Feeds

PayPal's fizzog-based payments app rubbished over reliability worries

'What if the shop assistant's an idiot?' asks security bod

Secure remote control for conventional and virtual desktops

Shop assistants may be too thick to guarantee the security of Paypal's new real-world payment system, a leading security bod has cautioned.

PayPal is currently trialling a new system that allows shoppers in the London suburb of Richmond to pay for stuff using their ugly mugs.

Customers can pay for goods using their pocket fondleslab, as long as a shop assistant verifies their identity from a photograph.

But Andy Kemshall, co-founder and technical director of two-step authentication specialists SecurEnvoy, warned that the system could be fallible.

He said: "Using face recognition to authenticate quick and convenient payments in shops and cafes seems ideal in our ever-busy lives. However I have serious doubts about the security of this method.

"The completion of the transaction relies on the shop assistant verifying the customer’s face – certainly a risky method of authentication that could easily be subject to human error, be it accidental or deliberate. Using mobile phones to authenticate processes such as payments is the way forward. However, face recognition technology, as it stands, is nowhere near sophisticated enough to act as a reliable method."

Kemshall said that security systems needed to be "99.9 per cent perfect, at the very least" and claimed that biometrics did not yet offer this level of reliability.

He added: "Using manual face recognition, in the way exhibited by Paypal to authenticate payment in store, is a clear case of running before you can walk.”

Some 12 shops in the Richmond area are trialling the system, but PayPal hopes to roll the new system out to 2,000 shops by the end of 2013.

Rob Harper, head of retail services at PayPal, said: "This is another step on the journey towards a wallet-less high street, where customers will be able to leave their wallet or purse at home and pay using their phone or tablet. We predict that by 2016 this will become a reality." ®

Providing a secure and efficient Helpdesk

More from The Register

next story
Not appy with your Chromebook? Well now it can run Android apps
Google offers beta of tricky OS-inside-OS tech
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
NHS grows a NoSQL backbone and rips out its Oracle Spine
Open source? In the government? Ha ha! What, wait ...?
Google extends app refund window to two hours
You now have 120 minutes to finish that game instead of 15
Intel: Hey, enterprises, drop everything and DO HADOOP
Big Data analytics projected to run on more servers than any other app
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.