For decades, four digits were enough to validate withdrawals, purchases and payments in Portugal. The PIN has become an automatic gesture, almost invisible in everyday life. This model, however, is starting to be called into question by a technology that does not require codes, keyboards and memorization: biometrics incorporated directly into the bank card. It is being tested in France and its impact could reach, sooner or later, the Multibanco system.
The change is neither theoretical nor distant. In several European countries, real tests are already underway with cards that replace the PIN with the holder’s fingerprint, maintaining the current logic of use but changing the authentication method.
According to , a website specialized in technological information, which cites Thales, a French multinational specialized in payment technologies and digital security, three of the largest French banks, BNP Paribas, Crédit Agricole and Société Générale, are involved in pilot projects with biometric cards. Authentication is carried out on the card itself, using an integrated fingerprint sensor, eliminating the need to enter any code into the terminal.
No keyboard and no battery
At first glance, the solution raises a practical question: how can such a thin card power a biometric sensor without a battery? The answer lies in the functioning of ATM and payment terminals. The electromagnetic field generated when the card is inserted or held close provides enough energy to temporarily activate the fingerprint reader.
The process is fast and local. The user places their finger on the card’s sensor and, in milliseconds, the internal chip compares the impression with the one recorded when the card was issued. If there is a match, the operation is authorized. Otherwise, it is refused, without the terminal receiving any biometric data.
Off-network fingerprinting
One of the central points of this technology is the way data is processed. The fingerprint is not sent to the bank or stored on external servers. It is only stored in the card’s secure chip, in the form of a mathematical model, inaccessible to third parties.
This detail is relevant in a context in which cases of fraud associated with social engineering and the improper disclosure of PINs continue to emerge, including in schemes linked to MB Way. With local biometric authentication, obtaining a card is no longer sufficient to make payments.
The weaknesses of the current model
The current system already reveals known limitations. Contactless payments below certain amounts do not require any validation, which allows for multiple transactions if the card is lost or stolen. The PIN, on the other hand, can be observed at ATMs, recorded by hidden cameras or obtained through fraudulent contacts.
In the biometric cards being tested, the first attempt to use it without the correct fingerprint automatically fails. There is no alternative code to explore, no room for repetition.
And in Portugal?
There is, for now, no official timetable for the adoption of this technology in Portugal. Still, the European framework makes the scenario plausible. The Multibanco system is often cited as one of the most advanced and integrated in Europe, and Portuguese consumers have demonstrated, in recent years, a rapid adoption of digital payment solutions.
According to the same source, the evolution of biometric cards is part of a broader strategy of European harmonization of payment systems, where security and user experience are treated as common priorities.
When they reach the market in a widespread way, these solutions could transform the PIN into a vestige of another era, discreet, effective for decades, but progressively dispensable in an increasingly biometric ecosystem.
Also read:
