Could selfies replace passwords?

Last updated: 01 April 2016


selfies replacing passwords

Over the last few years the ‘selfie’ has gripped the world. Whether it’s Ellen DeGeneres posing with Hollywood stars at the Oscars (a selfie that almost broke Twitter), or Usain Bolt capturing his triumphant moment on the podium at the World Athletics Championship, the smartphone camera-fueled craze always seems to be in the headlines. Now, people are asking whether the selfie could be about to revolutionize the way we pay.

Amazon is seeking to patent ‘pay by selfie’ technology, which will allow users to complete transactions by simply uploading a picture of themselves. Don’t worry – to prevent these photos being spoofed, there’ll be a second stage of authentication…which is apparently where the process gets more advanced. Users will be asked to perform an action, establishing the user is a real person and not a fraudster. But what sort of implications could this have? Might the supermarket self-checkout machines of the future be ‘selfie booths’?

We’re particularly excited about this development, because our recent Connected Living 2025 survey on young people’s predictions for connected life revealed widespread enthusiasm for facial recognition. It seems our respondents were very prescient on this occasion.

Amazon’s move towards facial recognition marks a realization that the traditional password is becoming increasingly obsolete – unless, of course, it’s combined with other layers of authentication. A recent list of the world’s worst passwords demonstrates the problem; humans just aren’t wired to remember codes. Plus, static information is more vulnerable to cyber-attackers – once it’s acquired, that’s it, your account is breached! That’s why it’s so important that we explore alternative solutions, and one of those is certainly facial recognition.

Multi-factor authentication is another more robust alternative to the traditional password; this involves a layered approach to digital security, moving beyond a simple username and password combination. This could be a one time password generated by a mobile app or using some sort of secure hardware.

Certainly, the traditional password is on its way out. Whether it’s selfies, dynamic passwords, or a form of mobile ID, more sophisticated security solutions are emerging in a world of constantly evolving cyber threats.

What do you make of Amazon’s approach to payment security? Would you be happy taking a selfie to complete a transaction? Let us know by tweeting us at @Gemalto, or by posting a comment below.