User Authentication by a Selfie

Selfie has been one of the favorite buzzwords these days. And what is notable is that it is not limited to a specific age group. Although selfies had existed long before, it was in 2012 that the term made big news. By 2013, the word \”selfie\” had become common place enough to be monitored for inclusion in the online version of the Oxford English Dictionary. In November 2013, the word \”selfie\” was announced as being the \”word of the year\” by the Oxford English Dictionary. What’s new about it you ask!! Amazon has a unique idea to put selfies to best use.

Conventional transaction approaches rely on password entry for user authentication. These passwords can be stolen or hacked leading to huge losses financially as well as information theft.

Biometrics is one of the major solutions to this problem of identity/information threat. The implementation of this is seen around in the form of smart phones employing fingerprint scanners for user authentication.

Amazon recognizes that many devices allow users to store their passwords so that they don\’t need to re-enter them every time they use a service. But as mentioned above it can have various negative consequences. Therefore, Amazon has come up with a fail-safe method to sign in – using our own face, especially for online transactions.

Amazon had filed a patent application titled “Image analysis for user authentication” (US9202105) for a system that would allow users to authenticate purchases by taking a selfie. The application is for a process enabling Amazon shoppers to take a photo or video of themselves when checking out, rather than entering an alphanumeric password.

According to the patent claims that the system would use a two-step authentication process:

  • analyzing at least a first portion of the image information to recognize the user contained in the image
  • analyzing at least a second portion of the image information to verify that the user contained in the image information corresponds to a physical living being within proximity of the computing device

The second step is done to ensure that the system can’t be fooled by someone holding up a photo of another person\’s face.

The first step would involve an initial photo to establish the user\’s identity by mapping the user. This is followed by a second step that would prompt the user to perform certain actions, motions or gestures such as to smile, blink, or tilt his/her head to prove that it is a live person. The recognition technology then links to a server that confirms the person attempting to pay for the goods is the user, and that they are alive, before approving the payment process.

Mastercard has also begun a trial of similar technology for its mobile payment verification services that lets customers pay using selfies instead of passwords for online transactions. Called \’Selfie Pay,\’ it uses facial recognition technology to verify the identity of a smartphone user. A Selfie Pay user has to take a clear photograph of their face. This is then compared against a stored image that MasterCard has on file using facial recognition algorithms.

This greatly eliminates the need for customers to remember any type of password. Customers no longer need to write down their passwords to remember them since they are just simply using something that they will always know and have, their face!

Just carry your Beautiful Face, wherever you go!

By Dechakka Chengappa