Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on the day's biggest business stories

Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Stay on top of the latest market trends

Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: Eniola Odetunde/Axios

Banks have been quietly rolling out biometrics to identify customers — verifying them by their fingerprint, voice or eye scan — and retailers like Amazon are getting into the game.

Why it matters: These companies are amassing giant databases of our most personal information — including our gait, how we hold our cellphones, our typing patterns — that raise knotty questions about data security and privacy.

Driving the news: Amazon wants consumers to be able to pay for items in physical stores by waving their palm in front of a payment terminal, the WSJ reports.

  • The system would link your palm image to a payment card.
  • Amazon "plans to pitch the terminals to coffee shops, fast-food restaurants and other merchants that do lots of repeat business with their customers," the Journal reports.
  • Palm biometrics haven't been used for payments on a big scale, but fingerprints have: Apple Pay and the Apple credit card involve pay-by-touch with a cellphone.
  • Voice ID is also prevalent, particularly in bank call centers.

The intrigue: Banks have have had a love/hate relationship with biometrics for decades — customers are leery, and there's a high rate of failure. As anyone with an iPhone knows, a wet or greasy finger often won't work, and voice recognition systems often fail if someone has a cold (or is tipsy).

But banks — and, increasingly, retailers — have been working in overdrive to use biometrics both in back-end systems (where consumers won't see them) and public-facing ones:

  • Chase, Bank of America, Citi and Wells Fargo have introduced various biometric ID options, including voice, fingerprint, eye or facial recognition.
  • Mastercard and Visa are rolling out payment cards with embedded fingerprint ID.
  • BMO and Mastercard pioneered "selfie pay," which lets customers authenticate themselves for online shopping.

Banks say their systems are completely secure, but they are proceeding gingerly to avoid making their customers nervous. Several banks gave "no comments" to Axios when asked about their biometrics programs; Amazon did too.

  • Some banks have dropped the creepier biometrics: Republic Bank of Kentucky said in 2016 that it would let customers log in to their mobile banking app by fingerprint or eye vein scan — now it offers the finger option plus facial ID.

There are already some horror stories:

  • Thumbprints have been spoofed with the type of gelatin used in Gummi Bears and a picture of someone else's thumb.
  • A pair of twins hacked HSBC's phone banking voice ID system — though it wasn't easy.
  • Facial recognition systems can be foiled by deepfakes, masks, and virtual reality — and they often show racial bias.

What they're saying: "A biometric is a very sensitive piece of personal information. If your password gets stolen, you create a new password. If your fingerprints get stolen, you can't create new fingerprints," Stephen Ritter, chief technology officer of Mitek, an identity verification company, tells Axios.

Reality check: Banking and credit card companies say biometrics — which, so far, are usually optional — are invaluable in fighting fraud and that spoofing is rare. They call the technology proven and safe, and say that many customers — particularly younger ones — welcome it.

  • Biometric systems have ways of checking for "liveness," to guard against robots and AI intruders.
  • The systems routinely avert criminal behavior. One example: Discover, the credit card company, "receives so-called voiceprints of callers — not recordings of their voice — and flags known fraudsters," reports the WSJ.

A growing number of people welcome the convenience, thanks to cellphones making finger ID routine. "If it weren't for being able to use your thumbprint on your iPhone, I think biometrics would still be something on the fringe of authenticating," Trace Fooshee of Aite Group, a banking consultancy, tells Axios.

On the retail side: Amazon isn't the only company dabbling in biometrics.

  • The New York Mets have kiosks that will let you pay for snacks by fingerprint.
  • A handful of quick-serve restaurants like Caliburger and Malibu Poke are letting customers order via facial recognition at self-serve kiosks.
  • Mitek, which sells a face ID verification system, counts Airbnb, Instacart and Poshmark as customers.

Between the lines: What customers don't see is banks' and retailers' heavy use of "passive" or "behavioral biometrics" to thwart fraud. "On a mobile phone, that could be the angle that you currently are handling the device, whether you are typing in the password with your thumbs," Chris Reid, EVP at Mastercard, tells Axios.

  • "Those passive biometrics can tell this isn't actually" the real customer.

The bottom line: Whether we like it or not, biometrics are going to be a bigger part of our lives.

  • And while the banking industry is heavily regulated, the retail world is not — so there are different standards of trust and security.

Go deeper

54 mins ago - Technology
Column / Tech Agenda

The new digital extortion

Shoshana Gordon/Axios

If you run a hospital, a bank, a utility or a city, chances are you'll be hit with a ransomware attack. Given the choice between losing your precious data or paying up, chances are you'll pay.

Why it matters: Paying the hackers is the clear short-term answer for most organizations hit with these devastating attacks, but it's a long-term societal disaster, encouraging hackers to continue their lucrative extortion schemes.

1 hour ago - Health

CDC mask guidance sparks confusion, questions

Illustration: Sarah Grillo/Axios

The CDC's surprise guidance last week freeing the fully vaccinated to go maskless sowed plenty of concerns across the country— even earning the "Saturday Night Live" treatment for all the questions it spurred.

Why it matters: With plenty of Americans still unvaccinated — and without any good way to confirm who has been vaccinated — some experts worry this could put many at increased risk.

Updated 3 hours ago - World

In photos: Israel-Hamas aerial bombardments enter second week

A ball of fire and a plume of smoke rise above buildings in Gaza City as Israeli forces shell the Palestinian enclave, early on May 17. Photo: Mahmud Hams/AFP via Getty Images

Israel and Hamas continued aerial bombardments into Monday morning, as fighting entered a second week.

Why it matters: The worst violence in the region since 2014 has resulted in the deaths of 197 people in Gaza, ruled by Hamas, and 10 in Israel. 58 Palestinian children and two Israeli children are among those killed since the aerial exchanges began on May 10, Reuters notes.