How Biometric Verification Will Revolutionize Online Checkout

April 4, 2018         By: Alastair Johnson

Online payments should be simple, safe and seamless.The truth is, though, they’re simply not. The Baymard Institute estimates that 69% of shopping carts are abandoned at checkout. The reasons for this alarming statistic have been attributed to site errors, lack of trust in the website’s ability to keep card information secure, or the requirement to create an account, to name a few.

Frustration is not the only consequence of this issue. On top of the time wasted client-side, merchants are missing out on a whopping $4 trillion in revenue. Evidently, there is a pressing need to revamp the current system, and that need may be answered with the latest in bleeding-edge technology: biometrics and blockchains.

It is thought that the average consumer has accounts on roughly 90 websites. Beyond the tedium of needing to enter your address, phone number and card details over and over again, every additional site that is trusted with this sensitive information is an added attack vector. A malicious actor need only compromise one of these databases to gain access to an individual’s data.

So it would appear that the major challenges are security and good UX. Killing the proverbial two birds with one stone is made possible with blockchain tech. In line with the principles of a ‘self-sovereign identity’, decentralised ledger technology allows for an individual to stay in control of their own data when interacting with third parties.

With a zero-knowledge storage system, gone is the need to store information in a centralised container prone to breaches. Ideally no personal information will be shared, but if the user chooses they can grant and revoke access to select pieces of information, with the encrypted data residing on the blockchain. Distributed architecture is structured in such a way that an attacker would need to control 51% of the network’s nodes (a technically impossible feat with large networks) to gain control of said data.

Whilst already highly resilient, a blockchain’s data protection capabilities can be complemented with a physical security layer – biometric authentication. The self-sovereign identity truly began to gain traction with the invention of PGP in the 90s but lacked a true ‘bridge’ that tethered the identity to the individual. He who holds the keys, with PGP, holds the identity. Individuals need to keep their private keys secure, but if a third-party gains access to these, the identity is compromised.

With advances in facial and fingerprinting authentication, we’re on the brink of a future where an individual’s body is their private key. Fraudulent activity involving stolen credentials will be rendered impossible, as, short of kidnapping an individual and forcing them to unlock hardware, there is simply no method of bypassing biometrics.

The marriage of these two technologies will be paramount in reshaping ecommerce as it stands. As the GDPR compliance deadline looms, businesses will undoubtedly seek to integrate models that reduce their liability. No longer will customers need to register accounts across many websites and leave their data behind and open themselves up to breach. With digital identity management, the checkout process will be streamlined, simply requiring authentication on their end before an order is completed.


About The Author

Alastair Johnson is the founder & CEO of Nuggets. Nuggets is an e-commerce payments and ID platform. It stores your personal and payment data securely in the blockchain, so you never have to share it with anyone – not even Nuggets.