Payment industry can move away from passwords in next 5 years — Visa

With the celebration of the World Password Day on Friday, May 3, it’s timely to acknowledge the computer password is over 50 years old – invented by Fernando Corbato in the 1960s.

Since then, other ways for consumers to authenticate identity have been developed and according to a Euromonitor study, occurred 52 trillion times in 2016.

However, traditional methods of entering a password, mother’s maiden name, high school mascot, or other types of knowledge-based authentication have frustrated even the most patient consumers when the information is forgotten, stolen, or has been typed onto tiny keyboards.

Saying there are more secure ways to verify the identity of a person, digital payments firm said it Visa believes the payment industry can move away from passwords in the next 5 years.

The company said advancements in authentication and anti-fraud technologies are already making static cardholder verification (CVM) methods such as signature and PINs safely optional for merchants and issuers in some environments.

In October 2018, signature became optional for EMV Chip-enabled merchants on the Visa payment network due to the security capabilities of the chip. Financial institutions and merchants can also share 10 times more data with each other than ever before for advanced risk-based decision-making to authenticate buyers from any connected device or app, often without asking the consumer to do anything at all.

Visa said the growing sophistication of artificial intelligence is making fraud detection faster and more accurate, which opens up new possibilities for new products and services because of consumer confidence in secure payments.

As the ecosystem evolves to be more secure, Visa said it envisions a future where consumers can reduce or eliminate the use of legacy verification methods as we continue to implement capabilities that leverage artificial intelligence and biometrics.

“Biometrics is an authentication strategy that fits the modern payment system – a system shifting in transaction volume from in-person to digital transactions. Biometric authentication can deliver a frictionless payment experience for account holders while providing advanced authentication security and identity management for merchants, issuers and acquirers to prevent fraud,” it said.

A survey commissioned by Visa in 2018 showed that consumers are showing more concern about the safety of their personal information, going from 65% in 2017 to 85% last year.

Because of this, they welcome the use of biometrics as faster, easier, and more secure alternatives to passwords. Seventy-three percent of Filipino consumers are interested in using biometrics to verify identity or to make payments, the survey showed.

“With advancements in mobile devices increasing the accuracy and speed of fingerprint and voice biometrics, the time has never been better to integrate biometric technology into banking apps and payment experiences for customers,” it added.

For security-minded individuals, mobile device manufacturers have addressed concerns about stolen biometric information by storing and encrypting biometric templates – algorithmic representations instead of actual biometric attributes – locally on consumer-owned devices instead of the cloud. This ensures an individual is always in possession of their personal biometric data with the option to delete the data at any time.

In addition, authentication accuracy is bolstered by liveness detection used by biometric scanners and software that can identify if a fingerprint is copied or a facial scan is of a mask.

Visa said it’s been roughly 6 years since fingerprint sensors were integrated into consumer smartphones and in this short amount of time, consumers have grown increasingly comfortable with the approach.

“The need for quick and easy authentication will only increase with the growth of digital products and services, and remembering unique passwords for every Internet connected device or app is untenable. Moving your product or service away from using passwords to some form of biometric authentication is not only imperative – it can be effectively done today,” it said.

Comment on this post