Want to make a purchase online? Say cheese!
Here’s how it works:
When you shop online using a MasterCard-issued credit card, the merchant will ping you with a text and ask you to verify your identity through MasterCard Identity Check (you’ll have to download the app on your phone first). From there, you can either pose for a photo or use your fingerprint to verify your identity. If you go for the photo option, the app will prompt you to blink once or twice. And that blink is everything. It’s how the app prevents hackers from being able to break into a user’s account simply by using a photo.
The technology, which MasterCard has been testing in the Netherlands for several months, is due to roll out in the U.S. later this year. MasterCard executive Bob Reany, who heads up the company’s authentication efforts, said with any luck no one will be using standard issue passwords and PINs a few years from now.
“People hate passwords because passwords are dangerous and they’re frequently compromised,” Reany told Yahoo Finance. “I’m a busy person. I can’t remember 40 passwords.”
Most cyber security experts have long decried use of old-school passwords, which are easily hackable (“12345” and “password” have been the most commonly used passwords in the U.S. for several years running). Identity theft is still the fastest growing crime in this country. Of the 16.4 million Americans who were the victim of ID theft in 2014, more than half experienced credit card fraud. You rarely need to verify your identity when you use a credit card online, which makes it a breeze to shop but also makes it easier for fraudsters to steal your credit card or bank info and make purchases. Adding an additional verification step, while it might seem like a nuisance, is a way to thwart that, Reany says.
Credit card issuers — and just about every other business in the world — have been trying to come up with a viable solution for years. Some require fingerprint authentication to complete a purchase. Others use two-step verification, which prompts users to punch in a unique code sent to their phone by text message. Wells Fargo, HSBC, and Barclays are among several institutions experimenting with voice recognition tools. MasterCard has also been testing heartbeat verification using the Nymi band, which is able to track the user’s unique heartbeat rhythms.
MasterCard Identity Check will roll out in mid-2016 in the U.S. for both Android and iPhone users.