Mitigating risk for hands-free interactions

What is claimed is: 1 . A method comprising: obtaining, by an access device comprising a point of sale terminal, a first biometric sample of a user, wherein the user and the point of sale terminal are at a merchant location; generating, by the access device, a first biometric template or a derivative thereof from the first biometric sample; transmitting, by the access device, the first biometric template or the derivative thereof to a mobile device, wherein the mobile device determines if the access device is an authentic access device; receiving, by the access device, a confirmation of a match between the first biometric template and a second biometric template on the mobile device; and conducting a transaction between the access device and the mobile device by the mobile device providing a credential comprising an account number to the access device, and generating and transmitting an authorization request message comprising the account number and a transaction amount to an authorizing entity computer which authorizes the transaction using the account number and the transaction amount, after the mobile device the user determines that the access device is authentic and is not a rouge device, wherein the determination that the access device is authentic comprises, transmitting an audio signal indicative of the authentic access device to the mobile device, wherein the mobile device determines that the audio signal is authentic before engaging in further interaction with the access device. 2 . The method of claim 1 , further comprising: transmitting, by the access device, a digital certificate to the mobile device, wherein the mobile device also determines that the access device is authentic using the digital certificate. 3 . The method of claim 2 , wherein the mobile device further determines that the access device is authentic by comparing a first geo-location of the access device in the digital certificate to a second geo-location of the mobile device and determining that the mobile device is proximate to the access device. 4 . The method of claim 1 , wherein the determination that the access device is authentic further comprises: receiving, by the access device from the mobile device, a challenge; signing the challenge with an access device private key to form a digital signature; and transmitting the digital signature to the mobile device, wherein the mobile device determines that the access device is authentic by verifying the digital signature using an access device public key. 5 . The method of claim 1 , wherein the derivative of the first biometric template is transmitted from the access device to the mobile device. 6 . The method of claim 5 , wherein the derivative of the first biometric template is an encrypted version of the first biometric template. 7 . The method of claim 5 , wherein the access device includes a beacon device. 8 . An access device comprising: a processor; and a computer readable medium, the computer readable medium comprising code executable by the processor to cause the access device to perform a method comprising, obtaining a first biometric sample of a user, generating a first biometric template or a derivative thereof from the first biometric sample, transmitting the first biometric template or the derivative thereof to a mobile device, wherein the mobile device determines if the access device is an authentic access device, receiving a confirmation of a match between the first biometric template and a second biometric template on the mobile device, and responsive to the confirmation, conducting a transaction between the access device and the mobile device by the mobile device providing a credential comprising an account number to the access device, and generating and transmitting an authorization request message comprising the account number and a transaction amount to an authorizing entity computer which authorizes the transaction using the account number and the transaction amount after the mobile device determines that the access device is authentic, and is not a rouge device, wherein the determination that the access device is authentic comprises, transmitting an audio signal indicative of the authentic access device to the mobile device, wherein the mobile device determines that the audio signal is authentic before engaging in further interaction with the access device, wherein the access device comprises a point of sale terminal at a merchant location. 9 . The access device of claim 8 , wherein the method further comprises: transmitting, by the access device, a digital certificate to the mobile device, wherein the mobile device also determines that the access device is authentic using the digital certificate. 10 . The access device of claim 9 , wherein in the method, the mobile device further determines that the access device is authentic by comparing a first geo-location of the access device in the digital certificate to a second geo-location of the mobile device and determining that the mobile device is proximate to the access device. 11 . The access device of claim 9 , wherein the access device further comprises a BLE station. 12 . A method comprising: receiving, by a mobile device, a first biometric template of a user or a derivative thereof from an access device, wherein the access device comprises a point of sale terminal, and the user and the point of sale terminal are at a merchant location; determining, by the mobile device, if the access device is an authentic access device; determining, by the mobile device, that the first biometric template and a second biometric template on the mobile device match; transmitting, by the mobile device to the access device, a confirmation of the match between the first biometric template and the second biometric template on the mobile device; and conducting a transaction between the access device and the mobile device by the mobile device providing a credential comprising an account number to the access device, and wherein the access device generates and transmits an authorization request message comprising the account number and a transaction amount to an authorizing entity computer which authorizes the transaction using the account number and the transaction amount, after the mobile device determines that the access device is authentic, and is not a rouge device, wherein the determination that the access device is authentic comprises, receiving an audio signal indicative of the authentic access device, wherein the mobile device determines that the audio signal is authentic before engaging in further interaction with the access device. 13 . The method of claim 12 , wherein the derivative of the first biometric template is received by the mobile device. 14 . The method of claim 13 , wherein determining that the first biometric template and the second biometric template match comprises comparing encrypted versions of the first biometric template and the second biometric template. 15 . The method of claim 12 , wherein the first biometric template is derived from a facial image, a fingerprint, or a retinal scan. 16 . The method of claim 12 , further comprising: receiving, by the mobile device from the access device, a digital certificate, wherein the mobile device further determines that the access device is authentic using the digital certificate.