Warning: Don’t Use Your Face as a Credit Card
Corporations keep trying to make facial recognition happen, now in the form of face as credit card. For all of our sakes, don’t let them.
By Max Eddy
Mastercard wants you to start paying with your face. CNBC reports that Mastercard’s new plan would let consumers tie their credit cards to biometric identifiers: “At checkout, users will be able to authenticate their payment by showing their face or the palm of their hand instead of swiping their card.”
This is terrible idea. Facial recognition systems are neither particularly useful, nor do do they respect your privacy.
Less objectionable, but still gross, is the idea of effectively turning your body into a credit card. The credit system is already predatory enough, but tying your debt to your body is deeply dehumanizing. Most objectionable is the continued socialization and adoption of facial recognition, a technology that is inherently dangerous to society and useless to the individual, making it the worst idea in the history of consumer technology.
CNBC also reports Mastercard’s scheme will somehow allow you to make payments in the metaverse and verify ownership for NFTs—the third and second worst ideas in technology, respectively.
Don’t Become a Credit Card
There are two big problems with facial recognition in general. First, there’s no good way to communicate intent with it. This is a real problem when using your face to unlock your phone, since simply holding up your phone (or someone else holding up your phone) will unlock it whether you want to or not. It’s the same for making purchases. Granted, work has been done to fix this, but there’s a world of difference between choosing to enter a PIN or present your fingerprint than looking at a machine just so.
Facial recognition is inherently dangerous to society and useless to the individual, making it the worst idea in the history of consumer technology
To buy something with a credit card you have to take the card out, let the point-of-sale machine interact with it somehow, and then punch in your PIN or sign a receipt. It’s very difficult to accidentally run your card through a machine without intending to. Even assuming Mastercard’s process would have a validation process, like entering a PIN or tapping a confirmation box, the fact that simply showing your face to start a payment process is worrying. It’s not secure and, more than that, it’s bad design.
The second problem with facial recognition is abstract but more urgent: the widespread adoption of facial recognition will make people more comfortable with constant surveillance and tracking on an enormous scale. We’ve seen some of this before, where a technology that people are unfamiliar with or suspicious of becomes adopted without valid concerns being addressed. Home DNA testing is still popular despite the privacy implications, and although we’ve seen improvement to privacy controls for free apps and services, nearly all of them still rely on harvesting your personal data.
It’s happening with facial recognition, too. Apple has (bewilderingly) made it the default option for its flagship iPhones, and Microsoft for its Windows Hello login scheme. It’s now common for travelers to be encouraged or even required to have their faces scanned at airports (despite it being allegedly optional).
We should be concerned about its normalization, because facial recognition is uniquely invasive. It allows numerous individuals to be surveilled simultaneously and without their knowledge. Fingerprinting a whole crowd of people isn’t easy or subtle. Yet powerful facial recognition would not only identify people without their knowledge, but also track their interactions with each other and things around them.
That’s a problem concerning government mass surveillance, but it’s not much better when a corporation does it. We already know retailers are keen to track customers in their stores. Imagine how much more data could be gleaned by tracking what shoppers interact with or constructing a social map based on whom they interact with. I vividly recall a Google patent for technology that would track pupil dilation(Opens in a new window) to interactions, trying to guess people’s responses to advertising and to each other. These ideas aren’t new, they’re just waiting for implementation.
The widespread adoption of facial recognition will make people more comfortable with constant surveillance and tracking on an enormous scale.
There’s nothing in the reporting on Mastercard’s new scheme to suggest that degree of surveillance, but there is a mention of loyalty programs, which are often just a nice way to say you’re being tracked. Again, from the CNBC article, referring to a desire for the biometric payment system to be usable globally.
The feature could integrate with loyalty schemes and make personalized recommendations based on previous purchases, Mastercard said.
Stop Trying to Make Facial Recognition Happen
For now, Mastercard’s face payment scheme is only available in Sao Paulo, Brazil, but it’s likely to spread. That means there’s a rare opportunity to push against this effort. The narrative for facial recognition is not settled and, if anything, the caution with which its being rolled out into consumer products suggests companies aren’t sure it’s a safe bet just yet.
So, say no to face scanning. Opt out at the airport. Use your fingerprint or a passcode to unlock your phone. Shun FaceID. Pass on Windows Hello and use a security key instead. When you see a company or a government insisting that facial recognition is private and secure, make a lot of noise. If poor consumer adoption can stop the BetaMax tape and the MiniDisc, surely we can make facial recognition so toxic that its merest mention will get people up in arms.
Originally published at https://www.pcmag.com.
