Biometric payment kiosk in action
Featured project·7 min read·Apr–Aug 2022

Biometric Pay

Bringing biometric payments inside the company, without breaking employee trust or Korean PIPA.1 month, not 24.

Try this · the friction

Every dot below is one employee turning back at the cafeteria because they forgot their card.

incidents / day30

TL;DR

Problem

  • 30 forgotten-card incidents a day
  • 15 min lost each time
  • 7.5 hours of org-wide productivity gone, every single day

Strategy

  • Rejected card-network integration (24–36 mo)
  • Chose wage deduction (1 mo)
  • Separated DBs, required verification on every charge, built consent in from day one

Impact

  • 1,270+ hrs productivity recovered annually
  • 0 false charges
  • 99.9% authentication accuracy
  • Featured in YTN Science

Context

01. People left their physical credit cards
when going to the cafeteria.

Employees often forgot credit cards heading to the in-office robotic cafeteria. They were used to frictionless authentication everywhere else (mobile pay, face unlock, airport check-in), but the cafeteria still demanded a physical card.

  • ~30 incidents/day
  • ~15 minutes lost per incident
  • ~7.5 hours of org-wide productivity, daily

Before · the typical incident

  1. 1

    Heads to the cafeteria

    normal trip

  2. !

    No card on hand

    +5 min realize & queue out

  3. 2

    Walks back to the desk

    +5 min

  4. 3

    Returns to the cafeteria, with card

    +5 min

Wasted (steps !, 2, 3)15min× ~30 incidents/day = 7.5 hrs lost org-wide, daily

Opportunity

02. Biometric authentication removes the card entirely.

  • Always available, no card or phone
  • Familiar already; mobile, banking kiosks, airports
  • Right-sized for frequent, low-value internal payments

Challenge

03. Deploy biometrics for payments
without losing trust on the first false charge.

Infrastructure

Card-network integration would need 2–3 years and policy changes neither side controlled.

Trust

One false charge could permanently break confidence in the whole system.

Privacy

Biometric data demanded Korean PIPA compliance, explicit consent, and tight governance.

Key decision

04. Skip the card network entirely.

Time to ship · two paths

Card-network integration24–36 mo
Wage deduction1 mo

same user value · 36× faster

→ avoided external dependencies and policy risk

Instead of waiting on card-network integration, we deducted the cafeteria charge directly from each employee's wages, only after biometric verification at the kiosk.

This was only possible inside an in-house system. But it delivered the same user experience (cardless payment, one tap, one second) in a fraction of the time. It also forced the responsible choice we wanted anyway: biometric data couldn't leave the building, and verification had to be explicit.

ApproachProsConsDecision

Biometric + Card integration

industry standard path

  • Broad acceptance
  • Existing infrastructure
  • 2 to 3 year timeline
  • External policy lock-in
  • High cost
Rejected

Biometric + Wage deduction

in-house path

  • 1-month delivery
  • No external dependency
  • Forced privacy isolation
  • Only works in-house
Selected

How I built · trust-by-design

05. Four guardrails.

  1. Separated the biometric DB from the payroll DB.

    Only the employee ID crosses between systems. A breach in one couldn't compromise the other.

    How the data is isolated

    on-premise · encrypted

    Biometric DB

    • Palm vein template
    • Face template
    Employee ID onlyno biometric leaves this room
    existing HR system

    Payroll DB

    • Employee ID
    • Wages, role

    A breach in one couldn't compromise the other.

  2. Required an explicit verification screen before every charge.

    “You are [Name], purchasing [Item] for [Amount].” False payments became structurally hard, not just statistically rare.

  3. Established opt-in-only enrollment with 30-day deletion for inactive users.

    User agency was built into the data lifecycle itself, not just the onboarding flow.

  4. Implemented a False Acceptance Rate threshold tuned for payment security.

    Accuracy was budgeted by the trust requirement, not by convenience. The bar is higher when money moves.

The user flow · where the architecture becomes visible

  1. 1

    Registration

    Employees enroll palm vein + face biometric data at a dedicated booth (one-time, ~3 min).

  2. 2

    Authentication

    Scan biometric (palm vein OR face) at the kiosk.

  3. 3

    Verification

    Screen shows name + purchase + amount.

  4. 4

    Payment

    Purchase amount automatically deducted from monthly payroll.

  5. 5

    Confirmation

    Receipt shows the transaction. No additional steps required.

Cafeteria kiosk where biometric payment was deployed
The kiosk · cafeteria deployment
New user flow, enrollment and payment verification screens

Impacts

06. What it moved.

1,270 hours

Annual productivity recovered, org-wide15 min × ~30 incidents/day × 251 working days

0

False charges in year 1

at 99.9% authentication accuracy

2–3yr1mo

Development timeline reduction

card-network integration vs. wage-deduction path

99.9 percent

Authentication accuracy

at an industry-compliant False Acceptance Rate

YTN Science feature thumbnail

YTN Science · Korea

“Digital D.N.A.” Part 2 · Data.Network.AI. that makes money

YouTube · starts at 18:27 · Nov 2022

Watch the feature →

Key Takeaways

Responsible tech isn't about avoiding constraints. It's about reframing them.

The card-network timeline forced a wage-deduction architecture that turned out to be safer and more efficient than the original plan. The on-premise privacy requirement, originally a regulatory cost, became the trust differentiator itself.

Keep exploring

You just viewed: Biometric Pay

Next project

Quick Check-in

See how trusted biometric systems connected banks and airports.

Observatory

See how I grow everyday →

Monthly digests, side projects, and what didn't make the case studies.