The NPCI (National Payments Corporation of India) is reportedly in discussions with start-ups to introduce biometric authentication for UPI payments. While it is still early days, the technology that enables customers to transact using their facial identity and fingerprints is already available.
Currently, UPI transactions require a PIN or password for authentication. While these methods are effective, they are not foolproof. With the rise in cyber threats and digital fraud, there is a growing need for more robust security measures. This is where biometric authentication comes in. This will make payments highly secure reducing the scope for fraud, say top officials with payments service providers.
“This method is already widely used in smartphones for unlocking devices and authorising actions such as payments,” says Atish Shelar, chief operating officer (COO), TechFini, a UPI-based payment infrastructure provider for banks, financial institutions and fintech companies.
Integrating this technology into UPI transactions could significantly reduce the risk of unauthorised access, as biometric data is much harder to replicate than a PIN or password. Here is how biometric authentication will look like for UPI payments in the future.
A customer will have to first link her/his Aadhaar number with the bank account to initiate biometric-based UPI payments. “For this type of payment, users will not need to remember a PIN. Users must ensure that their biometric data, such as fingerprints or facial recognition, is correctly registered and updated in the system,” says Rahul Jain, chief financial officer, NTT Data Payments India, a leading payments solutions provider. “Customers can link their biometrics with their UPI IDs,” Shelar says.
After registration and linking, the biometrics of customers are encrypted and stored securely in a centralised database. While making payments, the customer has to present her/his biometric characteristics, which is then scanned by the PoS (Point of Sale) machine and matched against the stored data for verifying the identity.
Biometrics are almost impossible to duplicate, reducing the chances of fraud significantly. Since stored information is encrypted, data breaches will be quite difficult. The high accuracy ensures that only authorised individuals will be able to do the transactions. “It will vastly reduce frauds,” Shelar says.
“Biometric authentication enhances security by making it difficult to copy or steal identities, as biometric traits are unique. It is also convenient, as users don’t need to remember complex passwords, and transactions are faster,” Jain says. “The government is also keen on promoting such payment methods to curb financial frauds and enhance safety and convenience for the user,” he says.