As Chinese embrace the use of facial recognition for mobile and offline payments, an industry group issued self-discipline guidelines to prevent related risks, reported Caixin.
The guidelines, released Monday by the Payment & Clearing Association of China, outline several principles that payment process providers should follow in the use of facial recognition, including user consent and collection of minimal information.
The guidelines stress that users’ facial image information should be stored in an encrypted way and separated from users’ other information such as bank account numbers and identification numbers. Merchants and other payment-receiving parties must not keep users’ facial image information.
Disputes often arise over data retention in the use of facial recognition, said Wang Xinyue, a senior partner at Beijing law firm Anli Partners. Based on the guidelines, licensed financial institutions should sign agreements with merchants and other payment recipients to restrict keeping of users’ facial image information by intermediary parties, Wang said.