China Launches First Self-regulatory Convention for Facial Recognition in Payments Sector


China has seen the launch of the first self-regulatory convention in the country to govern the use of facial recognition technology by the payments sector.

On 21 January the Payments & Clearing Association of China (PCAC) issued the “Facial Recognition Offline Payments Sector Self-regulatory Convention (Trial)” (人脸识别线下支付行业自律公约(试行)) to its member institutions.

According to PCAC the purpose of the Convention is to “standardise application innovations in facial recognition offline payments; prevent facial recognition payments security risk, protect the rights and interests of member entities, and uphold the interests of the public.”

The Convention calls for all member entities to:

  • Establish full-life facial data security management mechanisms;
  • Uphold the principles of “user authorisation – minimum sufficient usage” at the collection phase;
  • Clearly notify users of the goal, method and scope for the usage of user information, as well as obtain user authorisation in order to avoid unnecessary collection;
  • During the storage phase, provide encrypted storage of facial data, and provide security walls between bank account numbers or the payment account numbers and the security numbers of users;
  • During the usage phase, vendors are not permitted to gather or copy facial data, in order to achieve end-to-end personal privacy protection.

Related stories

Union­Pay Does Not Ex­pect Fa­cial Scans to Re­place Ex­ist­ing Pay­ments Tech­nolo­gies

China Mer­chants Bank Launches Fa­cial Recog­ni­tion Pay­ments for En­ter­prise App

SPDB Uses Fa­cial Recog­ni­tion Tech­nol­ogy to Make Bank Cards Re­dun­dant