Biometric Cards

Biometric Payment Cards

Biometric payment cards with on-card fingerprint verification for contactless transactions: architecture, EMVCo specs, and pilot results.

| 4 min read
  1. Biometric Payment Cards
  2. EMV Biometric CVM
  3. Transaction Flow (Contactless)
  4. CVM Fallback
  5. Mastercard and Visa Pilots
  6. Personalisation and Enrolment
  7. Regulatory Considerations

Biometric Payment Cards

A biometric payment cardbiometric payment cardBiometricPayment card with built-in fingerprint sensor replacing PIN.Click to view → replaces the PIN entry step of a chip-and-PIN transaction with an on-card fingerprint match. The cardholder's fingerprint template is stored in the card's secure element; the sensor captures and matches the live fingerprint entirely on-card during the payment tap — no biometric data is transmitted to the terminal or the bank.

Mastercard launched its biometric card specification in 2017; Visa followed with its own programme. By 2024, over 20 banks across Europe, Asia, and Africa had completed commercial deployments.

EMV Biometric CVM

The EMV standard defines Cardholder Verification Methods (CVMs) as prioritised lists evaluated during a transaction. Biometric cards introduce a new CVM value: Biometric Verification on Card (CVM code 0x1E).

CVM list on a biometric payment card (typical):

Priority CVM Condition
1 0x1E Biometric on card If terminal supports it
2 0x02 Online PIN If terminal is online-capable
3 0x01 Offline PIN (plaintext) If not unattended
4 0x1F No CVM required If amount ≤ floor limit

When a terminal presents the card with a transaction, the biometric CVM is selected. The card activates the fingerprint sensor; the cardholder places their finger; the card returns the match result as a CVM result byte in the subsequent GENERATE AC response.

Transaction Flow (Contactless)

Terminal                          Biometric Card
   │                                    │
   │── SELECT AID (EMV) ───────────────►│
   │◄── FCI (AID confirmed) ─────────── │
   │                                    │
   │── GET PROCESSING OPTIONS ─────────►│
   │◄── AIP (biometric CVM supported) ──│
   │                                    │
   │── READ RECORD (CVM List, etc.) ───►│
   │◄── Records including CVM list ─────│
   │                                    │
   │  [Cardholder places finger]         │
   │  [On-card match: FAR < 0.001%]      │
   │                                    │
   │── GENERATE AC (ARQC) ─────────────►│  ← biometric result embedded
   │◄── Signed ARQC + CVM result 0x1E──-│
   │                                    │
   │── Online authorisation to issuer ──►│
   │◄── Approval / decline ─────────────│

CVM Fallback

If the biometric match fails or the cardholder's finger is not enrolled, the card falls back to the next CVM in the list. In practice:

Fallback Scenario Behaviour
Finger not recognised (FRR) Card returns CVM failed; terminal steps to PIN
Sensor obscured / dirty Sensor returns failure; same fallback path
Card not enrolled CVM list skips biometric; goes directly to PIN
Contactless low-value Biometric skipped; No CVM applied below floor limit

Importantly, fallback to PIN does not reveal whether biometric was attempted — the terminal treats it identically to a non-biometric chip card.

Mastercard and Visa Pilots

Programme Region Issuer Notes
Mastercard Biometric Card South Africa Absa Bank 2017, first large-scale pilot
Mastercard Biometric Card Europe BNP Paribas 2019, contactless focus
Visa Biometric Card UK NatWest 2020, dual-interface
Mastercard Biometric Card Asia-Pacific Bank of Singapore 2023, metal card variant
Mastercard Biometric Card Middle East ADIB 2024, Islamic finance segment

Personalisation and Enrolment

Biometric payment cards require an enrolment step to capture the cardholder's fingerprint template. Two models exist:

  1. In-branch enrolment: Bank staff operate a certified capture device; template is loaded via card personalisation machinery during production.
  2. Self-enrolment: Card ships unenrolled; cardholder enrols at home using a provided USB reader or a paired smartphone app. See Biometric Enrollment.

Both models store the template exclusively in the card's secure elementsecure elementSecurityTamper-resistant hardware for secure operations.Click to view → — the bank retains no biometric data after personalisation.

Regulatory Considerations

Region Relevant Regulation Biometric Implication
EU GDPR Article 9 Biometric data = special category; consent required
EU PSD2 / EBA SCA Biometric qualifies as inherence factor for SCA
US CCPA / Illinois BIPA Biometric identifiers; retention limits apply
Global EMVCoEMVCoStandardBody managing EMVEMVApplicationGlobal chip payment card standard.Click to view → payment standards.Click to view → Biometric Spec Technical requirements for card certification

Because the template never leaves the card, GDPR's accountability requirements apply to the enrolment process and the consent documentation — not to ongoing storage at the issuer's data centre.

For the underlying matching technology, see Match-on-Card Technology. For a broader view of the biometric card market, see Biometric Smart Cards Overview.

常见问题

Our guides cover a range of experience levels. Getting Started guides introduce smart card fundamentals. Security guides address Common Criteria certification and key management. Programming guides target developers working with APDU commands, JavaCard applets, and GlobalPlatform card management.