PayPal has today announced the availability of their fingerprint-based authentication system in 25 countries. The system was first announced at MWC 2014 and is now ready for action on the Samsung Galaxy S5. With the app, users can simply swipe a finger over the home button on the S5 to authorize payments and perform other operations. This means you no longer have to login to PayPal with a username and password when using the mobile web, through apps or even in retail stores.

The S5 is also the first phone to incorporate the FIDO authentication standard that was developed by Google, Microsoft, MasterCard, and Lenovo.

John Lunn PayPal Developer Network:

Customers can use their finger to pay with PayPal from their new Samsung Galaxy S5 because the FIDO Ready software on the device securely communicates between the fingerprint sensor on their device and PayPal’s service in the cloud. The only information the device shares with PayPal is a unique encrypted key that allows PayPal to verify the identity of the customer without having to store any biometric information on PayPal’s servers”

PayPal has also introduced an new app for the Samsung Gear 2, Gear 2 Neo and Gear Fit that allows users to check their PayPal balance, receive payment notifications, and make payments right from their smartwatch.

Source: PayPal

 

Reader comments

PayPal details fingerprint-secured payments for Galaxy S5, apps for Gear

13 Comments

I got my s5 and paypal with fingerprint works in finland, i bought humble bundle some games for new phone ;)

But here is no paypal enabled stores in finlands 3:th biggest city, but web pay seems working good :)

What about an NFC component to make direct payments at pos terminals, similar to Google wallet and isis?

Posted via Android Central App

There is NFC in it. Now you just have to get VISA and Mastercard to stop being d*cks about it and not stop the stores from upgrading their hardware to support this. As long as those two controls in store payments, NFC will probably never happen, as they would be stupid to let more competition in for their easy earned bread and butter.

Huh? I see more and more terminals that take tap and pay. I used it at home depot this morning. With Google wallet you can select any card. MC, Visa, Amex, Google wallet prepaid card...
Sent from my Moto X!

Depends where you are and what stores you go. I've gone to a couple of gas stations and they POS has NFC, but not the gas pumps, as do Rite Aide pharmacies around me. Also, it's not VIsa and MasterCard, it's the payment processor that businesses use. They are the ones that provide the CC interface.

I don't trust Paypal so no way in the world I will use my fingerprint for anything related to their shady business. Anyone who has dealt with them as an Ebay seller knows what I am talking about.

I wonder if they store the fingerprint data an what if it gets hacked...easy to change your card number kinda hard to change your fingerprint.

Does Google wallet tap and pay work? I use it often on my moto x and nexus 5 on ATT.

Sent from my Moto X!

The way these biometric systems work means that information about your fingerprint doesn't get transmitted to the app or outside of the device. If I understand it correctly the finger is scanned by the OS, turned into a hash of some sort which is then compared statistically against a database containing your registered fingerprints. If a match is found a security token of some fashion is generated and given to the requesting app. It's this security token that the app uses to confirm your identity.

The main problem with biometric solutions is not that your fingerprints will be stored and transmitted. The problem is that 1. They can be faked out with photocopies or molds of your finger 2. There is no concept of revocation. If someone gets your password, you can change your password and effectively revoke the rights of the previous one. If someone gets your finger you can't revoke it. You have ten fingerprints and that's all you'll ever have.

@xxGBHxx: I don't think you read the article, since you missed "The only information the device shares with PayPal is a unique encrypted key that allows PayPal to verify the identity of the customer without having to store any biometric information on PayPal’s servers"