Selfie pay works by prompting the user to open an app when making a purchase on their smartphone, where they then take a picture of themselves. That picture is compared to facial recognition data stored in the app from a selfie that was either taken when the person created an account or submitted an official photo ID. This data allows the app to either confirm or deny the identity of the person attempting to make the purchase.
Like other biometric security methods such as fingerprint scanning, selfie pay authentication is more secure than traditional authentication methods like passwords or security tokens, which can be easily compromised or lost. A person's face or fingerprint is unique to them, and therefore cannot be copied; it is also more convenient because the user does not need to remember anything.
Sometimes selfie authentication is combined with other authentication methods in a multifactor authentication setup. Some applications that employ selfie authentication store facial recognition information on the user's smartphone, making possession of the phone itself a factor in the authentication process.
To prevent being duped by a 2-D photo or a video playback, many apps or websites which use selfie authentication require the user to in some way prove that they are a living being. Proof can involve requiring the user to blink or otherwise move when prompted or to take a video in which they move their head from side to side or bring the phone closer to their face to provide multiple angles, allowing the software to create a 3-D facial model.
Selfie authentication is currently being used by e-commerce companies to enable customers to purchase merchandise more conveniently, by taking a selfie to log in and confirm their payments. It is also being used by banks and other organizations to protect the security of financial records. Major organizations which have begun using selfie authentication technology include Amazon, MasterCard and Alibaba.