Historically, smiles and other facial expressions have inspired painters and songwriters, engendered trust, given turbo-charged power to compliments and praise, and set the tone for appointments, meetings and first dates. Now, they promise to help consumers unlock mobile apps and other such doors into the larger digital economy — and do so via a 21st century form of expression: the selfie.
Selfies, of course, are just self-portraits that anyone with a suitable mobile device can produce (as opposed to being someone with a canvas, brushes and paints, as was usually the case in earlier times). They are associated with vanity, narcissism and social-media frivolity. Selfies document travel, nights out on the town, new haircuts, mood changes and other achievements both mundane and memorable. However, they are about to take on a much bigger and more important role in the daily lives of consumers and citizens.
At least, that’s the contention of Philipp Pointner, chief product officer at Jumio, a digital ID and authentication services provider. In a new PYMNTs interview, he talked about how selfies could help beef up authentication in general, including in tandem with other biometric markers, and why that 21st century form of digital self-expression makes a natural gatekeeper for digital society.
Selfies Vs Fingerprints
Selfies are not without competition, of course.
“Fingerprints and the face are the authentication methods that people are most in love with,” Pointner said. Fingerprints have moved passed their association with criminality and police bookings, as more devices offer this as a secure authentication method.
However, selfies might have an advantage over that. Not only are all types of people experienced at taking them (as we all live in a selfie culture), but, in the vast majority of cases, facial images are the only biometrics included on government-issued ID documents, such as drivers licenses. When other biometrics are included, such as mathematical representations of fingerprints, those biometrics are not often easily accessed by outside parties.
As authentication progresses in 2019 and beyond, the general idea is to have technology that can compare the facial images on government-issued ID documents to selfies taken by consumers seeking to open bank accounts, or perform other tasks that require not only ID verification, but relatively high levels of security. The more seamless and comfortable the process is to consumers, businesses and other organizations (and it seems nearly everyone has taken at least one selfie in their life), the better.
In fact, in the view of Pointner, authenticating oneself via the use of facial recognition and software “kind of creates a good feeling and user experience,” he said during the PYMNTS interview. “The things that are [really] successful on the internet are the things that replicate how we interact with each other in real life.”
Indeed, scanning someone else’s face — whether a smile, frown or certain look in the eyes — is a basic human function, an early warning sign to the other person’s mood and intentions. It’s primitive, and a big, if often unnoticed, part of daily life. According to Pointner, a process that combines the facial biometric on a government ID with authentication technology is “a perfect marriage.”
None of that, however, means that selfies are immune to being exploited by criminals.
Last year, for instance, Sixgill, an Israeli dark web research company, discovered a data dump for sale on a big Russian language dark web format that included a selfie of the users. According to the report, that appeared to be one of the first times a selfie of the user was included in the data being sold. While selfies alone don’t have much value to hackers, the report noted that, combined with other identifying information, it could enable hackers to potentially open up bank accounts and get credit under the victim’s name.
No More Passwords?
In the future envisioned by Pointner and other authentication experts, selfies are not the only lines of biometric defense. He outlined a general scenario in which facial ID authentication via selfie would allow basic access to a device, app or platform — with some functions accessible via, or monitored by, the use of “behavioral” biometrics. That refers to such markers as gait, like the pressure someone uses when navigating a smartphone screen, and other such traits.
“You use your face to unlock the application, but what you do within the application is monitored by behavioral biometrics,” he said.
So, what does this mean for the password — that low-level authentication method that seemingly will not die, no matter how many data breaches or warnings to consumers that they need to craft much more complex passwords?
“I think they should die,” Pointner said, echoing just about everyone else with a more-than-average sense of authentication and online security.
“It’s in the hands of the product managers,” he said. “If my bank offers fingerprint [authentication] and no way to use passwords, that would be it.”
That day is still a ways out. Who knows, though? Maybe the selfie — still more often demeaned than praised — could play a role in that.