can’t recall their password at some point and more than 50% waste at least 10 minutes each time they forget one.
Many people use the same password on multiple sites, so a breach on one site can affect other ones. Perhaps even worse, consumers often use simple passwords that are easy to remember, such as the name of their football team. “People are doing it because they keep forgetting,” says Bhalla.
Apart from the inconvenience, the complexity and number of passwords causes lost opportunities for online shopping when people can’t remember their password. Merchants then sell less, because their customers cannot complete their transactions. E-commerce can increase faster “if we make it more convenient,” he suggests.
Solving the dilemma
To address the problems faced by consumers and boost merchant sales, MasterCard is working on the next version of 3D-Secure, or SecureCode, which will introduce a new method of authentication on mobile phones. It is also working on a mobile app that generates a number for consumers to use. “The coolest part,” Bhalla says, is that MasterCard is testing biometrics including facial recognition, fingerprints, voice and even electrocardiogram (ECG) heart rates.
In the Netherlands, MasterCard is trialing Selfie-Pay, which uses facial recognition. While people might assume that facial recognition is complicated, they take selfies very often and can relate to that concept. The technology is successful, and plans are afoot for a commercial launch by the middle of 2016.
The way it works, says Bhalla, is that consumers call their bank, confirm that they want to use Selfie Pay, download an app, and register their biometric with the bank. When they make a purchase on their mobile phone or a browser, an alert prompts the consumer to open the app and verify themselves using facial recognition.
MasterCard is also using the new technology to design Selfie-Pay as a further option for online payments, enabling banks to provide authentication across all products while consumers who register the app can also use it to purchase other products.
To speed up implementation, MasterCard is working with many stakeholders. “The key players are the banks, merchants and consumers,” says Bhalla. MasterCard is also working with iOS and Android device manufacturers, as well as payment gateways.
One of the most important factors is moving the solution away from a bank in a particular country with a particular merchant, so that Selfie Pay can be used globally across different platforms. What MasterCard wants to do, then, is to write standards, use them globally, and bring the technology to the next stage. “Technology has reached a stage where you can marry infrastructure and technology benefits and standards to bring merchant and consumer convenience,” says Bhalla.
Among the next trends he sees is for wearables for exercise that measure heart rates to authenticate the person, simplifying payments even more than Selfie-Pay or fingerprints.
Ultimately, the technologies that will thrive are the ones that consumers love. “This has all the makings of consumers loving it, merchants loving it, regulators liking it – all the makings of the next page in authentication.”
Tim de Knegt, treasurer for the Port of Rotterdam, discusses how he is looking to bring more value to the Port's clients using blockchain.
Regulation technology is fast gaining currency by transforming how financial institutions can tackle compliance in a swift, comprehensive and less expensive manner.
Many banks around the world, large and small, continue to experience major security failures. Biometric systems such as pay-by-selfie, iris scanners and vein pattern authentication can help.
The implementation date of Europe's revised Markets in Financial Instruments Directive, aka MiFID II, is fast approaching. Yet evidence suggests that awareness about the impact of Brexit on MiFID II is, at best, only patchy and there are some alarming misconceptions.