Shoppers will soon be able to take a scan of their fingerprint or face to authorise a credit card purchase, instead of entering a PIN, as part of a crackdown on payment fraud.
New standards will allow fingerprints to replace PINs.
In a bid to counter fraud, it has issued new standards that will remove the need to enter a personal identification number (PIN) when making purchases in-person. It is also beefing up its systems for detecting fraudulent transactions made online.
Instead of using a PIN for purchases over $100, as occurs today, customers will be able to use their smart phone to take a scan of their fingerprint, or face, under the new standards issued to banks and technology companies.
This option would only be available to those using a “digital wallet” – where a phone is used to make payments, by tapping it on a contactless card reader. Exactly when the technology is available will also depend on phone manufacturers meeting the standards – some phones already do this.
Only one big bank, ANZ, has so far done a deal with Apple to allow tap payments on the iPhone.
Visa Asia Pacific head of risk, Joe Cunningham, predicted such “biometric” payments would become common within a year.
“Five years ago, the idea that entering a PIN could become a rare experience would have been almost unbelievable,” he said.
“Yet how we pay is changing fundamentally and security needs to move at the same speed. Biometrics are a crucial part of the future. Some devices that use these new standards have just entered the market and we expect it to become commonplace within the next year.”
Purchases below $100 do not require a PIN, as they can be made by tapping a card or phone on a terminal.
New figures from Visa also underlined the potential security risks with PINs, with a survey of 1000 Australians finding only one in three used a unique PIN for each credit and debit card.
Alongside biometric payments, Visa is also upgrading systems used to detect fraudulent online transactions, which account for the vast majority of payments fraud in Australia.
It says the new system will sift through 10 times as much data shared between banks and merchants to spot fraudulent purchases.
“Where payments volume goes, so too does fraud. This means fraud is shifting to e-commerce, a trend we’re sensitive to,” Mr Cunningham said.
The changes may mean more online shoppers are sent messages asking them to confirm their identities, such as by entering a password or their fingerprint.
The shift towards “biometric” payments comes after a surge in online credit card fraud, known as “card not present” fraud. This type of fraud has more than doubled since 2011, hitting $417.6 million last year, which was 78 per cent of total card fraud.
Although Australia still has lower fraud rates than the United Kingdom and the United States, the Reserve Bank’s payments system board last month highlighted the “significant” rise in online fraud and said curbing this should be a high priority for the industry.
As well as biometric payments, financial firms are also eyeing growth in payments made on “wearable” devices. On Wednesday, ANZ Bank said its customers could make purchases using smart watches made by Garminn, a competitor to Fitbit and Apple Watch.