Is HSBC's selfie-verification risky?
HSBC’s use of a selfie for identification purposes is welcome news for the mobile payments industry.
It has long been an archaic fallacy that the best or only way to identify an individual is the use of a passport and utility bill, or that the customer’s physical presence in-branch is necessary. The capabilities of a smartphone – its ability to hear and see you and transmit that information in real time – are in the vast majority of cases an adequate substitute for that physical presence, and this move will doubtless bring far greater convenience to customers.
There are of course some risk areas – how do you know for certain that the base document used as the comparator picture for the selfie is itself genuine? What if a different selfie is intercepted by hackers along with a copy of the underlying document? But the key point is that the transmission of this ID information over a mobile data network is actually no more risky than an in-branch meeting with presentation of physical documents: in fact, if the right verification technology is deployed against the right datasets, it might even be safer. We expect other financial institutions will follow suit – especially digital banks without a branch infrastructure.