Slashdot Mirror

← Back to Stories (view on slashdot.org)

Kroger Testing Fingerprint Payment System

Posted by timothy on from the keep-them-secret-keep-them-safe dept.

MachineShedFred writes "CNN is reporting that The Kroger Company is testing the use of fingerprinting as means for payment at grocery stores. The article says that it has been well received by both college students and seniors. I, for one would love to see this rolled out to all of Kroger's stores, which include Fred Meyer, Ralph's, QFC, Fry's Marketplace (not the electronics stores), and others; however I'm sure some /.-ers will have privacy concerns as well as law enforcement cooperation issues..."

16 of 412 comments (clear)

  1. Buying Rubbers & Posting to Slashdot by Anonymous Coward · · Score: 4, Funny

    I'll take "Things that don't happen for $1000 Alex"

  2. Not to mention what happens if by Choco-man · · Score: 5, Interesting

    You cut or burn your fingers.

    It's well hashed out how easy it to to fool fingerprinting biometrics, so let's not have at that again. It's a neat concept, but flawed system. To easy to fool and not bulletproof enough to allow for every day accidents that happen in the kitchen (heaven help me if i cut my finger cutting veggies AND burn it on the stove..)

  3. Finger Print? by Anonymous Coward · · Score: 4, Interesting

    I just got an HP iPaq 5450 with biometric fingerprint reader. I thought the finger print security feature was pretty sweet until I let my brother try it. After 4 finger swipes, it let him through thinking it was me.

    I doubt Kroger will use the same technology, but still cause for concern. Is fingerprint scanning technology really ready for mainstream use?

  4. great.... by eyeball · · Score: 4, Funny

    Now someone will steal my thumb instead of my wallet.

    --

    _______
    2B1ASK1
    1. Re:great.... by theLOUDroom · · Score: 5, Interesting

      Exactly.

      Anyone ever see the movie Demolition Man?
      There's a scene in it the explains very simply why biometric authentication is a bad idea:

      Snipes, needs to bust out of this high-tech future prison, but they have a retinal scanner on the door, so he just takes the eye of some guy he just killed, stick it on a pen and holds it in front or the scanner.

      No thanks. I'd rather be able to surrender my credit card to a mugger and then make a phone call and have the account shut down. If everything goes biometric I have to be a hostage, or loose a body part for them to get what they want. And then...

      What do I do if someone "steals" my fingerprint? I can't exactly go get new ones and shut the old ones down, now can I?

      There are lots of other good reasons why this isn't such a wonderful idea, either. I can send my girlfriend out for a pizza with my credit card, but not if everything is fingerprint based. Then there's the false positive/negative rate problems, the what happens if you hurt your thumb problem, etc. And I don't think I'll even get started on the privacy concerns here.

      The next "credit card" type of system we need, is one where the cards themselves have computers in them and all transactions use encryption. When someone asks me for $5 I can give them an encrypted message for my bank authorizing a one-time transfer. Then I don't have to trust them not to overcharge me (right now they can say they're charging you $5 and charge you $500), or to keep my number safe from 133thaX0rs (see ford for an example of this problem).

      --
      Life is too short to proofread.
  5. Good idea by andyring · · Score: 4, Interesting
    In theory, this is a good idea, I think. Looks like ./ covered this back in May. That post also describes a way to fool it with gelatin. Another submission talks about Thriftway stores doing this back in April. And, back in Oct. 2001 a post described use of fingerprint IDs on Acer laptops.

    So, this is really nothing new, but it looks like this may be one of the larger rollouts of such technology. Really no different (from a practical standpoint) than things like automatic toll booths or Mobil's Speedpass method of buying gas, although fingerprints would be inherently more secure. If we had Kroger stores around here, I'd be willing to sign up, but I don't think they have a presence in Nebraska, at least not in the Lincoln area.

  6. some? by Jonny+Ringo · · Score: 4, Insightful

    however I'm sure some /.-ers will have privacy concerns as well as law enforcement cooperation issues

    SOME! Shit I already have a problem with the current system. Every time I get asked if I have one of their cards for "saving", I just say "Sorry, I don't join cults"!

  7. There are alternatives by Night+Goat · · Score: 5, Insightful

    I imagine they will have alternate forms of payment, to prevent themselves from being hit with an "Americans with Disabilities Act" lawsuit. People without arms or hands would be rightly able to sue the grocery store. I don't see credit card readers or checks being refused in the future.

  8. Which finger? by rknop · · Score: 5, Funny

    The folks at the Kroger closest to where I live are very unfriendly and frequently downright nasty. I hate to think what the work environment must be like for everybody there to want to lash out at anybody who comes into the store... as a result, usually my wife and I drive a bit further to go to a different store.

    But, if given the option of using my finger to pay, I might go back to the mean Kroger, if I had the option of choosing which finger I got to stick out at them when paying....

    -Rob

  9. Re:Sounds Good; Ban Little Plastic Bags Next by drDugan · · Score: 4, Interesting

    in genl, i'd agree

    one problem I see as we push forward with the "if you have concerns, use cash" is that after some time, it will be suspicious to protect your privacy. People who use cash will be singled out for scrutiny simply be not conformign to the technology that enables scrutiny.

  10. obvious security concerns by drDugan · · Score: 5, Informative


    Customers can register for the voluntary program by presenting a drivers license, an index finger and a method of payment -- either credit card, debit card or electronic check

    The concern I have is whether random company X will be smart enough to protect payment methods data and fingerprint data, both (most likely) linked to personal info.

    A relative worked in a co for a few years back that implemented the software to get supermarkets to accept CCs. The implementations always prevented the merchant from keeping/tracking the payment info. I think this intentional (data anyone?) on the part of the CC companies -- and it's why supermarkets use the 'bonus cards' 'rebate cards' etc. instead of just tracking your purchases with which CC you use. The supermarkets typically don't keep the cc numbers/ name etc. after purchase is complete (I think).

    Regardless -- Under this new system, KROGER has to use/implement some IT system that tracks all the users payment methods and prints. While Kroger may do this fine, the assumption is that any company that wants to implement this kind of system, has to either implement or access a (possibly centralized) repository of fingerprint payment method mapping DB, with personal data. This is an enormous hacking target. I work under that assumption that anything that people access can be hacked, and therefore people should alway weigh the benefit of putting datasources together that create a risk for being stolen.

    While that arguement does not really apply for one company, as more and more companies start to do this, the question becomes will the systems be secore enough to justify the benefits and costs?

  11. Worried about the cards? Make yours a co-op. by Akardam · · Score: 4, Informative

    That's right. Most stores, you don't even need the actual card. You just key in your phone number. So setup a card with someone's phone number (it doesn't even need to be a valid number), and give it out to all your friends. The more it is used, the more you get savings, and if you give it out to enough people, the demographics become to skewed to be of any use.

    *shrug* It's what me and my family do, and we don't seem to have any problems with using it.

  12. Snake Oil by MenTaLguY · · Score: 5, Interesting

    Such a system relies on two major assumptions:

    • Your finger is unique and physically secure (hopefully true)
    • There's no "your finger" equivalent that someone could use (patently false and hopelessly naive)

    The problems with such a system:

    1. It's easy to falsify. It's actually almost trivially easy to fool a fingerprint reader and fake someone else's fingerprint. (note that the type of gelatin Matsumoto used is seaweed based -- a little stiffer and a bit different than what we use in the states, but I'm sure you can find it here in an asian grocery store or similar)
    2. It's not verifiable. There is no challenge-response method possible with your finger to verify that it's even your finger, unless you want to add an embedded subcutaneous microchip, as in a smart card (but then why a fingerprint at all?). Worse, no such system actually checks your fingerprint; it computes a numeric hash of some sort from key features. Any hackery that can get you into the system behind the fingerprint reader means you just use the numeric hash (VERY easy to copy!) instead of a fingerprint. Consequently, it's no more secure than a credit card number in this respect.
    3. It's not unique. Two words: hash collisions. Not such a big deal for authentication, but a real problem for identification.
    4. It's not revokable. Given the above, if someone steals either your fingerprint or its hash, it's not like you can just get a new one, like you can a credit card number. You'd better hope the system at least allows you to switch to a new finger (and hope you don't run out of fingers). In the worst case, then, it's actually LESS secure than a credit card.
    --

    DNA just wants to be free...
    1. Re:Snake Oil by pesc · · Score: 4, Informative

      And:

      5. Your fingerprints are not secret. You are leaving thousand copies of them daily on objects you touch. Combine this with item 1.....

      --

      )9TSS
  13. Re:Nightmarish abuse by ceejayoz · · Score: 4, Insightful

    They're not? The government can easily track your movements by tracking your credit card purchases. If you use your credit card in a Florida gas station, it's a pretty safe bet that you were in Florida at that time.

    Criminals have been caught by the FBI tracking their credit card trail. It's helping in the D.C. sniper cases, too.

    Sounds like you've already accepted a tool that lets the government track your every move, and you don't even have to wait 30 years for it!

  14. Re:Fraud? by plover · · Score: 5, Informative
    The gummy fingerprints defeated all the live finger detection systems handily.

    The gummy mold is just an ordinary photo-etched copper-plated printed circuit board. (I made lots of them when I was a kid from stuff I bought at Radio Shack.) Take a photo of a fingerprint. Make a full size transparency of it. Expose the photosensitive circuit board using the transparency as a mask. Etch the circuit board. Pour ordinary hot liquid gelatin over the board in an even (3 mm or so) layer (the original paper gave a recipe, but you should be able to use any old recipe for "Knox Blox". It's just ordinary gelatin mixed with boiling water.) Harden it in the refrigerator. When it's time to use it, simply cover the tip of your own finger with the sheet of gelatin.

    It passes live tests easily. The thin layer of gelatin is almost invisible. It's transparent, so your own skin shows through. It's conductive: it has a moisture content similar to your own body. And it's warm: your body heats up 3mm of gelatin quite rapidly.

    And once you pass through the scanner, you just lick your fingertip and the evidence is gone.

    Extensive testing of this was performed against eleven different fingerprint scanners earlier this year. EVERY TESTED SCANNER ACCEPTED THE GUMMY FINGERS, including those advertising "live and well detection", with acceptance rates varying between 65% - 100%. John Young's website has a copy of the paper here.

    Biometrics, in general, are not sufficient for high security. They work best only in conjunction with other security measures.

    --
    John