S'pore: Biometrics to secure daily purchases?

Not until security and privacy issues are addressed, says NETS, the republic's electronic payments provider.

SINGAPORE--Biometrics will not be used to authenticate small everyday purchases--at least for now--says Network for Electronic Transfers (NETS).

NETS, which operates the nationwide infrastructure to enable payment via ATM cards, has expressed interest in using biometrics, but the company "views [biometrics] as a technology that is a long way from becoming mainstream", Jay Hotti, NETS' chief information officer, told ZDNet Asia in an e-mail interview. "Perhaps five to eight years away," he noted.

Hotti added: "There are still issues that have yet to be resolved, such as privacy and determining a common standard that is recognized across borders."

Although NETS has invested in biometrics research and introduced prototypes, Hotti explained, a commercial rollout is a planned event where the company has to consider factors, such as "the maturity of the product, the availability of the standard, and most importantly, how likely consumers will adopt such a technology".

In August 2005, the electronic payments provider teamed up with Mensa Singapore to organize a competition to encourage students to explore future electronic payment concepts.

Singapore Polytechnic won the contest with their biometrics payment system which is similar to the Pay By Touch fingerprint authentication model implemented by Citibank Singapore in November.

Hotti said that before any biometrics payment system can be rolled out, issues concerning privacy, standards and the storage location of the fingerprint data have to be addressed first.

He said that if the fingerprint data was to be stored locally on the chip, there would have to be terminals that can read it, and the availability of terminals and cost of implementation have to be balanced against other initiatives from the company.

"Whatever we do, we want to make sure it is available widely and not just at selected few places," Hotti said.

According to Hotti, there are two ways to secure the biometrics payment system. The first step is to have the information stored on the chip or the host secured, while the second step is to have the terminal that communicates with the chip or host secured.

"In this context of a hypothetical biometrics payment system, NETS has to ensure every transaction is totally secure while riding on our established payment infrastructure," he added.