Mastercard wants to bump up the resolution on your biometrics.
The credit card company filed a patent application for a system for “normalizing biometrics image samples.” This essentially allows users to authenticate or log in using biometrics on different devices without sacrificing the accuracy of the biometric.
“Differences among the capture devices are known to result in differences in the captured samples or images, which may impact the biometrics derived therefrom,” Mastercard noted in its filing. With these differences, “a proper user may be declined verification or other services, while, potentially, another user may be improperly granted the same.”
Here’s how it works: Image samples of a user are captured on two different devices, the first one used being a “reference device” and the other being a “subject device.” Those image samples are then compared to one another, taking into account a number of factors that could cause differences between the two images, such as resolution, contrast and noise.
From this comparison, a “transformation function” is creation, which essentially makes the image samples taken by the subject device consistent with those taken by the reference device. “In this manner, differences and/or biases in the subject devices … are limited or eliminated, based on the normalization, whereby matching of biometrics extracted from the biometric image samples gains accuracy,” the company noted.
The reference device’s images then serve as a baseline for all future biometrics from this user, and the transformation function is then stored in what Mastercard calls a user’s “biometric hub,” and is accessed whenever a user authenticates using biometrics.
This isn’t the first time we’ve seen Mastercard take an interest in upping its security protocols. The company has sought patents for a dual neural network-based system for catching fraud, as well as for a blockchain-based scalping fraud detection system. And given that the company processes trillions in transactions annually for hundreds of millions of customers, it’s understandable why the firm has an interest in keeping things secure.
Typically with mobile payments and log-ins, a credit card company itself isn’t in charge of authenticating biometrics, leaving that job to the actual device a user is working with. For example, iPhones typically do the job of authentication when making a payment with Apple Pay, or when logging you into an account, even if you’re paying with a Mastercard credit card or logging into a Mastercard account.
That means that credit card companies “have to trust that the device that is doing the biometric is doing it correctly,” said Branden Williams, VP of identity access management at Ping Identity. The tech in this patent could be useful for situations where these companies need a higher level of accuracy than a smartphone verification system can offer.
“It’s less about the type one or type two errors, and more about just verifying that the person is who they say they are,” said Williams. “I’m seeing this through the lens of online account opening, verifying a person and verifying their documents so that I can welcome them into a financial relationship.”
While proper verification for distance banking is something that Mastercard or any credit card company could certainly use, the concept itself isn’t entirely new, said Williams. Companies like ID.me offer this as their primary service, and Ping Identity has its own verification product called PingOne Verify. Though Mastercard could put this tech to use, whether or not the company can claim this tech as its own is uncertain.