Authentication is "Something you have / know / are." A simple plastic credit card + PIN provides the first two, including a photo provides the third "something you are". A face is more often checked than the readily forgable signature, in live authentication. But as cameras become ubiquitous (e.g., in cell phones) some extra security could be obtained for *remote* authentication by sending a trusted photo of the account holder plus a live picture of the card user. A picture glued into the card could be forged, but a smartcard (with more data area than a magstripe) could include a picture of the account holder, so a thief has no idea what to look like. But the vendor can check the encrypted smartcard face to the face on the phone or webcam. For high-value remote transactions, where you pay someone to check faces, this might be viable in a few years. In a few years after that, machines might be able to check faces more cheaply, as reliably. The live face-check with embedded digital photos is already standard practice on high-security building-entry cards (and passports?), with the guard comparing the card-embedded face to the one before him. Ubiquitous cameras will bring that face-check to remote transactions, reducing cost due to lower fraud. Thoughts?