Plastic cards are becoming passé with QR (quick response) codes that are scanned by using smartphones becoming the ‘go-to thing’ for most people who use it to make payments on the UPI (Unified Payments Interface) platform. This digital transformation happened in just about four years. But how about moving on to fingerprints and facial identity for UPI transactions henceforth?
The idea is not far-fetched. The NPCI (National Payments Corporation of India) is reportedly in discussions with start-ups to introduce biometric authentication for UPI payments. While it is still early days, the technology that enables customers to transact using their facial identity and fingerprints is already available.
Currently, UPI transactions require a PIN or password for authentication. While these methods are effective, they are not foolproof. With the rise in cyber threats and digital fraud, there is a growing need for more robust security measures. This is where biometric authentication comes in. This will make payments highly secure reducing the scope for fraud, say top officials with payments service providers.
“This method is already widely used in smartphones for unlocking devices and authorising actions such as payments,” says Atish Shelar, chief operating officer (COO), TechFini, a UPI-based payment infrastructure provider for banks, financial institutions and fintech companies.
Integrating this technology into UPI transactions could significantly reduce the risk of unauthorised access, as biometric data is much harder to replicate than a PIN or password. Here is how biometric authentication will look like for UPI payments in the future.
How will it work?
A customer will have to first link her/his Aadhaar number with the bank account to initiate biometric-based UPI payments. “For this type of payment, users will not need to remember a PIN. Users must ensure that their biometric data, such as fingerprints or facial recognition, is correctly registered and updated in the system,” says Rahul Jain, chief financial officer, NTT Data Payments India, a leading payments solutions provider. “Customers can link their biometrics with their UPI IDs,” Shelar says.
After registration and linking, the biometrics of customers are encrypted and stored securely in a centralised database. While making payments, the customer has to present her/his biometric characteristics, which is then scanned by the PoS (Point of Sale) machine and matched against the stored data for verifying the identity.
What are its benefits?
Biometrics are almost impossible to duplicate, reducing the chances of fraud significantly. Since stored information is encrypted, data breaches will be quite difficult. The high accuracy ensures that only authorised individuals will be able to do the transactions. “It will vastly reduce frauds,” Shelar says.
“Biometric authentication enhances security by making it difficult to copy or steal identities, as biometric traits are unique. It is also convenient, as users don’t need to remember complex passwords, and transactions are faster,” Jain says. “The government is also keen on promoting such payment methods to curb financial frauds and enhance safety and convenience for the user,” he says.
Biometric payment systems can also facilitate financial inclusion. Customers have to provide only their biometric characteristics to make digital payments. The biggest benefit will perhaps be for persons who have only feature phones as they would be able to join the digital payments ecosystem using their Aadhaar credentials.
The PoS machine will capture only the biometrics linked to the UPI account to process the transaction, bringing a vast number of customers under the digital payments ecosystem. The business correspondents (BC) model of banks are already using Aadhaar for authentication.
Is the digital payments landscape ready for biometrics-based authentication?
“Currently, point-of-sale (PoS) machines with biometrics-based payments are available. Most of the (existing) PoS machines can be linked with fingerprint scanners where customers can use Aadhaar-enabled Payment Services (AePS) which allows payments at PoS,” Jain says. These machines can be used for authenticating biometrics-based transactions.
“However, with technological advancements, unique features can be embedded as an alternative authentication mechanism for preventing frauds and initiating reliable, flexible, and secure payment solutions,” Jain says.
What are the concerns?
The biggest concern in any biometric-based solution is privacy. Customers will be wary of sharing personal features such as fingerprints and facial IDs that would be used repeatedly to authenticate transactions on UPI.
“Privacy concerns are paramount, as biometric data is highly sensitive. Ensuring that this data is securely stored and protected from breaches will be crucial,” Shelar says. The biometric data should also be interoperable or simply put they should seamlessly operate across various payment apps and devices, say officials in the payments industry. “If compromised, biometric data is difficult to change, unlike passwords,” Jain says.
But these are really early days and a mass rollout of biometrics-based payments will take place only when the requisite infrastructure is in place. Only when the NPCI and the payments ecosystem that includes banks, merchants and customers are onboarded and ready, will it happen in a big way.
Allirajan M is a journalist with over two decades of experience. He has worked with several leading media organisations in the country and has been writing on mutual funds for nearly 16 years.
Catch all the Instant Personal Loan, Business News, Money news, Breaking News Events and Latest News Updates on Live Mint. Download The Mint News App to get Daily Market Updates.
MoreLess