Slashdot Mirror
Ready or Not, Biometrics Finally in Stores
cancer4xmas writes: "It's very exciting to see USA Today's Technology front page saying, "Will that be cash, fingerprint or cellphone?" They're running a story on emerging biometric devices being the most fundamental change in personal finance since 1950, when the credit card was introduced. The concept is now being tested in some stores. Check out the full story." Now couple that tidbit with this morsel from wherley: "In a letter [scroll down a bit] to Bruce Schneier's Cryptogram newsletter, Ton van der Putte tells of a recent invitation from the BBC to comment on the addition of fingerprint biometrics to the British ID card. Using a digital camera and UV lamp he was able to make dummy fingerprints that fooled the readers - and in less time and less cost than similar experiments 10 years ago. He says: '...now the average do-it-yourselfer is able to achieve perfect results and requires only limited means and skills.'"
How long before theives chop off people's fingers and buy stuff with it? It's not like you can be reissued a new fingerprint.
Prevent email address forgery. Publish SPF records for y
I remember I read awhile ago in some magazine how BMW had the technology to use biometrics in place of keys. The reason they didn't was that someone brought up this idea.
Carjacker + knife + need for your finger = not a pretty scene.
That's kind of kept me off of Biometrics for awhile. Now where'd my tin foil hat go...
Etiquette is etiquette. He kills his mother but he can't wear grey trousers.
As someone working in biometrics and algorithm development, I would personally like to BEG the press to stop with the awful articles.
Almost every article says the same thing, makes awful assumptions, comments on the privacy issue, and generally screws the pooch.
Misconceptions and overhype can kill technologies for years....
Good: ATMs, airline ticket kiosks. These save time. They augment, rather than replace, the capabilities provided by humans.
Bad: Home Depot, most grocery store self-check kiosks. These invariably replace human checkers, so now I get to stand in line behind a dumb-blonde soccer mom, some kids goofing with the hardware, and an 85-year-old dude whose idea of high technology is the five-transistor radio. These waste my time.
I hope we all realize that it's pretty easy to create a fake credit card too... probably easier. No, wait - I hope we don't all realize that.
M@
Krispy Cream is people
The system in this article is voluntary, and that's great. So long as it's only volutary, I'm all for this.
One potential problem becomes what's "voluntary" soon becomes mandatory. We might as well learn from history. Two specific examples from US history:
(1) The Social Security Number was ~never~ supposed to be used as any kind of central identification number. Now, no one knows who I am without it. I would gladly dump my social security "promises of benefits" to not have a social security number.
(2) To get a driver's license in the state I moved to, I had to give a thumbprint. I've never had fingerprints taken before in my life.
Are we safer as a result? All I know is that now my identity can be more easily tracked by central governmental organizations and those with sufficent access privileges, despite my wishes.
Technology is a tool, not a solution. Just like a hammer, it can be used for much good, but it's easy for those in power to convert it into something pretty sinister. If it's all the same, I'll keep my ATM card. It's a lot easier to change my bank account number than my fingerprint or eyeball.
Ofcourse people will be able to make fake prints or find ways to circumvent the biometric system. But, what system is fully flawless? The best thing to do would be to start using biometrics without 100% reliance on them till we are confident enough and experienced enough to stay ahead of the criminals in preventing misuse. Transition will be a pain for some time, but once the system has established itself, it will make our lives much easier.
New year Resolution: Don't change sig this year
Since that bloke showed how to use gelatine to fool a fingerprint machine, how long before jello becomes a controlled substance?
Engineering is the art of compromise.
I've thought about this for awhile, and I am thinking:
Why don't people just cut off their fingers and trade them as a commodity? Each finger is access to a different system...
For instance, if I work for a bank, but I want to get a vacation cheap, I just trade a finger with my buddy who works for some airline. He does what he wants with my bank, and I get the plane tickets I need to get away from this country.
The only problem is, if I want 10 things at once, how do I access the system without any fingers?
Maybe they should sell voice-recognition software with it.
Talk about giving someone the finger, geesh.
Karma Whoring for Fun and Profit.
Using a credit card typically requires a signature to match against the one on the card's back. Using an ATM/debit card requires a numerical code to match with the bank's records. Are biometrics really a good replacement for the card, or would they be a better replacement for the signature or ATM code? As there will be a secondary piece of ID anyway, why tie up the fingerprint with all the bank info, when the print could be just tied to the ID?
Intellectuals! Liberals! Peacemongers! IDIOTS!!!
Using a digital camera and UV lamp he was able to make dummy fingerprints that fooled the readers - and in less time and less cost than similar experiments 10 years ago. He says: '...now the average do-it-yourselfer is able to achieve perfect results and requires only limited means and skills.'"
This is the whole problem with market driven products as opposed to product driven products. Companies rush to produce a product and get it to market to capture some degree of market share even though their product may suck. We have endured years of this under the Microsoft paradigm in that Microsoft advertises years in advance what products they are going to produce, sets a time-line, and then by-god the products will ship by that date. Never mind the quality. I much prefer Apple's way of doing things in that they do not talk about what they are doing, and they then ship a product when it is done. Meanwhile the rest of the computer industry is busy copying Microsofts strategy and the quality of software for the most part is slipping down the tubes.
Products such as biometrics especially needs to be completely wrung out to determine if it can be faked. They did not, it can be, but what do you bet they take it to market anyway?
Visit Jonesblog and say hello.
The top rated comment in this thread will be "Score:5, Funny." How predictable...
Tcl my Pico! There are 10 kinds of people in the world: Those who understand binary, and those who don't.
Reading through the responses to this technology, it seems that several issues are being addressed/readdressed:
1) Mandatory tagging of criminals - There seems to be a fundamental difference between tagging someone as part of their sentence and tagging someone after their sentence has been served (eg, after release from prison). The latter seems a dangerous trend since it indicates that the punishment for certain crimes may change in an arbitrary fashion, even *after* a criminal has served their time and been "rehabilitated" by societal punishments.
Granted, some crimes are heinous and deserve drastic punishments, but punishments should be known at the time of sentencing. Make the punishment as harsh as is warranted (eg, death sentence or consecutive life sentences effectively ensures that an offender never returns to society), but once a punishment has been fulfilled , no additional arbitrary punishments should be levied. Being unable to agree on what the rule-of-law is at the time of sentencing is very bad. A rule-of-law which is not transparent and clear is not a rule-of-law.
2) RFID technology is good|bad - Anyone who has spent their life thinking about technology knows that technology itself it neither our damnation nor our savior. It is amoral and merely a tool created and used by humans to leverage our ideas.
However, history has shown that we have a penchant for killing each other over issues with no obvious resolution (eg, Who's God is better, Who's skin color is better, etc). Technology just speeds up the process of letting us work out our differences, and, when that fails, subjugate/maim/torture/kill the enemy when they it is obvious that they will not take on our point of view.
3) The posters are "anti-technologist fear mongers" - since this crowd is generally very technology savvy, it is probably more likely that you misunderstand the message being articulated. People on Slashdot certainly seem to get more worked up that your general everyday nongeek citizenry. But that is likely because of the "slippery-slope" issues that are addressed. Looking at how humans use and misuse technology to abuse each other, it is often clear to those with a background in technology what form the abuses could take. Generally, it seems that humans eventually arrive at a solution better for everyone (eg, more tolerant), but only after a more short-term period which exploits the technology to the severe disadvantage of an unfortunate minority.
BTW, although annoying that the article is not based on RFID technology, that hardly matters in the grand scheme. GPS, RFID, biometrics, DRM, etc. are all just technologies. They have amazing potential for benefit of societies. But unless the potential for human-rights abuse is acknowledged and carefully monitored, things will get very bad before things get better.
No technology is without potential for abuse. Period.
The linux hacker
If you shop in a store that uses biometric check-out equipment, refuse to use it and SAY SO. Tell the checker. They probably don't care, but if they hear it often enough, the meme will spread. Tell the person in line behind you. If you are not too lazy, tell the store manager that you refuse to use the equipment and that you will either stop shopping at this store or, at least, prefer to shop at stores that don't use this equipment.
Now is the time to speak up against Big Brother. It's easier to prevent this technology NOW than after it has become an entrenched standard.
cpeterso
Well now the government has your fingerprint the Feds can watch you easier. "Fux just bought a Coke at the Seven Eleven"!
Engineering is the art of compromise.
Or, I could pull out my credit card, which occupies the same space in my wallet as the required ID, and make my payment without signing up for anything or introducing new privacy concerns. On top of that, my credit card gives me 1% cash back.
I think consumers are going to do the math on this one and figure it's not worth the hassle. Sounds like the incentive is mostly for the store to avoid the credit card fees.
They used thumbprint scanners to open the doors in the movie.
I'm gonna run over to the cafe 80's.
-H
--- #@$DF@#2%@^%3^&*$%FRHG%%[NO CARRIER]
when the Federal Reserve call its quits and burns all the cash, and this BIOmetrecs becomes mandatory and is extended to force people to take a radio ID chip either in the hand or forehead i think i will just pack a backpack and head for the hills to watch civilisation crumble from a distance...
Reading through the responses to this technology, it seems that several issues are being addressed/readdressed:
1) Mandatory tagging of criminals - There seems to be a fundamental difference between tagging someone as part of their sentence and tagging someone after their sentence has been served (eg, after release from prison). The latter seems a dangerous trend since it indicates that the punishment for certain crimes may change in an arbitrary fashion, even *after* a criminal has served their time and been "rehabilitated" by societal punishments.
Granted, some crimes are heinous and deserve drastic punishments, but punishments should be known at the time of sentencing. Make the punishment as harsh as is warranted (eg, death sentence or consecutive life sentences effectively ensures that an offender never returns to society), but once a punishment has been fulfilled , no additional arbitrary punishments should be levied. Being unable to agree on what the rule-of-law is at the time of sentencing is very bad. A rule-of-law which is not transparent and clear is not a rule-of-law.
2) RFID technology is good|bad - Anyone who has spent their life thinking about technology knows that technology itself it neither our damnation nor our savior. It is amoral and merely a tool created and used by humans to leverage our ideas.
However, history has shown that we have a penchant for killing each other over issues with no obvious resolution (eg, Who's God is better, Who's skin color is better, etc). Technology just speeds up the process of letting us work out our differences, and, when that fails, subjugate/maim/torture/kill the enemy when they it is obvious that they will not take on our point of view.
3) The posters are "anti-technologist fear mongers" - since this crowd is generally very technology savvy, it is probably more likely that you misunderstand the message being articulated. People on Slashdot certainly seem to get more worked up that your general everyday nongeek citizenry. But that is likely because of the "slippery-slope" issues that are addressed. Looking at how humans use and misuse technology to abuse each other, it is often clear to those with a background in technology what form the abuses could take. Generally, it seems that humans eventually arrive at a solution better for everyone (eg, more tolerant), but only after a more short-term period which exploits the technology to the severe disadvantage of an unfortunate minority.
BTW, although annoying that the article is not based on RFID technology, that hardly matters in the grand scheme. GPS, RFID, biometrics, DRM, etc. are all just technologies. They have amazing potential for benefit of societies. But unless the potential for human-rights abuse is acknowledged and carefully monitored, things will get very bad before things get better.
No technology is without potential for abuse. Period.
Now I can truly say my hands are worth something.
MY SECRET DIARIES
Exactly! No system can be flawless. There is always a way around security, that way can always be fixed after it is found, and then there will always be another back door. It is kind of like a demented version of the addage: "When a door closes, a window opens."
Save Sam and Max!
Just like all that new age stuff that said this type of technology would be used in an evil anti-christ's plans to take over the world, under the guise of good. But then again, are you seriously going to believe stuff printed in the 1980s? Windows 95 wasn't even out then.
Obviously the above is sarcastically said to make a point.
Well, quite a long while I would think. I would imagine that the teenage checkout person at the supermarket would scream bloody murder at the sight of you using a severed finger, getting blood all over the biometric scanner. I can see it now:
"Paper or plast-- AAAAHHHHHHHH!"
Not exactly the most effective scam to try.
Its kind of scary that a fingerprint is so easy to forge. It would be so simple to wipe out someone's life savings.
I would have expected banks to adopt this technology only after it has been widely proven to be secure. Instead they are the guinea pigs risking your money. Something's wrong with this picture.
I'm glad I didn't have an account there. Would your money be federally insured if it were stolen by a forged fingerprint? How could you prove it was a forgery (assuming the forger hid his face from the camera above the ATM)?
Many people are more worried that Pepsi knows they bought a coke at Seven Eleven.
"What?! Another 27 coupons for $0.25 off a 32oz Pepsi at the QuikEmart? Damn you Pepsi Corporation!!! Damn you to hell!!"
It only works as a meme if you have a snappy soundbite-style reason for refusing. A five minute discourse on privacy will not sufficiently impress the person behind you in line to "infect" them with the meme you're describing.
Got one?
I was with a group that evaluated biometric authentication as a primary systems. The primary flaw that was pointed out that no one seems to really talk about is, what if someone compromises the key server? In a traditional authentication system, you simply change your keys. Since in a biometric system the keys are based off of the human body, not only has this compromised system been comletely destroyed, but potentially ALL biometric systems used by the same individuals is now compromised until the day they die.
That was a pretty big problem.
We decided on using biometrics as a 3rd or 4th level of authentication (to verify that someone using all of the other levels of authentication are who they say they are to a reasonable level of accuracy).
[RIAA] says its concern is artists. That's true, in just the sense that a cattle rancher is concerned about its cattle.
Ill agree about the privacy angle, but please just stop implementing fingerprint recognition for sole authentication.
We have several computers using thumbprint IDs. I can log in to my own machine about 9 times out of 10. I can log in to the other machines about 1 time in 10. Statistically, the computers are secure. Realistically, they're wide open.
...now I get to stand in line behind a dumb-blonde soccer mom, some kids goofing with the hardware...
Place a kid within 5 feet of a button and he/she will inevitably press it. Repeatedly.
Not noteable, IMO a rubbish article.
I want to link up a biometric fingerprint scanner to a script which DDoSes all the links provided in the email I am currently reading.
Spammers? Give `em the finger!
I don't know why all of these so-called "security experts" keep on advocating biometrics with little or no understanding of their real properties, much less how they should be properly used. Biometrics can be used as unique identifiers, but biometrics are not secrets. They can provide a unique identifier in an already trusted environment, but alone they cannot be used for authentication, which is what so many of these "experts" are ready to do. If I steal your fingerprint using any of the simple yet effective techniques (none of which require me to cut off your finger) described by Ton van der Putte, it can't be un-stolen, and nobody will be able to give you a "replacement" fingerprint.
A quote that iluustrates this naivete from the USA Today article: "Biometrics is one way to really identify the customer you're dealing with," he [Steve Vallance] says. What a foolish, naive statement. Alone, biometrics cannot really identify anybody.
I really can't do any better than point people out to an article in yet another issue of Crypto-Gram, which first came out five years ago: Biometrics: Truths and Fictions.
Qu'on me donne six lignes écrites de la main du plus honnête homme, j'y trouverai de quoi le faire pendre.
wow... you are paranoid.
I don't understand how this is Big Brother technology. It is a form of ID which is nescessary if you are going to be paying with a credit card or a check that requires an ID.
BTW, "meme" is sooo 90's. Please stop using it.
So your fingerprint becomes your SpeedPass or EZ-Pass... so what? Neither existing system is actually a financial system, they're an identifer that tracks back to an existing credit card number, that's the actual financial account.
So, really, what's the incentive for a consumer to want to use their fingerprint rather than something hanging on their keychain or in their wallet. Yeah, the keychain or wallet can be stolen... but safety laws already exist to protect your accounts.
In short, the current system isn't that broken... this solution has privacy concerns attached. Seems like the answer to a question nobody's asking...
I'm going to market a line of privacy gloves. Everyone will be wearing them to protect themselves from identity theft. On the other side, I'll market thumbprint dusting and scanning tools, for educational purposes only, of course.
So shine an LED through the finger to see if there's a pulse. Those portable heart rate monitors are cheap, so the technology can't add that much to the final cost.
thumb a hundred to save the clocktower! That thing was struck by lightning 70 years ago!
(ref. Back to the Future Part II)
Fight the power... -Barney Gumbel
Peace
Been using fingerprints in banks for years now. Every try to cash a check without an account?
Hell no, I an't moving there.
Could you scrap the top layer or two of skin off someone's finger and then glue it to some sorta plastic/rubber backing or something... and then wear that on your finger, which would also let the person you got the print from retain their digits?
haven't you any sense of history?
This may be perceived as a stupid question, but what is to stop man-in-the-middle attacks against biometric authentication?
Sure, that nice little box there can read my fingerprint. But what does it do once it has read it? It sends it over some kind of wire, right? And what's to stop someone from snooping the info going across the wire? Once they do that, they don't need to chop of my finger. They can just send that signal down the wire, and there you go.
Now I suppose you can answer this question with encryption. Just encrypt the communications between the fingerprint reader and the rest of the world, and then no snooping or spoofing will be possible. But if we are already going to use strong crypto, why not just give people private/public key pairs and let them authenticate themselves that way?
Sadly, I suppose the realistic answer is that the average American is just too stooooopid to properly protect their private key, and then the rest of us will have to pay because Joe Sixpack gave his private key to his girlfriend, they broke up, she stole his identity, and now it's someone else's fault...
However, that doesn't take too much away from my main feeling about biometric authentication. Biometric authentication is wrong because it requires me, the consumer to trust the manufacturer of the biometric equipment and anyone who can buy said equipment to not cheat when they say I authenticated myself. I don't really want to have to trust others to authenticate me. I want to buy an open-source-driven pocket-sized hardware widget that contains my private key (password-protected, w/ panic button to erase it in case I think I'm about to be mugged, and w/ dead man's switch to erase it after N days in case I lose it). Then, when I authenticate myself, it will be easy to know that I intended it, not someone else who controls the factors of authentication.
This is far easier than pretending a severed thumb is your own, and with the use of acetone based prints (from the gelatine master) it is virtually impossible for a layperson to determine that you have an overlayed print on your thumb.
Just your $0.02... :)
Q.
Insert Signature Here
Microsoft would run this service, and advertise it as 100% secure. I feel safer every day.
Oh yeah, and it would be an anti-felony, punishable by a $1000 reward, to use somebody else's biometrics to obtain money, goods, or services. (If that makes you feel unsafe, remember that listening to a CD that you didn't buy, such as if a friend plays a CD and you happen to be in the vicinity, will constitute piracy punishable by death. Feel better? Good.)
Just one question... Do you think "The Net" is a true story? I'm guessing that you do.
We evaluated many biometric products a while back (mostly fingerprint readers), and I was surprised to learn that most were nothing more than fancy ways to have the computer memorize passwords. So they really provided no additional security. This is especially true if you're using them in a distributed environment, and moreso if it's not 100% Windows. And even those that offered SDK's basically only provided ways to map fingerprints to passwords.
Basically most of them were just convienient shortcuts where the software would, much like a programmable keyboard, just send your username/password across for you to some application's password-entry dialog. Most technologists just didn't have a clue as to why this is not secure. And even scarier, many of the vendors I spoke with also seemed to not understand that or just downplayed it pretending I didn't notice. And good luck figuring this out, vendor FUD seems to be very deep and commonplace.
Now, get me one that is actually securely integrated with something like Kerberos or smart-cards with RSA keys, etc. But if all it does is memorize passwords, then it's not security...and may be worse.
A better system might require several biometric techniques together to reach an identification.(hand shape and finger prints would go together nicely)
This article mentions the Asian woman fingerprint problem about 3/4 of the way down, but doesn't mention a source for this claim.
The problem with any digital matching system is that the fingerprint (or eyeball, or what have you) gets reduced down to a number. Eventually, somebody will come up with the same number as the result of hashing their measurement as well. It's not a question of if, but when... you can do things to lower the likelyhood, but you'll never be able to eliminate the chance. If you have a "1 in a 100 million" chance of the failure, and roll this out to the American public, you'll get the unlucky match eventually.
How do they fix that problem? You can't exactly reissue a fingerprint...
Why would anyone enter a shop with a severed finger? The car theft idea works because there's nobody in the car park at night to wonder why some guy is opening a car with a severed finger. Similarly, there's noboby at night to wonder why some guy is getting cash from an ATM with a severed finger. And even if he gets filmed, by the time anyone figures out there's a problem, he's out of there.
But rather stealing the representation of my finger.
When the credit card db gets hacked (and it's happened several times), you just have to cancel it and get issued a new card.
When the fingerprint db gets hacked, they can't issue me a new finger.
A fleshcolored, spit wetted, rubber sleeve over a finger, with a copy of someone elses finger would work quite well, and be undectable by the minimally interested checkout line clerk.
If all you need is a fingerprint, then everyone will be wearing gloves soon. We leave fingerprints everywhere! New crime of the future: Person gets your fingerprint of a glass or a door or some other public place and racks up a mint. Say what you will about credit cards, at least you dont leave yoru credit card number, expiration date and billing address on every surface you touch. Theres something to be said about slightly insecure systems. The less secure something is the less easy it is to steal, since people are more suspicious of insecure systems then they are of supposedly "secure" systems. I can see a day where your credit card number is quantum encrypted on a microchip implanted in yoru skull. And the ability to dispute charges will no longer exist of course, because the system is unbreakable! Except for the short, easily memorizable password needed to unlock the quantum encryption. We can seethis already with identity theft. Now that youre identifiable by a number (instead of in person, as in the old days) anyone with access to that number is you, and everyone believes that its you, because the system is supposed to be secure.
Yet, I also find many Slashdot people to be enormous conspiracy theorists. Interesting. On one hand, you choose not to believe in something that is hard to prove from the various Bible(various maracles, floods, etc), yet you choose to believe in "Men in Black" "Secret 'They' Organizations," "Crash-landed UFOs" and the like.
Well. Secret societies are a reality. If you don't believe me, walk around the campus of Yale University. With all of these nasty economic scandals it is hard to imagine that they are all individual events, no? Actually, it is quite _improbable_. As for Aliens and UFOs, I think you are introducing a red herring.
Slashdot readers for the most part have a very healthy distrust of power. Power Corrupts, and Absolute Power Corrupts Absolutely. Slashdot readers have a very healthy concern about concentrations of power. This is perhaps best explained since software itself is a huge automation which allows for concentration of power.
Also, unlike your general public, the average SlashDot junkie has seen IT terraform the entire economic landscape. The power structure now is *WAY* different from what it was 20 years ago. The top billionares in the world are software people. To think that IT won't continue to concentrate power, and indeed transform government is very niave. Things are going to do a huge amount of changing in the next few years. And not all of it will be good. Some of it will be downright evil.
The other thing that software makes is an completely different alternative universe. Seriously. Look at virtual games, MUDs, people's on-line life. This is a huge change in humanity itself. To blindly accept these changes and not question them is horribly dangerous; both for ourselfs and for our decendants.
Then the day can't be far away when some schmoe will be able to erect a perfect replica of my dick! mother-shitting-fuck!
http://www.schneier.com/crypto-gram-9808.html#biom etrics
Biometrics are seductive: you are your key. Your voiceprint unlocks the door of your house. Your retinal scan lets you in the corporate offices. Your thumbprint logs you on to your computer. Unfortunately, the reality of biometrics isn't that simple.
Biometrics are the oldest form of identification. Dogs have distinctive barks. Cats spray. Humans recognise each other's faces. On the telephone, your voice identifies you as the person on the line. On a paper contract, your signature identifies you as the person who signed it. Your photograph identifies you as the person who owns a particular passport.
What makes biometrics useful for many of these applications is that they can be stored in a database. Alice's voice only works as a biometric identification on the telephone if you already know who she is; if she is a stranger, it doesn't help. It's the same with Alice's handwriting; you can recognize it only if you already know it. To solve this problem, banks keep signature cards on file. Alice signs her name on a card, and it is stored in the bank (the bank needs to maintain its secure perimeter in order for this to work right). When Alice signs a check, the bank verifies Alice's signature against the stored signature to ensure that the check is valid.
There are a bunch of different biometrics. I've mentioned handwriting, voiceprints, and face recognition. There are also hand geometry, fingerprints, retinal scans, DNA, typing patterns, signature geometry (not just the look of the signature, but the pen pressure, signature speed, etc.), and others. The technologies behind some of them are more reliable than others, and they'll all improve.
"Improve" means two different things. First, it means that the system will not incorrectly identify an impostor as Alice. The whole point of the biometric is to prove that Alice is Alice, so if an impostor can successfully fool the system it isn't working very well. This is called a false positive. Second, "improve" means that the system will not incorrectly identify Alice as an impostor. Again, the point of the biometric is to prove that Alice is Alice, and if Alice can't convince the system that she is her then it's not working very well, either. This is called a false negative. In general, you can tune a biometric system to err on the side of a false positive or a false negative.
Biometrics are great because they are really hard to forge: it's hard to put a false fingerprint on your finger, or make your retina look like someone else's. Some people can mimic others' voices, and Hollywood can make people's faces look like someone else, but these are specialized or expensive skills. When you see someone sign his name, you generally know it is him and not someone else.
Biometrics are lousy because they are so easy to forge: it's easy to steal a biometric after the measurement is taken. In all of the applications discussed above, the verifier needs to verify not only that the biometric is accurate but that it has been input correctly. Imagine a remote system that uses face recognition as a biometric. "In order to gain authorization, take a Polaroid picture of yourself and mail it in. We'll compare the picture with the one we have in file." What are the attacks here?
Easy. To masquerade as Alice, take a Polaroid picture of her when she's not looking. Then, at some later date, use it to fool the system. This attack works because while it is hard to make your face look like Alice's, it's easy to get a picture of Alice's face. And since the system does not verify that the picture is of your face, only that it matches the picture of Alice's face on file, we can fool it.
Similarly, we can fool a signature biometric using a photocopier or a fax machine. It's hard to forge the vice-president's signature on a letter giving you a promotion, but it's easy to cut his signature out of another letter, paste it on the letter giving you a promotion, and then p
You don't need to fake a credit card, just nab one and it's all yours until the owner reports it missing! Merchants don't bother checking to see whether or not the card is yours, even if your PHOTO is on it, much less your signature!
Preface: I am posting AC and not naming any names here.
In the mid-to-late 1990s, when the phrase "identity theft" had first entered the lexicon but before the media discovered how well they could capture audiences with its mere mention, I worked with a card issuer on a so-called "secure card" test program. The idea was twofold: merchants were getting complacent in terms of trying to verify that the person presenting the card was actually the cardholder, and credit card fraud was an increasing problem.
The proposed solution to both dilemmas was to issue cards with the cardholder's PHOTOGRAPH on the FRONT of the card. We'd indemnify cardholders against any fraudulent purchases (as opposed to beyond the first $50.. it was a novel idea back then) for any bogus transaction made with one of these photocards. Cashiers weren't bothering to check the back for a signature, but surely they'd see if the photo on the front matched the person making the purchase, right? LOL.
Existing cardholders were allowed to volunteer for the test program by responding to an insert in their bill. Along with the application, they had to send in a photocopy of their drivers' license, and a small color photograph of themselves which was easily identifiable as the same person in the drivers license photo. About 10,000 such cards were eventually issued, with surveys included and sent as a follow-up to see what the cardholders encountered. During the test period, here are a few interesting things we found.
1... Merchants weren't checking the photo, even though it was right there as a 1.5" x 1.5" image on the front left side of the card.
Many cardholders reported no problem giving their spouse the card to use, where the photo wasn't even the same sex as the person making the purchase.
There were a lot of folks surprised that cashiers didn't even notice the photograph.
There were a lot MORE folks surprised that cashiers noticed the photograph but paid it no attention. For example, female customer would use card issued to JOHN DOE with a picture of a man on the card, no questions asked by merchant.
2... Merchants who did check the photo were overly attentive.
People who had changed hairstyles, dyed their hair, grown or shaved facial hair since the photo had been taken, or even gained or lost weight were having their cards refused because the photo wasn't a "perfect" match.
If a card was not outright refused due to appearance changes, a store manager was often called by the cashier, or some other delay was introduced into the purchase, inconveniencing both the cardholder and the merchant.
3... Some of the merchant services reps around the country were issued temporary expense cards with someone else's name and photograph on them (intentionally, as part of the test).
These cards were set to return a "Call" response on transaction attempts, which tells the merchant they need to call the card issuer to get special instructions before accepting the card.
Many merchants ignored the response and ran the transaction through as a "Force" process without bothering to see if there was a problem with the card. In live circumstances this would have resulted in a chargeback to the merchant with no recourse.
Merchants who did call were instructed to check the ID of the customer against the name and photo on the card. In nearly half of these cases, the merchants wound up doing a Force anyway (another chargeback). The reps were told to try and explain it away - "Oh that's my boyfriend's card" etc - and it worked pretty well.
4... Though this obviously is not the party line... Credit cards are as good as cash but provide next to zero security. Ask yourself when was the last time you tried making a purchase on plastic a
being lead to the slaughter
- Steal credit card
- Shop where no teller will verify card
Of course, Home Depot has built in fraud protection; they have self checkout lanes that require each item purchased to be registered by weight after scanning. Of course my 4x8 plywood, 5 bags of mulch, and 10' PVC pipe are difficult to balance on the scale after scanning so a teller must assist me (and check my card/id in the process.)I only hope that my story about finding the severed finger near the power saw will fly when they install those readers...
On a similiar note, Walmart seems to have no problem searching every person who leaves the store / counting everything in your cart. This would make sense if it were not for the teller that just did the same thing 20 seconds before. It seems odd to me that this annoyance is somehow acceptable? Some people have supplied good and back feedback over here. Lower prices appear to calm such complaints.
The first dog barks. All other dogs bark at the first dog.
What about people who are missing digits? I have an professor that is missing is ring finger completely. Now, I imagine this would be more focused on thumb prints or you index finger, but I'm sure that there are more than a few people who are missing the fingers of choice for a project like this.
When I pay for something by debit, I enter a private PIN number to complete the transaction. If the pin is incorrect, the whole transaction needs to be repeated. After a certain number of attempts (usually no more than 3 or 4), a retailer will simply refuse to honor the card at that time (more often than not suggesting that perhaps the card may need to be replaced by the bank). ATM's are exactly the same way... after a certain number of failed attempts, the atm will simply keep the card and I have to wait for the bank to mail out a new one.
Now like it or not, systems which work by scanning fingerprints *CAN* be fooled consistently by a sufficiently technically minded individual. Systems which require a secretly selected (and well chosen) authentication number cannot be fooled by any means other than sheer lucky guessing (and you'll run out of tries long before your odds of guessing right even approach being something more than negligible). IMO, that's about as foolproof as we're ever going to get (unless or until it becomes technologically possible to read other people's thoughts).
File under 'M' for 'Manic ranting'
Why stop with the steady stream of articles that point out the real shortcomings of biometrics? So you can keep your job? Sorry, but that's a pretty selfish reason that only works for you, your boss, and a handful of investors.
As Bruce Schneier pointed out years ago, biometrics are a double edged sword. Biometrics are hard to forge (I am deliberately ignoring the $0.50 gelatin trick that fools fingerprint readers since I assume someone will repair that particular shortcoming,) and look to the implementations of the systems for the weaknesses instead. Yes, they are hard to forge. But once the data is turned into bits, it's pathetically easy to copy. And you can't put the genie back in the bottle it once it's gone!
It comes down to "who do you trust?" Do you really trust the department store or the bank to not keep a copy of your biometric identification? What's to keep an unscrupulous merchant from intercepting a copy of your raw biometric data, and saving a copy?
I see signature capture pads all over the place these days. I categorically refuse to use them because I have no confidence that my signature won't be captured and replayed by the wrong person. You can't tell me that a "secure" system will prevent this, because I can't tell a secure system by looking at one. The promise of Open Source is no guarantee, either. Even if it had a picture of a penguin on the outside, a spiffy GNU-y logo, and OSF and SourceForge brand stickers on it, how do I know it's really "IdentifyMe_2.0" and not some hacked-up demo being run by Vinnie the Chiseler? People believe that when they walk into a Home Despot that Home Despot doesn't keep a permanent record of their signature. Of course they keep it; it's actually required by law to retain the audit copy for 36 months (42 in Illinois.)
There are also plenty of known cases of fraudulent ATM machines that read your card, accept your PIN, spit out "TEMPORARILY UNABLE TO DISPENSE CASH", and report both your card and PIN to the machine's owner. How is a user supposed to be able to authenticate the biometric device is genuine; that it's not a sham, running a copy for a thief?
How will this change with fingerprinting, hand geometry, retinal scans, or whatever the biometric system of the week may be? It won't; it can't. And since the systems can never be trusted to not "steal" or retain copies of identification for future playback, the systems should never be used in the first place. Using them even one time will put your irreplaceable data in a system it may never escape from.
Biometrics are a technology that should not ever be mainstreamed. They might work fine for a secure military facility, but once they're out in the general populous for any length of time, the protections they represent are gone.
John
Authentec fingerprint sensors use RF signals to read the fingerprint from the inside of your skin, not the surface. This makes it hard to use a non-live finger. I have seen people with rubber and jelly fingers fool optical sensors. An Authentec sensor doesn't even see this as a finger. These same people with the fake fingers admit that the best they can do with Authentec sensors is use a pencil to rub carbon all over their jelly finger and then use that to try to enroll. The resulting image doesn't even look like a fingerprint.
Lasers Controlled Games!
Hi, I'm Bill O'Reilly, reporting this evening from Boston, Massachusetts. Thank you for watching us. Will the real Howard Dean please stand up? That's the subject of this evening's Talking Points Memo. Former governor of Vermont got a couple of big Labor [union] endorsements this week. And many in the press have already anointed him President Bush's challenger next year. But it's hard to get a handle on Dr. Dean. The NRA, for example, loves him, but so does the far left. How does that happen? Since Dr. Dean doesn't like one-on-one interviews, I have to say I don't know much about the guy. Most of the other Democratic candidates have entered the No Spin Zone, but it is apparently too much for Dean. But I do know this, Dean is against parental notification laws regarding abortions for minors. He is on the record as saying that 12-year old girls should be allowed to have abortions without telling their parents, even if the notification laws provide protection for kids who are raped, the victims of incest or other sexual abuse. Even if. Now that kind of position can't be changed. That's a defining position. And it is directly against what the overwhelming majority of Americans believe. So if I'm running against Dean in the South or the Midwest, that's all I have to say. He's immediately put on the defensive. Allowing children to have abortions without telling the parents is simply unacceptable in this society. Now the lawmakers have made every attempt to protect the child while writing these notification laws, but the far left fringe continues to define this issue, not as a family concern, but as a Roe vs. Wade litmus test. That is spin of the worst kind. And I'll say it again, most Americans don't want the government intruding on the family in this way. So what say you, Howard Dean? The reason the doctor won't come on and do an interview with me is that I'd ask him that question and a number of others, and he would have to define his positions. It's obvious Dean does not want to do that. So Talking Points believes Dean can raise all the money he wants, have all the labor unions he wants backing him. All the far left advocates can go out and hold his signs all day long. But in the end, Howard Dean's positions will be exposed. And the folks will see it. And I don't believe he will be the Democratic candidate for president. And that's The Memo...but I could always be wrong.
You need to put down a fingerprint for that too. And this is not a new thing.
Okay, so biometrics is in stores ... but can I use in-store biometrics to launch a nuclear strike?
-kgj
-kgj
It is a very clear line. As far as notification, his position is clear -- the ethical standards of doctors are good enough. No doctor is going to fail to notify a parent unless there is a good reason for it. And if they did, the doctor should be disbarred. What Dean doesn't want is rules and regulations about how Doctors can run their profession. His position is really clear -- government can stay out of this personal matter. BTW, his position on guns are pretty much the same, it's a state issue and the feds should just but out. I find him refreshing.
I'm not sure, but I'm guessing it might be easier to mug you with that knife than to pin you down, cut off your thumb, use your thumb and bank card to get money, and head off to the liquor store or crack dealer with lots of bloody cash on hand.
Something tells me you're more likely to call the cops (via the ambulance) if you're suddenly found thumbless, whether or not you were in a shady area of town doing some things you ought not be doing.
Lots of crime goes unreported because people are stuck in the bind of being in the process of doing something illegal themselves - but somehow, I don't think that'd apply.
And what's the deal with the homeless crack, anyhow? Lots of homeless folk aren't knife toting crack addicts.
At least with the Credit Card you keep it in your wallet out of harms way. With finger prints, you are leaving samples everywhere for people to collect.
"So (Simon Phoenix) can't get food, or a place to sleep for the night. Unless he rips someone's hand off, let's hope he doesn't figure that out."
Learn something new.
If somebody gets your credit card information, you can just cancel the card and get a new one.
If somebody, somehow, no matter how, gets your biometric information, what do you do?
That's right - switch to credit cards.
I am a genius; therefore, you suck.
Actually, this is not the case. I bought mine from my good friend, Tsutomu Matsumoto. But seriously, biometrics with no doubt is one of the most stupid and most hyped ideas related to electronic security I've ever heard of. I couldn't disagree with anything you pointed out. Unfortunately the average drunk Joe "General Public" Sixpack doesn't read Crypto-Gram like we do (or doesn't even try to autonomously think for that matter).
Sincerely,
Pan Tarhei Hosé, PhD.
"Homo sum et cogito ergo odi profanum vulgus et libido."
You could remove the skin from the severed finger and stick it to your own. Nobody would know the difference. Do some biometric scanners detect temperature? If so, this would circumvent that too.
You can get thumbprints off many items... you don't need to chop their thumb or finger or whatever off... just get a good print, who cares whose it is... make a catalog, try them out claim you've got a blster if it doesn't work or if insufficient funds just shrug and walk away. As for making the fake print for your thumb... instructions abound.
A fool throws a stone into a well and a thousand sages can not remove it.
Dude, your ATM use is the number _one_ easy way for a hypothetical central organisation to track you (OK, that's exaggerated: these days cell phone use or just carrying beats it hands down).
Fingerprints and sosec# are way down the list; they require going places or contacting lots of different parties, and guessing which ones to check first, in order to track you effectively.
sudo ergo sum
The problem is that for someone to copy your card, even with innovative means, they at least have to interact with the actual card. Either steal it or get you to swipe it through their reader.
Obtaining your fingerprints, however, is orders of magnitude more easy, and can be done undetectably without ever coming within a mile of you. You leave prints everywhere.
All it takes is for an easy method to construct functional prostheses from prints to be invented and become known (in the right circles), and the whole system is not just crackable but worthless.
sudo ergo sum
This is not supposed to be funny, but ... How do biometrics enthusiasts pretend to avoid abuse from twins ? I'm not thinking about something obvious like "Ha ha, I stole my brother's money", but rather something like "See, I could not be at this robbery, because my retina was scanned 1000 miles ago from this place at the same time!" Courts (and other people, too) have to be very careful about this kind of "proofs".
Let's assume biometrics have become reliable (combination of retina - thumbprint and maybe even DNA sampling). If this were the case then a biometric profile could be used as an ID instead of a name and address...
You want to open a new bankaccount, you don't give your name and address but your biometric profile as ID. This should satisfy the banks' need for verifying that it's the account holder that is approving a particular transaction since the biometric profiles match.
In such a system the only thing you have to safeguard is the link between your biometric profile and your name and address. As long as there isn't a Big Brother database that can link both sets of information you could safeguard your anonymity pretty well...
Reality check : Reliable biometrics as I described above would probably get us into a Gattaca-esque society in no time... Oh well, in a perfect world...
Not a good argument. Listen, people can't fly, but let's jump off the nearest 10-story building, and we'll learn how to fly on the way down. I mean, the advantages of being able to fly must outweigh any conceivable drawbacks, no?
The flaw with your argument is that biometric identifiers, once compromised, cannot be changed. What happens if you get your fingerprints lifted? A finger transplant? No, at that point your only choice is to have some sort of fraud alert put on your fingerprint, and then you can no longer use it. So it's useless for you, forever. If you'd read the article you'd see that the authors complained that they discovered critical flaws in fingerprint readers ten years ago, including that they could be fooled using fake gelatin fingers, and they still haven't fixed that. You think Microsoft is bad, leaving IIS unpatched for three months? Try ten years... The only conclusion is that the readers can't be fixed.
Blind adoption of some shiny new technology without at least some foresight is too common, and really, really stupid. Electronic voting is another great example of this...
Human genome = 3 billion base pairs = 6 GBit. Windows + Office = 20 Gbit. Which is more impressive?
They dont even accept them over here anymore ... get with the program already. Use debit cards or electronic wallets.
Back in the days when I was growing up in what was then a peaceful little village on the outskirts of Derby, kids could be kids, paedophiles had not been invented, all that mattered was that Forest lost and if the Rams won, well, that was a bonus. But regardless what was happening at the Baseball Ground, if anyone tried shoplifting from the local newsagent's, they were in for a surprise a few weeks down the line. Because the paper lady had eyes like a hawk, and if she spotted you doing something -- and if you did anything, she would spot it -- she would just add it on to your parents' paper bill, and when they got the bill they could deal with you as they saw fit -- which usually meant you had to write a letter of apology to the newsagent, and you'd probably have to stand up to write it. If you ever gave her a mouthful, other people in the village would express disapproval - "There goes that Alice, do you know what she said to Mrs W. the other day?" - until you felt you had no choice but to make your peace with her. She knew how old you were, whether your parents smoked and what brand -- and she would also know if a packet of fags or a can of booze was really for someone else {though I suspect the real explanation was that the parent in question would simply phone the newsagent while you were on the way and say they had sent you. Most of the people in my end of the village were on the phone}. They don't make them like her anymore.
It's my contention that no automated system will ever be as good as our old paper lady, may she rest in peace. She may have had a vulnerability, but either nobody dared exploit it, or they were just too amazed by her apparent superhuman powers to bother. Why can't we just go back to using human beings to do jobs human beings are good at and use machines for jobs machines are good at?
Je fume. Tu fumes. Nous fûmes!
It's easy slight of hand. You just "palm" the finger.
The average min wage chump at the till barely notices you're standing there. You could be carrying the dead guy over your shoulder, take his hand, give the fingerprint and most store clerks wouldn't even blink.
Great, now instead of stealing my credit cards, people are going to start chopping off my thumbs? damn technology.
Those criminals who are robbing you don't give a shit about you. That's why they're robbing you. They'd generally rather not kill you, but only because it makes their job harder and more dangerous. But if you fight them, they will all hurt/kill you if need be. You have to be prepared to get nasty. It comes with the job. Even pick-pockets often have "muscle" backing them up.
The "ease" of such crime is -in a strange way- a good thing. So I get get robbed or pick pocketed. Big deal. I lose the money I had on me. So they take my credit card. If I actually owned one, I could cancel it the next day. Losing a finger or getting killed is more permanent and considerably more painful. Fingerprint crime may be a little harder to pull off but it raises the stakes.
Under a fingerprint system, your finger becomes a gold mine. Suddenly, it's worth hurting/killing you. If the fingerprint system becomes the only way to pay, then crooks will HAVE to cut off your finger. No more picking your pocket. But this wouldn't deter the criminals because they don't care. It would just make their job harder. It will also make victimhood all the more sweeter.
If this finger stuff catches on, I'm buying stock in companies that make bolt cutters and branch pruners.
I hate news stories with crap like this:
Give use dollar amounts or percentages. I don't care. But using one metric for before and one for after makes this comparison 100% useless, except for creating impressions in impressionable minds.
And how does this deter fraud? Are the customers required to provide prints? Every other example in the story indicates that it's a voluntary system.
I think it's about time we all got this guy's fingerprints and started making thousands of simultaneous purchases worldwide.
He acquired his 15 seconds of internet fame by duplicating and sharing his frequent shopper's card via his personal web site. I can only imagine the junk mail he receives on account of that profile.
""In a letter [scroll down a bit] to Bruce Schneier's Cryptogram newsletter, Ton van der Putte tells of a recent invitation from the BBC to comment on the addition of fingerprint biometrics to the British ID card. Using a digital camera and UV lamp he was able to make dummy fingerprints that fooled the readers - and in less time and less cost than similar experiments 10 years ago. He says: '...now the average do-it-yourselfer is able to achieve perfect results and requires only limited means and skills.'"
Insecure biometrics will be easily broken, but nobody will know that, so they will be trusted explicitly.
"I didn't do this/go there/buy that."
"Sir, we have your fingerprint proof."
"But it wasn't me!"
"That's not possible sir."
Creepy.
The way things are going, there won't be checkout people anymore. All the grocery stores in town are now featuring "Self-Checkout" aisles, where you do the whole thing yourself, with one teenaged overseer tries (or does not try) to watch all the self checkouts at the same time. Which leads to fun things like sticking pre-printed UPC codes for generic items onto name-brand items and getting the item far cheaper! The more they eradicate the workforce, the more they get taken away from them, but as long as people steal less than it would cost to pay a checkout person, then it's just considered an acceptable risk-management cost/benefit ratio.
Bender: Lets see what job I have.
Holds out severed hand
*beep*
display: Prime Minister of Norway
Supervisor: Ahh, welcome aboard Mr. Minister
"And The Geek Shall Inherit The Earth" --Jeff Darlington
> Biometrics are a technology that should not ever be mainstreamed.
Nonsense. If you use two factor authentication -- a fingerprint and a PIN, then the risks are significantly reduced. And customers don't have to remember to bring their debit/credit card.
This is really about money. Can a business decrease costs by using biometric authentication devices? Will abuse of the system be worse than it already was? Will the added revenue cancel out the costs of fraud? Will people be willing to use the system?
Business security decisions are about money, plain and simple.
> I categorically refuse to use [signature capture pads] because I have no confidence that my signature won't be captured and replayed by the wrong person.
Do you use paper signatures? They can be scanned and misused too. However, the threat of misuse with electronic signatures is likely greater than with paper signatures.
Perceived risks and actual risks are separate things, and are often miscalculated.
In my view, the benefits of shopping at Home Depot (where I have to have a credit card and sign an electronic pad) are greater than the risks. In your view, they are not.
I highly recommend Bruce's latest book "Beyond Fear". My reasoning was influenced by his book.
Not a good argument. Listen, people can't fly, but let's jump off the nearest 10-story building, and we'll learn how to fly on the way down. I mean, the advantages of being able to fly must outweigh any conceivable drawbacks, no?
I think its your argument which is more flawed. I said "start implementing without relying fully". So, if you want to try jumping off a building, do so with a parachute. If you are unable to fly launch the parachute in good time to save you. Once you learn how to fly, get rid of the parachute!
You are essentially arguing against something I did not say and thus wasting your time and my time.
New year Resolution: Don't change sig this year
After being a) grossed out or b) screaming, do you think that they will stop you from walking out with the purchase?
Few people would have the gumption to say to someone that went to the trouble of getting somebody else's finger that they can't take the items because it wasn't their finger.
myke
Mimetics Inc. Twitter
I had to give a thumbprint.
Where I live, bank branches are asking for thumbprints from non-account holders wanting to cash checks.
This, despite:
- The check was written on that bank.
- The person can produce a driver's license to verify that they are the payee.
Yes, it's true that it cuts down costs of fraudulent checks that banks must bear. But it also increases risks to check cashers that their special identifier may be misused. What guarantee does the bank provide that the thumbprint won't be used for the single purpose of preventing fraud on that transaction and that it will be destroyed to prevent any possibility of further misuse?Heavy-handed tactics like this have really driven people to want to use cash more and more.
The fun side of money tracing is wheresgeorge.com
But imagine if ATM machines used OCR to record the serial numbers of bills dispensed to people and if banks were required to inventory serial numbers of incoming currency, too.
Credit card and debit card transactions have already reduced the proportion of anonymous financial transactions. The technology exists to reduce financial anonymity a lot further.
"Provided by the management for your protection."
The basic flaw with biometrics (that once compromised they cannot be changed) is still a real problem, whether you compare it to a parachute, an anvil or whatever. I don't see how you can find away around such a fundamental flaw, even if you do start implementing it. Or have I missed advances in retina transplant technology?
Human genome = 3 billion base pairs = 6 GBit. Windows + Office = 20 Gbit. Which is more impressive?
I understand why someone would want to use biometrics as one of the three components of authentication (something you have, something you know and something you are; pick any two for good authentication.) But I still think that biometrics are easily stolen, and once stolen are irrevocably lost. You think the problems with identity theft are bad now? Just wait for stolen biometric data to hit the fan.
It seems that biometrics are the next big sell to the credit industry. "By using fingerprints we can absolve ourselves of all blame on disputed claims!" But once the data is in the wrong hands, the thieves will steal with impunity, and the victims will have little recourse. Credit companies will be exceedingly slow to recognize charges of biometric ID theft, since dodging the fraud bullets will save them lots of money in the short term. Don't forget that the merchants still have no real incentive to protect the biometric data. And again, once your biometric is compromised or stolen even one time, that's it. You can never replace it.
I find it interesting that you acknowledge the threat of misuse of electronic signatures is greater than the threat of misuse of paper signatures. That is my point entirely about the misuse of biometrics, with the added attraction of not being able to replace a misused fingerprint or retina.
IMNSHO, the other two components of authentication should be enough. Something you know, a PIN, can be changed easily. As for something you have, strengthening "smart cards" makes them harder and harder to duplicate. They can be updated more securely than most other devices. And they're cheap to replace -- currently, they're about a dollar apiece. Lost, stolen, or even left behind at a restaurant for an hour? Replace it. The mechanisms for reading them are already present at most retailers (PIN pads and smart card readers,) they're cheaper than biometric readers (Target gave away USB smart card readers to people who signed up for their smart Visa card.) And the cryptographic protocols are such that you don't even have to trust the readers. The chip in the card does all the work, shifting the burden of trust to the retailers and the creditors. Not so with biometrics, where the burden of trust lies upon the reader itself.
As I said earlier, I think biometrics are fine for closed systems: small campuses where all readers are trusted readers and the number of users is finite and trainable. The users can be trained to recognize authentic readers, and to protect their own biometric data. The system owners have absolutely every reason to protect their readers and their data. But the model doesn't scale to the real world. Users can't trust every system; most system owners are just middlemen carrying data from customers to creditors without the financial incentive to provide trusted systems. Some will be thieves, others, merely careless. The ID theft victims will be left holding the bag. Convincing the authorities "that's not my thumbprint" isn't going to work, not for a long time. Finally, once the news breaks that the systems are being defeated by hackers in Brasil, the bottom will fall out of the market completely and there will be a reverse rush away from biometrics, to the point where even the currently trustable systems would be suspect by association.
Fortunately, as you pointed out, businesses will make decisions based on the bottom line. For now, smart card readers and PIN pads are far cheaper than thumbprint scanners; since they're practically ubiquitous already, the investments have already been made. As for me, I'll continue to insist Home Depot et al print receipts for me to sign in ink. Perhaps the tinfoil is keeping my beanie a bit warm, but I can continue to deny that I sign charge slips electronically, and will be able to deny any fradulent charges that are based on an electronic signature.
John
Well, if the machine could sense sweat then I suppose we have another medium for virii to be transmitted...sure..you go to the bank, take out some money using your fingerprint as ID...then you wipe your eyes..and BANG! you got Pink Eye.
Another thing..perhaps more important...
What if it was MANDITORY to have a biometric device or similar installed in your hand. Without it, you couldnt buy food, gas, clothes...anything...
I for one do not like that possibility..
And I dont want to hear anyone scream about the Bill of Rights...the US government has done fucked up things to its citizens in the past and it will do it again.
It's not what you know; It's what you can find out.
How about selling plastic fingers with phony fingerprints or fingerprints that can be attached to your fingers. Just an idea.