Apple will launch Face ID with their Apple X (pronounced Ten) to be released in November. Along with its many new features, it will introduce a new biometric-based technology for customers to authenticate themselves when using Apple Pay, the mobile payment and digital wallet service that lets users make payments using an eligible Apple device. With the introduction of Face ID comes the removal the home button that’s been traditionally used for Apple’s
Touch ID, the forensic fingerprinting technology to unlock the phone and process Apple Pay transactions. Apple reports the new Face ID technology creates more unpredictability than the legacy Touch ID technology, utilizing
millions of data points to recognize facial expressions and changes to hair color, grow facial hear, glasses, and outerwear using machine learning. Prior studies reported the chance a random person could use a fingerprint to unlock an iPhone is about 1 in 50, 000 whereas studies have shown the probability to unlock Face ID is closer one and a million.
Is Smart Tech Good Enough?
Additional compensating controls have been implemented to detect spoofing and misuse, using an alert detection to ensure the owner’s eyes are open. To counter, equally elegant spoofing technologies will be developed and implemented, especially with the social media and facial images over the open internet could present an obstacle to prevent against attacks, such as an attacker who can use the same machine learning recognition can identify photos of your face, family or friends who have posted pictures on Facebook or Twitter. As with any new technology
introduced into the market, its largest obstacle to success is to achieve consumer credibility. Juniper Research has released the results of a new survey that finds that over 40 percent of iOS users in the U.S. are unlikely to use Face ID as payment security technology, and would rather use voice recognition or fingerprint scanning for mobile payments authentication measures. Given Face ID’s unproven credibility in the market, its adopters will tread cautiously as stolen stored credentials, whether they are stored on the device or hosted in the cloud, has a tendency for customers to be skeptical with its use. While Apple systems have never been breached, Apple customers can be at risk of having their devices attacked if they use the same passwords across multiple sites including their iCloud password.
The Market Will Tell
Apple has an enormous obstacle to tackle – increasing the security of payments without scaring away customers through the unnerving process of pointing a device at their face, which could prove to be awkward in public places. Through all its initial reservations, if Face ID is proven to reduce the payment processing friction without introducing other impacts, and lives up to its value proposition to its customers that its faster and simpler, it will gain adoption in the market over prior consumer authentication measures.
Would you use Face ID for payments?
Would you be willing to use the new facial recognition technology for payment acceptance or would you be resistance to new and unproven technologies? Would you have privacy concerns with facial recognition due to a lack of trust with solution providers? Do you think it may take too long to authenticate a transaction or would the experience be awkward?
Let us know your thoughts in the comments!
Brant, interesting comments. I wonder how revolutionary Face ID will become for a few reasons. One, Apple's removal of the Home button was likely driven by a need to add new features to the phone and increase screen size. That necessitated a new way to authenticate a user allowing them access to the phone. Face ID certainly solved that problem. Two, Apple Pay didn't need a more secure way for users to authenticate since its use within the industry is low and will be until merchant terminals are upgraded. Fraud is not a huge issue with Apple Pay today.
You correctly point out that fraudsters are very clever folks. My concern with Face ID and the proliferation of photos on social media is that the fraudsters will find a way to beat it. Fraudsters have had a harder time doing this with a fingerprint since you don't see them 'plastered' all over social media.
Usage will ultimately determine this debate.