Technical feasibility of context-aware passive payment authorization for physical points of sale

In this work, the technical feasibility of passive secure payments for brick-and-mortar points of sale is analyzed. The core element of the proposed approach is a new application for context-based risk and trust assessment. It allows for dynamic selection of payment authorization methods that constitutes accurate trade-off between security and convenience. Particularly, the payments can be performed and authorized in the background using biometric means (face recognition), without user’s explicit action. Generally, in the proposed approach, multiple devices are used for authorization: mobile, wearables, or stationary, client’s or seller’s, and multiple authorization methods are used: biometric, knowledge-based, and possession-based. The reported research includes requirement identification, novel architecture and protocol proposition, proof-of-concept prototype system deployment, and evaluation-based lessons learned. The research confirms that with the proposed approach, it is possible to take advantage of client-seller trust dynamism to simplify the payment process while maintaining the security level.

[1]  Alec Wolman,et al.  Zero-effort payments: design, deployment, and lessons , 2014, UbiComp.

[2]  Finnish Grocery Retailing Market Assessment for the Deployment of Payment Innovation : Case: Uniqul Face Recognition Payment Application , 2016 .

[3]  Krzysztof Joachimiak,et al.  Model for adaptable context-based biometric authentication for mobile devices , 2016, Personal and Ubiquitous Computing.

[4]  Alex Pentland,et al.  Face recognition using eigenfaces , 1991, Proceedings. 1991 IEEE Computer Society Conference on Computer Vision and Pattern Recognition.

[5]  Sharath Pankanti,et al.  Guide to Biometrics , 2003, Springer Professional Computing.