China has introduced new security standards for facial recognition payments, targeting businesses including payment providers and equipment operators. The guidelines prohibit data processing and storage of facial recognition data without legal requirements, mandate stricter consent processes, and enforce minimal data collection. This regulatory action arises amidst heightened public concern over privacy and data security issues related to biometric technology.
China’s new cybersecurity standards require businesses using facial recognition payments to adhere to updated security protocols. Released by the National Technical Committee 260 on January 28th, these guidelines encompass payment service providers, facial verification companies, equipment operators, and venue managers, reflecting the government’s intent to regulate the growth of biometric technologies in commercial sectors.
As biometric systems proliferate in locations like hotels and supermarkets, public backlash has led to tighter regulations. The guidelines address facial recognition’s application in banking and payments, including ATMs and vending machines, highlighting the need for stricter oversight of biometric data use.
The new regulations forbid equipment operators from processing or storing facial recognition data unless legally mandated. Additionally, entities must implement robust consent processes and restrict data sharing while minimizing data collection for identity verification purposes. Personal Information Protection Impact Assessments (PIPIA) are mandatory for service providers.
These changes are prompted by rising privacy concerns and data breaches associated with biometric data collection. Previously, authorities in Shanghai ordered a halt to facial recognition payments at over 800 vending machines due to personal data violations, alongside a wider crackdown at various commercial locations.
China’s implementation of robust cybersecurity standards for facial recognition payments signifies a crucial step toward enhancing data protection and privacy. The regulations aim to mitigate misuse of biometric data, enforce stringent consent and data handling processes, and uphold citizens’ rights in the face of advancing technology. As concerns about biometric data security grow, these measures reflect a broader trend towards regulatory oversight in digital payments.
Original Source: www.biometricupdate.com
