Recognising the weaknesses of password-based systems, companies the world over are increasingly betting on biometric security. In fact, facial recognition technology, estimated to be worth $7.76 billion by 2022, has already won over the likes of Mastercard, Apple, Alipay, Google, Baidu, HSBC and Microsoft, among many others. At home, Paytm, India’s largest digital financial services provider, reportedly hopes to join this bandwagon.

Sources in the know told the The Economics Times that the company has begun testing a facial recognition tool on Google’s Android platform, and will shortly roll it out through an app update. “We have already started testing the face recognition tool among our employees. Once live, Paytm users will be able to log into the app by simply looking at the phone,” said a senior Paytm executive.
The development follows an inexorable move – worldwide – towards biometrics-based authentication tools in the face of the growing vulnerabilities of the password-based approach. The latter are open to phishing attacks that fraudsters rely on to trick customers into revealing their passwords or mobile pin numbers. So Paytm’s move towards facial recognition is an attempt to enhance the security of the app.

“We are currently working on several initiatives that will help us to take our services to users in every nook and corner of the country who are still learning to use smartphones,” Deepak Abbot, senior vice-president at Paytm, told the daily.

The Noida-based company also plans to extend this new feature to allow customers to pay at merchant outlets with the blink of an eye. However, offline payments through face recognition are expected to take longer.

For nearly a decade the Reserve Bank of India has pushed ‘two-factor authentication’ (2FA) for online payments. This means authenticating online transactions in two stages: First by something that the payer has, usually a password known only by him/her, and then through a one-time password (OTP) received on the payer’s registered mobile phone, such as Verified by Visa or 3D Secure. In December 2016, however, the apex bank had eased its stand by allowing single-factor authentication for transactions under Rs 2,000.

“For stored value transactions like wallet payments, which do not require the second factor [of authentication], we can bring in face recognition as the factor of authentication,” an executive told the daily. This is expected to be highly beneficial for offline merchant transactions, and Paytm boasts 9.5 million offline merchants on its platform. The company, in fact, has already identified devices capable of reading the customers’ faces that can be installed at select merchant locations and used for such authentications.

“We will be checking for the eye white, which is a recognition of whether a person is alive or dead. We will also make the customer blink once to show he or she is alive,” the company source added. “As of now, we are restricting it to opening the app, but the future will see much more use cases.”

While Paytm now has the backing of several behemoths including Warren Buffett’s Berkshire Hathaway, China’s Alibaba Group Holdings and Japan’s Softbank Vision Fund, it has a tough battle ahead if it wants to hang on to its leadership position. Apart from deep-pocketed rivals like Flipkart-owned PhonePe, Amazon Pay, and Google Pay, newer players like WhatsApp Payments and Reliance Jio and WhatsApp Pay are also eyeing India’s $200 billion digital payments market. Given that the market is expected to mushroom to $1 trillion over the next five years, competition will only intensify.