Mastercard just announced the launch of the “Biometric Checkout” program, which uses biometrics, face recognition or fingerprint, as the core means of identification for payment. Mastercard goals include a demonstration of the process thanks to partnerships with technology providers. The payment scheme also anticipates the need to establish standards for new ways to pay at stores of all sizes, from major retailers to mom-and-pop shops. The program outlines a set of standards that banks, merchants and technology providers adhere to, helping to ensure the security and privacy of personal data when people pay biometrically.

Under this program, consumers enroll into the biometric checkout service, in store or at home, through a merchant or identity provider app. Once they are enrolled, consumers can simply walk to the shop exit, check the bill and smile into a camera or wave their hand over a reader to pay.

Mastercard has a series of pilots planned, with a set of partners: NEC, Payface, Aurus, PaybyFace, PopID and Fujitsu. The first to take place, in Sao Paulo, Brazil, involves a local startup, Payface, and St Marche supermarkets. Future pilots are being planned for roll-out, first, in the Middle East and Asia.

As part of the continuous search for balance between ease of use and accrued security, Mastercard says they are helping to ensure all stakeholders maintain the highest levels of security and privacy to protect consumers. The “Biometric Checkout Program” is governed by Mastercard’s principles for data responsibility, reinforcing that consumers have the right to control how their personal data is shared and benefit from its use.

This statement has not stopped criticism! According to Fintech Magazine, “the new initiative has reignited debate regarding privacy concerns for customers and some voices of dissent have expressed their doubts about expanding the biometric verification space when users are not comfortable with their physical data being stored and used.” The Guardian adds that “a spokesperson for Mastercard said a UK rollout was part of its “near-term plan”, and that the company was having “encouraging conversations with potential partners.” The Guardian also quotes Suzie Miles, a partner at law firm Ashfords, who said: “Mastercard themselves have recognized the data and security concerns that come with the use of biometrics. A password can be changed, your smile and wave can not. If biometric data is hacked, then the risk of fraudulent activity could be considerably higher than current payment methods.”

The world of payments has always been creative in implementing new technologies: the fusion between payment and biometrics is well on its way. There has been fingerprint scanners in payment cards already for a few years. Integration between face recognition and payment is already visible in many projects, just think of Amazon Go and Amazon Just Walk Out, where consumers shop by themselves and are charged automatically for their purchases thanks to a combination of face recognition and NFC. Also, large scale projects are going on in China, where, for instance, some 1,000 convenience stores installed a facial payment method, thanks to Alipay and WeChat Pay technologies, and more than 100 million Chinese have registered to use the technology since 2019. Also, one may consider that the use of facial recognition in mass transit in Moscow is a step towards the integration of biometrics in payment. Now Mastercard throw their weight behind biometrics-activated payments and, given their position, they are bringing the technology into open payment systems, with the usual “four-corners” model, where the issuer, the acquirer and the processor are different entities.