MasterCard Wants to Verify by Selfies and Fingerprints! The Ripple Effects of Biometric Data?

We often take daily conveniences for granted, and the credit card is no exception. These pieces of plastic allow us to set up reoccurring payments and buy items on any spur-of-the-moment whim. But with all this convenience comes risk. Cybercriminals constantly seek access to our money, and financial institutions combat them with ever-evolving safety features. In the latest news, MasterCard plans on using security measures based on bodily data, such as photo-recognition and fingerprint identification.

These plans have actually been in the works for quite some time. MasterCard showcased their newest technology at this year’s Mobile World Congress event. Only recently however, the Wall Street Journal has reported a release is weeks away—which means plenty of consumers may, for the first time, be introduced to using their body as a PIN.

Known as biometric security, the use of physical features may seem like a highly secure option. After all, each person’s body is unique. Anyone can type a combination of characters on a keyboard or number-pad, right? But in reality, things just aren’t that simple. Aside from the benefits, we should all be aware of the safety concerns that come with biometric features.

Many cautionary tales already exist to alert consumers, ones which may seem out of a science fiction movie. Take the story of how the German Defense Minister’s fingerprints were copied: a malicious individual found a high-resolution image of her online and simply zoomed in on her hands. In another case, researchers used an inkjet printer and conductive ink to print imitations of fingerprints accurate enough to unlock phones. Cybersecurity experts even scanned social media accounts, such as Facebook, for images of volunteers’ faces to make virtual reality replicas.

Among these stories, there’s a commonality. The point is: most people have photos and other media publicly accessible online, and advanced methods can replicate that bodily data.

Let’s be clear: this isn’t a reason to write off biometric security. Many benefits still exist to the technology, and shocking stories are mainly from researchers or cybercriminals focused in on one specific, unlucky victim. Very few rogues will make the effort to duplicate a random person’s fingerprint or face. What such vulnerabilities do highlight, however, is the necessity of pairing biometric security with additional lines of defense. Think about it, do you want your safety to be solely dependent on data easily seen by googling or browsing your Facebook page?

One great way to enhance body-detection features is multi-factor authentication. It simply means requiring multiple inputs, for layered security. Essentially, in addition to scanning your thumbprint, you might also need to type a password or PIN. After a camera detects your face, you might also have to say a password. These examples illustrate a compelling point. Few villains will be able to, or even try to, obtain all of this data. A small burden to your convenience can translate into major barriers for thieves.

Ultimately, MasterCard’s upcoming features are just the tip of the iceberg. Companies will be adopting more and more biometric security abilities in the near future. As people use their bodies as passwords, taking the right precautions can make all the difference. At the end of the day, biometric security can either make us more secure or more vulnerable. The power to decide lies in users’ own hands.

So, take three measures to protect yourself with biometric security:

  • Multifactor authentication is always safer! Whenever you can, change the security settings of a device or application to require more than one input. Keep in mind that this is a two-way street. If your password gets leaked somehow, requiring a fingerprint can make it difficult for crooks to crack into your account. The more barriers in the way, the better.
  • Reduce your digital footprint. The less personal data you have online, the safer you are. Do you really need to disclose information on your health on an exercise forum? Should everyone be able to browse your vacation photos? Enable privacy settings, and be careful what you share.
  • Get a secure, comprehensive solution. Not all technology is of the same quality. If you’re interested in biometric logins, use a service that you can trust. True Key is highly secure, and lets you to enable multi-factor and biometric authentication for any account.

And of course, stay on top of the latest consumer and mobile security threats by following me and @McAfee_Home on Twitter, and Like us on Facebook.

gary