If you hate typing long passwords into super small screens, I have good news: smart people are trying to fix the problem. Yes, the whole rigmarole of creating a word that has at least one capital letter, one number and one special character could soon be history.
For the mobile payment industry, this is exciting news because people won’t use mobile wallets if they have to enter a complicated password before every single purchase. At the same time, without strong enough security in front of mobile payments, fraud and hacking will ruin the party.
Instead of using passwords, it’s likely that we will soon use bio-signatures to approve purchases. Apple went for the good old fingerprint with Apple Pay and Touch ID, but is that the only option? No. Breathalyzers, selfies and, yes, body sweat are actually options, too. But are these possibilities really as slick as they sound?
Well, body sweat technically is, but to pass judgment, we have to talk through the implications of each technology. Thanks to Google Glass and Amazon Fire Phone some overhyped technologies, we know that even the loftiest of value propositions backed by billions of dollars can still face plant on reality. The contenders in the password showdown are no exceptions.
Why type a password when you can take a selfie of your smiling face instead? With Alipay’s new facial-recognition technology, you will be able to pay for a latte and (presumably) tell Facebook all in one tap. As I’m sure you already know, everyone on social media is dying to know what you drank for breakfast.
And while I’m sure marketers would love to mark every one of your transactions with a beaming selfie, is that what consumers want? Does a trip to the grocery store with your kids put you in a selfie mood? Do you really want to Kardashianize your latest CVS or Walgreens purchase?
I think the last thing America’s image needs is Facebook and Twitter feeds chock-full of checkout selfies. Eventually, hackers will figure out how to take your picture and 3D print your face to spoof the technology. Personally, I don’t want to replace ‘password reset’ with plastic surgery.
In 2013, Swiss scientists found that every individual has a unique “breathprint.” Surely blowing air is easier than typing passwords. So soon enough, someone will create a breathalyzer that can distinguish one person from another.
Passwords aren’t forever, but your body parts hopefully are.
Combing BAC breathalyzers with password detectors isn’t far-fetched. One company is already trying to read hydration levels and breathe quality from a breathalyzer that attaches to smartphones. The password could become one of many breath-based bio-signatures captured from a single device. Unlike your face and body parts, breath is quite hard to steal. Perhaps people will brush their teeth with a bit more dedication if they have to blow breathe at a cashier several times per day.
Want to feel like you’re a character in Golden Eye, Mission: Impossible or Minority Report? Well, get ready to hold a smartphone camera to your eyes. ZTE’s Grand S3 smartphone is ready for you, and others will surely follow.
While feeling like a secret agent is nice, let’s remember that you’re going to look more like a James Bond villain than 007 after an identity theft. If hackers can spoof your eye scan, with or without the gruesome robbery, there is no good fix.
Sweat It Out
According to a recent article from Outside Magazine, your sweat is chockfull of biometric data that tech companies want. From hydration levels and electrolyte balance to lactate threshold and glucose, sweat has a lot to say. It seems inevitable that someone will come up with a “sweatprint” soon enough, so why not let your IoT sweat whiffer tell Jamba Juice they can sell you that smoothie?
Sweatprints would be good PR for sweat, which has been notoriously underappreciated. Even if sweating is a bit less sexy than a retina scan, like with breath, it is bit tricky to steal a permanent copy.
Sweating for swag would be easy in hot, humid environments, but if, like me, you spent the winter in New England, you know this is impractical during winter. Bostonians will be none too happy if they have to do push-ups and jumping jacks just to buy a beer. CrossFitters, on the other hand…
NFC Chips Under Your Skin
In November 2014, Dutch entrepreneur Martijn Wismeijer became the first man to embed NFC chips in his hands. One hand holds his contact information, and the other contains the private key to his bitcoin wallet. Now, he can exchange bitcoins with an Obi Wan Kenobi-like wave of the hand. Maybe this is the payment security you were looking for?
While paying like a Jedi and never forgetting your wallet are nice perks, convincing people to suffer through the painful, unnecessary injection is going to be a tough sell. For rightfully wary consumers, it seem like a step in the direction of GPS implants and Big Brother-type applications. It’s not as if anyone is currently tracking the location their smartphones.
Giving a fingerprint used to signify that you made a poor life decision. How about we rebrand fingerprints as a good way to approve payments? If Apple Pay believes in it, shouldn’t we?
In a smartphone world, the convenience is hard to beat. People supposedly use their smartphone an average 221 times per day – adding a few transactions to the stack is only natural.
Yes, you might have to ask your tech-savvy Millennial child to set up fingerprint profiles because you can’t figure it out. Yes, criminals might scrape your fingerprints from elevator buttons, ATM machines and touchscreen kiosks. And yes, like your eyes, your fingerprints are difficult to change. I don’t think we’ve put our finger on the ultimate password solution just yet.
Think Long Term
Passwords aren’t forever, but your body parts hopefully are. This means that the great risk of bio- security is that once hackers obtain your fingerprint or learn to spoof your selfie, your bio-signatures can’t secure anything, and there is no simple way to fix that. Though many of us have nearly 50 different written passwords to keep track of (thankfully there’s an app for that), they remain the most adaptable way to protect accounts, payments and our digital world.
Of the above options, breathalyzer security is particularly interesting because it’s extremely hard to steal and replicate breath without the “owner” knowing. With breathprint breathalyzers attached or built into smartphones, we could all pay with a puff, and never type a password again.
I like the idea of one-puff payments, but any of these could win the showdown. I’m glad the smart people will figure it out.