Facial recognition at Welcome Back Concert raises concern
PopPay shouldn’t be the only payment option for concerts at USC.
PopPay shouldn’t be the only payment option for concerts at USC.
This year, USC’s annual Welcome Back Concert featured one name that was not on the setlist: PopPay. The consumer payment system was advertised to students before and during the event — and signing up was the only way to purchase food inside the venue.
PopPay is an e-wallet product created by PopID that links a user’s facial features with their payment information, allowing transactions to take place seamlessly through facial recognition. The system boasts its low processing fees, contactless payment format and reduced transaction time.
In a statement to the Daily Trojan, PopPay wrote that it is “a paid sponsor of promotional events to market our products … So far our service has been received very well by students at USC and local merchants.”
For students at the event — without another option if they are hungry — signing up for a quick and easy new payment system that comes with the promotional “up to $10 off” slogan can seem like a no-brainer.
But for some, signing up for a facial recognition payment system was an unnerving request — I overheard one student say in passing, “I don’t like the idea of this whole PopPay thing.” And these concerns are not without reason.
While the company’s founder John Miller asserts that PopPay complies with even the strictest law in the United States regarding facial recognition data — the Illinois Biometric Privacy Act that allows individuals to sue companies over alleged violations and requires consent for data collection — there is always the possibility of a data breach.
PopPay does not receive direct access to user’s data; rather, it goes directly into a secure data vault and the company is provided with a unique identifying token that matches a user’s account. This system, which PopPay compared to Venmo and Robinhood in its statement, is similar to the process of paying directly with one’s bank information.
Yet Robinhood, a share-trading app, faced a data breach that included more than seven million customers’ personal data in 2021. And while Venmo has yet to suffer a breach itself, individual user accounts are regularly hacked, something that could pose a huge issue if it applied to PopPay — where facial images are at risk.
Leaked facial recognition data could pose an enormous risk to students, especially with the recent advancements in artificial intelligence technology. Recently, there has been a rise in widespread concern over deep fake pornography, which uses individuals’ faces to make digitally edited explicit videos, often without the individual’s consent.
The Hollywood strikes have also brought image use and AI to the forefront of minds as SAG-AFTRA members revealed that studios wanted to scan background actor’s faces for use as AI replicas in future work — while only being paid for the day’s work when their faces were scanned, leaving them uncompensated for any future use of their likeness.
Unless users take it upon themselves to request deletion or nondisclosure of their biometric data, PopID stores that data for three years after a person last uses their system. A breach of that data could be catastrophic, with real potential consequences of nonconsensual image use by AI.
“Our service must always be initiated by a user by either pressing an onscreen button or asking the cashier to use PopPay … Only then do we activate a camera or palm scanner to check your biometrics … We never perform any kind of passive recognition,” the statement read.
However, PopPay cannot necessarily regulate how businesses use their service: Lynzee Louden, a senior majoring in political science, said her face was scanned at a local donut shop that uses PopPay without her opting into the service or asking the cashier to use the payment method.
“I was just standing there, I actually wasn’t buying anything, but the iPads in there scanned my face … I didn’t click any buttons or anything,” Louden said.
While she said that to order something and complete the payment she would have had to press a button to opt in, the system recognized her face and displayed her previous purchase history without any explicit consent.
The choice to enroll in a private company’s system, especially one operating something as sensitive as facial recognition, should be one made freely — not one made out of necessity because alternative options are not being offered.
Vera Wang, a freshman majoring in economics, said she found the presence of PopPay at the Welcome Back Cconcert to be forceful.
“[It’s] slightly coercive, because you’re not really being given a choice between normal payment methods and using your face, which is a pretty intimate subject matter,” Wang said.
Louden said she signed up for the service in her first year on campus at a USC event where there was no other way to pay for food, but didn’t understand how the system worked.
“When freshmen are signing up for these things, they should know what they’re getting themselves into,” Louden said. “It’s definitely a little scary to think about.”
The USC Concerts Committee did not respond to the Daily Trojan’s request for comment.
The Concerts Committee owes students a reasonable alternative to participating in a private company’s payment system — it shouldn’t sacrifice students’ freedom of choice for a paid sponsorship.
CJ Haddad contributed to this report.
Click on the different category headings to find out more. You can also change some of your preferences. Note that blocking some types of cookies may impact your experience on our websites and the services we are able to offer.
These cookies are strictly necessary to provide you with services available through our website and to use some of its features.
We provide you with a list of stored cookies on your computer in our domain so you can check what we stored. Due to security reasons we are not able to show or modify cookies from other domains. You can check these in your browser security settings.
These cookies collect information that is used either in aggregate form to help us understand how our website is being used or how effective our marketing campaigns are, or to help us customize our website and application for you in order to enhance your experience.
If you do not want that we track your visit to our site you can disable tracking in your browser here:
We also use different external services like Google Webfonts, Google Maps, and external Video providers. Since these providers may collect personal data like your IP address we allow you to block them here. Please be aware that this might heavily reduce the functionality and appearance of our site. Changes will take effect once you reload the page.
Google Webfont Settings:
Google Map Settings:
Google reCaptcha Settings:
Vimeo and Youtube video embeds:
The following cookies are also needed - You can choose if you want to allow them: