All those years spent taking close-up pictures of your face might finally prove (more) useful. According to CNN Money, MasterCard is working on a new program that would allow cardholders to use selfies and fingerprints to authenticate the purchases they make online.

MasterCard currently uses a program known as “SecureCode,” which allows participating merchants to verify that a purchase is legitimate by asking cardholders to enter a supplemental PIN at the point of purchase. Presumably, someone who has swiped your card might have access to your important card numbers, but they aren’t going to know your PIN. When they go to buy something without it, the transaction won’t go through. (Assuming, of course, they’re buying from a place that actually uses SecureCode).

“The new generation, which is into selfies … I think they’ll find it cool. They’ll embrace it,” said Ajay Bhalla, who’s in charge of coming up with innovative solutions for MasterCard’s security challenges.

But passwords get forgotten, stolen, or intercepted. So, banks are following Apple’s lead. The iPhone’s fingerprint scanner started a security revolution in 2013. Apple Pay showed that customers are willing to use biometrics to prove their identity.

MasterCard will launch a small pilot program that uses fingerprints – but also facial scans. It’ll be a limited experiment involving 500 customers. But, once it works out all the kinks, MasterCard plans to launch it publicly sometime after that.

To pull this off, MasterCard said it has partnered with every smartphone maker, including Apple, BlackBerry, Google, Microsoft, and Samsung. The credit card company is still finalizing deals with two major banks, so it wasn’t ready to say whose customers will get this first.

How it works

You have to download the MasterCard phone app to use the feature.

MasterCard said a pop-up will ask for your authorization after you pay for something.

If you choose fingerprint, all it takes is a touch. If you go with facial recognition, you stare at the phone — blink once — and you’re done. MasterCard’s security researchers decided blinking is the best way to prevent a thief from just holding up a picture of you and fooling the system.

MasterCard said it doesn’t actually get a picture of your finger or face. All fingerprint scans will create a code that stays on the device. The facial recognition scan will map out your face, convert it to 1s and 0s and transmit that over the Internet to MasterCard.

Bhalla promised that MasterCard won’t be able to reconstruct your face — and that the information would transmit securely and remain safe on the company’s computer servers.

This makes some cybersecurity experts uncomfortable. They prefer that your data stay on your phone.

Credit CNN Money, PC Mag