U.S. Markets closed

Credit and Debit Cards May Be Adding a New Element: Fingerprints

AnnaMaria Andriotis

Everyone knows the future of payments is digital. Trouble is, Americans just don’t want to give up plastic.

Tech companies, banks and fintech startups have all tried to wean consumers off physical cards. Attempts have included digital wallets and various apps. So far, though, these efforts seem to be solutions in search of a problem, as people still find plastic cards incredibly easy to use.

So, card companies are now considering steps that would try to bolster the security of plastic through the use of fingerprint-enabled cards. Visa Inc. and Mastercard Inc. are in the early stages of adding fingerprint sensors to cards, a move they believe will help lower fraudulent purchases in stores.

Here’s how it works. When consumers activate their cards, they place a finger on a fingerprint sensor on the card. A template of the print is then stored on the card’s chip, which is usually located above the card number. When cardholders use the card to pay at a store’s checkout terminal, technology in the card’s chip checks the print to make sure it matches the print stored on the card.

The move is the latest in a string of security features that card networks have rolled out to lessen fraud. Proponents of the technology say that if swindlers steal or replicate the fingerprint card, the purchases they try to make in store won’t be approved because their fingerprint won’t match the template. They say the cards can also improve consumer convenience, including lessening the chances of consumers’ legitimate in-store card transactions being flagged as fraudulent and getting rejected.

Card analysts say that banks’ appetite for these cards is limited, however, in large part because of the hefty costs they incurred reissuing U.S. consumers’ debit and credit cards with security chips over the past few years. Those costs exceeded $1 billion, according to bank executives, and required consumers to get used to a new method of inserting rather than swiping their cards.

Banks are resistant to replacing cards again when the benefits to consumers aren’t significant, says Kevin Morrison, senior payments analyst at research firm Aite Group.

Still, it is possible that the fingerprints could catch on after a few years when many cards reach their expiration dates and need to be reissued. Mastercard says it is looking for banks to issue fingerprint cards in the U.S. The company ran two pilots in South Africa last year and another one in Bulgaria. Other pilots are under way in Europe and in Kuwait. A Mastercard spokesman declined to disclose how many of these cards were issued. He also declined to say in what country the current European pilot is taking place.

Several U.S. banks have expressed interest in issuing the cards for corporate use and for affluent consumers with high credit limits who travel abroad often, says Bob Reany, Mastercard’s executive vice president of identity solutions.

But the efforts aren’t yet resonating with many consumers. First off, there is the privacy question of whether they want to add their fingerprint to card transactions. Then, there are practical limitations: The safety feature doesn’t help with online shopping, an increasingly popular way to purchase goods and services.

Also, U.S. consumers have little financial need for the cards. When credit cards are fraudulently used, cardholders usually don’t pay a dime. Technically, credit-card users can be on the hook for $50 of fraudulent purchases, but most issuers waive that charge.

Similar protections are in place with debit cards if consumers report unauthorized use quickly. Card executives say these protections create little incentive for consumers to get accustomed to new types of security features.

Visa’s fingerprint pilot in the U.S. ran earlier this year and involved a debit card issued by Mountain America Credit Union. Just 130 people signed up for it.

“Consumers are asking, ‘Why am I doing this?’ ” says Mark Nelsen, Visa’s senior vice president of identity and risk products. “They’re not totally sure what the value proposition is.”

Card executives are also mixed on whether consumers’ fingerprints with these cards will become vulnerable to hacks. Some say such hacking isn’t possible because the fingerprints don’t leave the card during the purchase process and aren’t stored in a centralized database.

Others say that is a rosy outlook. “Anytime you introduce a new security feature…it’s just a matter of time until the bad guys figure out a way to compromise that,” says Aite’s Mr. Morrison.

Ms. Andriotis is a reporter for The Wall Street Journal in New York. She can be reached at annamaria.andriotis@wsj.com.



More From The Wall Street Journal