CC Authorization With A Fingerprint

In banking industry all takes ages. So it is worth noting when something important happens :)

Banks have - forever - considered themselves an authority. This is how the credit card payments system has been functioning. You buy an item, present a card to the seller and your bank authorizes the transaction. Your BANK, not YOU. Of course there is a (false) assumption that it is you who hand over the card and nobody can just take it. Or just take the card's number. What prevents the seller to enter your card's number again when you leave the shop? Nothing, except the fact he is honest.

Ah OK, there is also the new standard - EMV - that requires the card to be physically present. Yes EMV has cut the credit card fraud a lot. But it is not used for online transactions. So it is a bit like tightly securing the windows while keeping the front door open.

Yes, banks have been working on securing online transactions too. With the awkward and inconvenient SMS codes. For that you not only needed to be connected to the Internet, but also to your mobile network (which is problematic abroad when using local prepaid SIM cards - you cannot receive SMSes from your bank...). Also reading the SMS code with a protein interface (your eyes) and typing it in with your protein interface (your fingers) is cumbersome.

But things are changing! Last week my bank decided to use my phone's fingerprint reader to authorize an online credit card transaction. Yay! I used my card to pay for a TV service, and it pushed a notification to my phone, requiring a fingerprint - see the screenshot. What a change! Finally, with a touch of a finger, I (and not my bank) decide if an online transaction should be authorized.