Paying with a card or a smartphone is a matter of course. But what if we went a step further and paid for purchases with… the iris of the eye? Unbelievable? Not for the citizens of Wroclaw, who have been using Payeye service for a year.
Can these eyes pay? Probably… yes
There’s no denying that most of us see cash only on holidays, especially now that due to the pandemic it’s recommended to avoid passing bills and coins from hand to hand. Over the years we’ve become accustomed to using payment cards and smartphones, and this year the status of cashless and contactless payments has only strengthened. Polish start-up PayEye has seized the moment well and presented the effects of its work, which until recently could only resemble the creations of Hollywood screenwriters’ imagination with their finesse. The payeye application, which enables transactions using the image of the irises of the eye, was put into commercial use in the summer of this year and currently supports more than 60 stores and service outlets across Wroclaw.
How does it work?
Payeye payments are based on biometric techniques and use our inbuilt, unforgeable biological signature, which is the pattern on the iris. Its digital image is entered into the PayEye database at the time of account opening and each time a transaction is made it is compared with the customer’s eyes scanned by a special terminal. As you can easily guess, the camera used in the terminal cannot be found in any smartphone, not even in one with an iris scanning function. So there is no way to collect money with this method using a device other than the PayEye terminal. This is possible primarily due to the fact that the start-up from the beginning was determined to provide a comprehensive service for the entire process. Each client’s account is credited individually with a selected amount of money and functions independently of the banking systems. Everything remains under full control and at no stage does the data go outside the system, from registration to payment authentication.
Exciting innovation or exaggeration?
This is how visions of the future have all of a sudden become reality. Hearing about the original idea of a start-up from Wroclaw for the first time can give rise to mixed feelings of enthusiasm, curiosity and some apprehension. Which of them are justified? Let’s take a look at the biggest potential advantages and disadvantages of the payeye app.
Among the advantages, we can certainly include the complete seamlessness of making purchases or using services. In order to make payments, we don’t have to carry wallets, cards, watches or phones. Only our eyes are important – they are our password (the so-called payeye code), and its forgery is practically impossible. It is worth mentioning that the eye scanning process itself is not harmful to health in any way. It does not involve any irritating radiation, but only an image of good quality, which will be compared with the image from the database.
So it’s time to move on to the drawbacks. We have ruled out health concerns above, but what does it look like in terms of security? The biggest advantage of the system, which is the use of a unique code in the form of an iris, is also its disadvantage. The pattern on the iris is different for each person, but everyone has only one, so if someone managed to work it out, the system would become useless to us
Although it was proven in 2012 and 2017 that cracking a code based on biometric security is possible, it is at the same time insanely difficult and in its original form would not be effective in hacking PayEye’s system. Based on iris data, it is only possible to create a printout close to the user’s real eyes, but the payeye application simply does not allow us to pay remotely – the eyes of a specific person must be in front of the terminal, not printouts or photos. It should also be mentioned that the consents that PayEye customers give during registration do not allow the company to share the collected database with other institutions. This only confirms that the start-up’s priority is to build a fully secure service by creating a closed system.