Passwords be gone! Amazon.com Inc., through its Amazon Technologies subsidiary, is working on facial recognition technology that may make committing fraud tougher.
The U.S. Patent and Trademark Office last week published a patent application detailing the technology. Amazon Technologies filed the patent application last October, expanding on another patent filed in 2012 that lays out how advanced, live biometric authentication processes can improve security. Biometric processes analyze physical and behavioral characteristics to identify people. Amazon did not reply to an inquiry about the patent application.
The technology detailed in the new patent application would let the company using the technology verify the person attempting to login or complete a purchase is who he says he is. The authentication prompts the user to “perform an action in view of a camera or sensor.” Through a sequence of checks, the program identifies the user and verifies the person is a living human being and not just a photograph of the person. That can be done by asking the person to blink or make another gesture, for example. Once the user is authenticated, the application says, the transaction is completed.
The process is part of a larger drive to improve security online, as passwords can be easily misappropriated or stolen.
“As people are utilizing computing devices for an increasing variety of tasks, there is a corresponding need to improve the security available for these tasks,” Amazon wrote in the related 2012 patent application. “While many conventional approaches rely on password entry for user authentication, these passwords can be stolen or discovered by other persons who can impersonate the user for any of a variety of tasks.”
The United States is the world leader in card-not-present fraud, in which a criminal uses stolen payment card information to pay for something online, through a call center, on a mobile device or by mail order. The Nilson Report, a payments industry publication, estimates 25% of total global fraud losses 2014—roughly $4.08 billion—was due to card-not-present fraud losses.
Amazon is not the only company looking to avoid such fraud and enhance security using facial recognition technology. Alibaba Group Holding Ltd. is developing Smile to Pay whereby consumers shopping on mobile devices snap a photograph of themselves to authenticate the transaction. No launch date has been set for the service. Meanwhile MasterCard Worldwide last summer said it would test a mobile app that asks consumers to scan their fingerprint on their phone or snap a photo of themselves using their smartphone camera to verify a purchase. MasterCard says other biometric methods are being considered, including voice recognition and cardiac rhythm through a wristband.
Bob Reany, MasterCard’s executive vice president of identity solutions, last month told Internet Retailer magazine the payment card company has incorporated facial recognition technology into its SecureCode service in the Netherlands, and that it ran a similar test with the technology last year with users in California. SecureCode is a form of 3-D Secure authentication, a protocol that requires cardholders to register and create a password for their payment cards that they then use to log in before an online retailer authorizes payments. “You will see it this year,” he says of a biometric option consumers can opt to use when they enroll in SecureCode.
The latest Amazon patent filing is just one of about 750 published by the U.S. Patent office in the last two years for Amazon Technologies. Amazon is the No. 1 e-retailer in the Internet Retailer 2015 Top 500 Guide.