Amazon has filed a patent application for a system that would allow users to authenticate purchases by taking a selfie. The application is for a process enabling Amazon shoppers to take a photo or video of themselves when checking out, rather than entering a password.
Amazon believes the new system would not only make paying for products simpler, but also cut the alleged social awkwardness involved with typing in a long password in front of friends.
How it works
Amazon's patent filing specifies that the system would use a two-factor authentication method so that the system couldn't be fooled by someone holding up a photo of another person's face. This would involve an initial photo to establish the user's identity followed by a second that would "prompt the user to perform certain actions, motions, or gestures, such as to smile, blink, or tilt his or her head".
The patent filing reads: "As people are utilising computing devices for an increasing variety of tasks, there is a corresponding need to improve the security available for these tasks. While many conventional approaches rely on password entry for user authentication, these passwords can be stolen or discovered by other persons who can impersonate the user for any of a variety of tasks.
"The entry of these passwords on portable devices is not user-friendly in many cases, as the small touchscreen or keyboard elements can be difficult to accurately select using a relatively large human finger, and can require the user to turn away from friends or co-workers when entering a password, which can be awkward or embarrassing in many situations."
Online retailers are increasingly looking to easier and more secure authentications to replace traditional passwords, and with good reason: according to a 2015 study, the most common passwords include 123456, password and qwerty – which hardly require the talents of a professional hacker to crack. Biometrics has been seen as one solution to this problem and the technology quickly gaining ground thanks to the proliferation of mobile devices employing fingerprint scanners.
Android and Microsoft offer a similar biometric system as a means for users to unlock their devices without a passcode, meanwhile Mastercard announced at MWC 2016 that it will roll out a "selfie pay" system to replace passwords for online payments. HSBC is planning a similar initiative.
Amazon recognises that many devices allow users to store their passwords so that they don't need to re-enter them every time they use a service. However, it notes that this could have potentially disastrous consequences if the device ever falls into the wrong hands, potentially giving an unscrupulous user free rein over your entire digital life. We'd take an awkward selfie over that any day.