Viewpoint: Can Emojis Secure Mobile Payments?

By Casey Bullock, Worldpay Ecommerce

On July 17—the same date that’s displayed on the iOS Calendar emoji—billions of smiley faces, dancing twins, hearts, pizza slices and more were sent in honor of World Emoji Day. The third-annual celebration again raised awareness of a growing shift in the way people all across the globe communicate with one another online. Seventy-four percent of people in the U.S. regularly use stickers, emoticons or emojis while talking online, according to Swyft Media.

In addition to brightening text messages and tweets, the popular icons may soon serve a much more substantial purpose—authentication. It’s no secret that the required use of upper and lower case letters, special characters and numbers has helped improve the strength of online passwords. With that added security, however, comes a high degree of complexity that has made passwords increasingly difficult to remember.

As a result, users have turned toward insecure techniques—such as writing passwords on Post-It notes or saving them in unencrypted documents on their desktop computers—to avoid going through the trouble of constantly resetting forgotten passwords. Aside from placing passwords to social media channels or email addresses at risk, such practices can also compromise bank and card PINs, exposing users to serious financial fraud.

In an effort to capitalize on the growing prevalence of emojis while simultaneously enhancing security measures used to protect online accounts, several organizations— such as U.K. based company Intelligent Environments —have proposed incorporating the small icons into the online authentication process. Not only could the visual nature of character sets make it easier for users to remember passwords for accounts they rarely access, but emojis also might help users put up a better fight against fraudsters. In fact, there are just 7,290 unique combinations of four non-repeating numbers compared with roughly 3.5 million non-repeating unique combinations of the 44 existing emojis.

An Emoji is Worth a Million Passwords

But before substituting traditional passwords with a series of emojis, organizations should carefully consider the limitations of each access point they offer. Mobile devices such as smartphones and tablets provide users with quick and easy access to emoji keyboards. On the other hand, desktop computers do not. As such, organizations eager to introduce emojis would first have to decide whether to remove access points that don’t feature emojis or require users to create one password for mobile devices and another for their desktop. Also, businesses should determine if these passwords formats are a fit for their target audience. While the visual aspect of emojis can make them easier to remember, some emojis are harder to distinguish from one another than letters or numbers, so depending on how tech savvy users are this could be a potential pain point.

In any case, one thing remains clear—the mobile banking and e-commerce industries stand to gain a big boost from online authentication via emojis. As many as four out of five end users would use their mobile device for more transactions if overall security improved, according to a survey from Lunabee. Given the millions of unique password combinations made available by emojis, an authentication process that implements character sets could offer users the safety and security they crave.

Despite all of these potential benefits, a multitude of questions still remain. Are emojis the answer to online authentication? While they would most definitely reduce the number of passwords that are reset, emojis also could introduce the need to create different passwords for different devices. Striking a balance between the security and convenience offered by emojis is the key to developing a strong authentication process that users and organizations have long awaited.

Casey Bullock is General Manager, North America for Worldpay. Current responsibilities include managing all commercial personnel working directly with Worldpay’s clients in the North America region.  Prior to Worldpay, Mr. Bullock was vice president, general manager fraud solutions for Chase Paymentech, and focused on the creation and delivery of enterprise-class fraud prevention capabilities into the e-commerce marketplace.

In Viewpoints, payments professionals share their perspectives on the industry. Paybefore presents many points of view to offer readers new insights and information. The opinions expressed in Viewpoints are not necessarily those of Paybefore.