Get the latest market trends in your inbox

Stay on top of the latest market trends and economic insights with the Axios Markets newsletter. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Minneapolis-St. Paul

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa-St. Petersburg news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa-St. Petersburg

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: Eniola Odetunde/Axios

Banks have been quietly rolling out biometrics to identify customers — verifying them by their fingerprint, voice or eye scan — and retailers like Amazon are getting into the game.

Why it matters: These companies are amassing giant databases of our most personal information — including our gait, how we hold our cellphones, our typing patterns — that raise knotty questions about data security and privacy.

Driving the news: Amazon wants consumers to be able to pay for items in physical stores by waving their palm in front of a payment terminal, the WSJ reports.

  • The system would link your palm image to a payment card.
  • Amazon "plans to pitch the terminals to coffee shops, fast-food restaurants and other merchants that do lots of repeat business with their customers," the Journal reports.
  • Palm biometrics haven't been used for payments on a big scale, but fingerprints have: Apple Pay and the Apple credit card involve pay-by-touch with a cellphone.
  • Voice ID is also prevalent, particularly in bank call centers.

The intrigue: Banks have have had a love/hate relationship with biometrics for decades — customers are leery, and there's a high rate of failure. As anyone with an iPhone knows, a wet or greasy finger often won't work, and voice recognition systems often fail if someone has a cold (or is tipsy).

But banks — and, increasingly, retailers — have been working in overdrive to use biometrics both in back-end systems (where consumers won't see them) and public-facing ones:

  • Chase, Bank of America, Citi and Wells Fargo have introduced various biometric ID options, including voice, fingerprint, eye or facial recognition.
  • Mastercard and Visa are rolling out payment cards with embedded fingerprint ID.
  • BMO and Mastercard pioneered "selfie pay," which lets customers authenticate themselves for online shopping.

Banks say their systems are completely secure, but they are proceeding gingerly to avoid making their customers nervous. Several banks gave "no comments" to Axios when asked about their biometrics programs; Amazon did too.

  • Some banks have dropped the creepier biometrics: Republic Bank of Kentucky said in 2016 that it would let customers log in to their mobile banking app by fingerprint or eye vein scan — now it offers the finger option plus facial ID.

There are already some horror stories:

  • Thumbprints have been spoofed with the type of gelatin used in Gummi Bears and a picture of someone else's thumb.
  • A pair of twins hacked HSBC's phone banking voice ID system — though it wasn't easy.
  • Facial recognition systems can be foiled by deepfakes, masks, and virtual reality — and they often show racial bias.

What they're saying: "A biometric is a very sensitive piece of personal information. If your password gets stolen, you create a new password. If your fingerprints get stolen, you can't create new fingerprints," Stephen Ritter, chief technology officer of Mitek, an identity verification company, tells Axios.

Reality check: Banking and credit card companies say biometrics — which, so far, are usually optional — are invaluable in fighting fraud and that spoofing is rare. They call the technology proven and safe, and say that many customers — particularly younger ones — welcome it.

  • Biometric systems have ways of checking for "liveness," to guard against robots and AI intruders.
  • The systems routinely avert criminal behavior. One example: Discover, the credit card company, "receives so-called voiceprints of callers — not recordings of their voice — and flags known fraudsters," reports the WSJ.

A growing number of people welcome the convenience, thanks to cellphones making finger ID routine. "If it weren't for being able to use your thumbprint on your iPhone, I think biometrics would still be something on the fringe of authenticating," Trace Fooshee of Aite Group, a banking consultancy, tells Axios.

On the retail side: Amazon isn't the only company dabbling in biometrics.

  • The New York Mets have kiosks that will let you pay for snacks by fingerprint.
  • A handful of quick-serve restaurants like Caliburger and Malibu Poke are letting customers order via facial recognition at self-serve kiosks.
  • Mitek, which sells a face ID verification system, counts Airbnb, Instacart and Poshmark as customers.

Between the lines: What customers don't see is banks' and retailers' heavy use of "passive" or "behavioral biometrics" to thwart fraud. "On a mobile phone, that could be the angle that you currently are handling the device, whether you are typing in the password with your thumbs," Chris Reid, EVP at Mastercard, tells Axios.

  • "Those passive biometrics can tell this isn't actually" the real customer.

The bottom line: Whether we like it or not, biometrics are going to be a bigger part of our lives.

  • And while the banking industry is heavily regulated, the retail world is not — so there are different standards of trust and security.

Go deeper

Democrat Mark Kelly sworn in to U.S. Senate

Photo: Courtney Pedroza/Getty Images

Astronaut Mark Kelly (D) was sworn in to the U.S. Senate on Wednesday after defeating incumbent Sen. Martha McSally (R-Ariz.) last month for the seat once held by the late Sen. John McCain.

Why it matters: Kelly's swearing-in by Vice President Mike Pence narrows the Republican majority and moves the Senate balance to 52-48.

Senate Armed Services chair dismisses Trump threat to veto defense bill

Sen. Jim Inhofe. Photo: Anna Moneymaker/Pool/AFP via Getty Images

Sen. Jim Inhofe (R-Okla.), chair of the Senate Armed Services Committee, told reporters Wednesday that he plans to move ahead with a crucial defense-spending bill without provisions that would eliminate tech industry protections, defying a veto threat from President Trump.

Why it matters: Inhofe's public rebuke signals that the Senate could have enough Republican backing to override a potential veto from Trump, who has demanded that the $740 billion National Defense Authorization Act repeal Section 230 of the Communications Decency Act.

Scoop: Uber in talks to sell air taxi business to Joby

Illustration: Sarah Grillo/Axios

Uber is in advanced talks to sell its Uber Elevate unit to Joby Aviation, Axios has learned from multiple sources. A deal could be announced later this month.

Between the lines: Uber Elevate was formed to develop a network of self-driving air taxis, but to date has been most notable for its annual conference devoted to the nascent industry.