Following the news Amazon has applied for a patent to offer selfies as a method of customer authentication, Here to comment on this news is David Emm, Kaspersky Lab Principal Security Researcher.
David Emm, Principal Security Researcher at Kaspersky Lab:
“I like the idea of using facial recognition to confirm someone’s identity. And the idea of a two-step process – a static picture, followed by a second, anti-spoof picture – is even better. However, I’d prefer to see this used as well as a password, rather than instead of a password. Given that lots of people use the same password for everything, and often weak passwords too, this would undoubtedly be a step-up in protection for many people. But I think it would be even safer to combine both approaches. If a consumer’s password is compromised, they can change it. If their face, fingerprint or voice is compromised, there’s nothing they can do.”
“Either way, it’s also important that Amazon, or any other provider, takes steps to secure (from theft or spoofing) whatever mechanism is used for authentication – passwords or biometrics.”