MasterCard today unveiled a biometric chip-and-pin credit card featuring a built-in fingerprint sensor that takes cues from mobile payment systems such as Apple Pay.
The card can be used to make purchases like any other, except rather than keying in a PIN number, card holders can choose to place their finger over the square sensor to approve the transaction.
Alternatively, users can take a two-tier authentication approach and use both their PIN and fingerprint to approve the purchase. However, users of the card won’t have the convenience or security that comes with registering their print with their smartphone.
With Apple Pay, fingerprint data is encrypted and protected with a key available only to the Secure Enclave on the user’s iPhone. The Secure Enclave is walled off from the rest of the hardware and the OS, meaning iOS and other apps never have access to user fingerprint data, it’s never stored on Apple servers, and never backed up to iCloud or anywhere else.
The biometric credit card has no such protections. Instead, the user must register their print with the bank or financial institution that issued the card, and while the fingerprint is encrypted on the card itself, it’s still unclear what security and privacy measures are in place to deal with the registration process.
Despite those concerns, Mastercard’s chief of safety and security, Ajay Bhalla, said that the fingerprint technology was “not something that can be taken or replicated”, and that the biometric card would help “to deliver additional convenience and security”.
MasterCard plans to roll out the cards in Europe and the Asia Pacific region soon, following successful tests in South Africa through Barclays subsidiary Absa and supermarket Pick n Pay.
Discuss this article in our forums