A New Era of Payments: What Retailers Need To Know About Biometrics
By Sebastien Taveau, chief evangelist, Synaptics
From ancient bartering, to the first coin, to the first paper currency, to the first mobile payment, it’s easy to provide a linear view of how the payment process has evolved.
While commerce has always been an exchange between a customer and a merchant, the payment aspect has historically been the sore point of any transaction. There is a cost, a risk and sometimes frustration during the checkout process at the point of sale or online, and by that point, each side wants the transaction completed as fast as possible.
However, the underlying mechanisms are actually very complex. Over time, multiple players have tried to insert themselves into the payment process with promises of a faster and more simplified customer check-out.
A Brief History of Payments
Beginning in the 1980s, the credit card quickly became a primary transaction vehicle, and merchants were happy to drive more “loyalty” into their stores. With the birth of the Internet, the digitalization of cash and payment instruments accelerated, introducing new challenges around risk and fraud management. Classic payment networks such as Visa and MasterCard started to introduce solutions to support their existing infrastructure, but were ultimately unequipped to answer the expectations from users and merchants as the speed of innovation and consumer adoption of new technologies greatly accelerated.
As a result of the smartphone revolution, new technologies from companies like Square, Loop and PayPal have exposed consumers to new forms of mobile commerce; and now merchants are rushing to support more forms of payment delivery while also staying in line with government regulations around data protection — a challenge for many small businesses.
The New Era of Biometrics
Most financial institutions and banks historically accepted the view that risk management to prevent fraud was well controlled by the classic risk model of what you have (email, mobile number or credit card) and what you know (password, PIN, signature). However, the introduction of the smartphone changed the way transactions happen while simultaneously introducing better risk management options. To capitalize, many high-tech heavyweights began to come together to build out an ecosystem that will support and develop this new era of payments.
The FIDO Alliance was created in 2013 with the purpose of changing how we authenticate ourselves online. The basic concept was to rely on a two-step strong authentication process controlled by the consumer.
The first step is triggered by the use of a fingerprint ID sensor, which authenticates the user/device combination locally on their smartphone. When this first step is verified, the second step consists of the release of a private key stored on the device, but also known by the online party like a merchant, service provider or medical office, etc.
The beauty of the system is that there are no longer millions of credentials which can be hacked, and no need for complicated passwords — a win-win for both the merchant and consumer.
It’s not far-fetched to imagine a similar use of authentication inside the physical retail world by relying on technologies like Bluetooth Low Energy (BLE or Beacon), which is a low-cost way to implement a communication channel with an alternative payment network like PayPal Beacon or Apple iBeacon. Most importantly, the user will be able to pay with their identity. By doing so, the payment instrument is removed from the transaction and the sensitive credential from the user is now decentralized on each consumer device, which in turn reduces the chance of another Target-scale hack. Decoupling a payment instrument is not new but a full disintermediation of the payment instrument itself and replaced with an identity is where commerce is going.
New Payment Experiences for Retailers
The introduction of biometrics in consumer devices and the capacity to share data in real-time means that retailers need to start reevaluating the entire checkout experience if they want to drive meaningful experiences for their consumers. This also means that retailers need to get serious about security in order to protect the privacy of their customers as PINs and signature authentication becomes a thing of the past. With the quality of the data being shared on mobile and social networks, our identities are becoming more exposed and ultimately more valuable in a retail environment.
What seems like an impossible equation to solve is now within the grasp of reality. We are moving beyond the “Internet of Things” into the “Internet of Me,” and any retailer who will understand this evolution will be able to connect their digitally-connected consumers in a more personalized way. The war won’t only be on prices anymore, it will be a war on the experience.