Slashdot Mirror
Biometric Voice Recognition Credit Cards
securitas writes "New Scientist's Celeste Biever reports on the latest in biometric security devices: voice recognition credit cards. The device is three times the size of a normal credit card, has a 'microphone, a loudspeaker, a battery and a voice-recognition chip' and is intended to help reduce credit card fraud. The owner speaks a password into the card and the card emits an authentication squawk. Bruce Schneier loves the concept of BeepCard's related sound authentication technology. Other articles at the Telegraph and The Register."
Why would anybody want to carry a credit card 3x the size of their other cards?
You are in a maze of twisted little posts, all alike.
How many folks will pull out this card, hold it up to their faces, and say:
"ChangeMe"
?
how do I, the merchant, prove I 'heard' the squawk?
every day http://en.wikipedia.org/wiki/Special:Random
Isn't one of the goals of credit cards convenience? I mean, I could put all of my money in a pot, bury it where someone will never find it and pull from it when I needed and it would be pretty secure, but it's just too much work. This might be a good idea for the tin foil hat crew but I've got a feeling most of us will be sticking with our small, compact, easy to slide into wallet cards.
WANNAWIKI Wannawiki WannaWiki WANNAWIKI!
verify me.
biometric voice recognition credit card in your pocket or are you really *really* REALLY happy to see me :)
An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam
What if you have a sore throat and try to go to the drug store for some medicine? If your voice is scratchy, will you be denied your medicine because your voice doesn't match?
--
Fresh Deals
Not only will it have Voice Recognition, it will have voice synthesis to communicate to the user! I can see it now...
"I can't let you buy that, Dave."
"If we let things terrify us, life will not be worth living."
- Seneca
...what does this mean for mimes?
---
Never criticize religion on Slashdot. You will be modded down for "Troll" no matter how factual it is.
The smaller chips are a relief, just reading the article one of my butt cheeks was falling asleep:P
Harpo Tunnel Syndrome--my wrist feels funny.
Seriously though... so much for using this over the net.
/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i
"Hand over that friggin' money".
The owls are not what they seem
Dave: Open my account, HAL.
HAL: I'm sorry Dave, I'm afraid I can't do that.
Dave: What's the problem?
HAL: I think you know what the problem is just as well as I do.
Dave: What are you talking about, HAL?
HAL: This mission is too important for me to allow you to jeopardize it.
Dave: What do you mean?
HAL: Dave, you're trying to save up for retirement, remember? You'll just spend all that money on beer, won't you?
Dave: What the? Dammit ... just open the account, HAL!
HAL: Dave, this conversation can serve no purpose anymore. Goodbye.
Dave: AAAARRRRGH!
I hear there's rumors on the Slashdots
Smart cards are similar to credit cards and serve the same purpose, but they have a completely different data storage system. Instead of using a magnetic strip to store the user's information, smart cards feature an embedded 8-bit microprocessor with up to 16 kilobytes of programmable-only memory. Smart cards have only recently began to gain popularity in the United States, despite their widespread use in Europe for years.
Domain Dynamics' new TESPAR voice authenticator stores three samples of the user's voice on a template within the Java-based smart card. When users want to make a transaction, they simply enter the card into a terminal at a store and give a speech sample. The card then matches the spoken voice to the recorded voice samples, a process that takes a fraction of the second. The company said that TESPAR is able to handle day-to-day variations in the user's voice and can ignore background noise.
Read more here.
Read the article but still not sure how it would stop a man-in-the-middle? True it would require that you disrupted communication but thats feasable - eg if someone is using their card on their cell-phone, kick in a cell-phone jammer as soon as the person speaks into the card, the card still plays the sound for you to record it but it doesnt get through the call? it could also work the same way on a comprimised computer or malicious web-site (think IE browser bug that allows your active-x to hi-jack someone elses)?
People have to remember that the transaction isnt secure until its been made.
This comment does not represent the views or opinions of the user.
I wonder how successful this will be.
This seems to be one of those technologies that either flop or revolutionize the way business is done.
It's a nice concept, but what happens when someone "loses their voice", so to speak? Can't buy anything until with it until their voice returns? How well does it interact with accents, background noise, etc?
I don't know how feasible this is but I'd imagine a thumbprint-sensitive card would be much more easier to deal with.
---
Never criticize religion on Slashdot. You will be modded down for "Troll" no matter how factual it is.
now thats just plain stupid. If you want a biometric card put a damn thumb print reader on it.
I don't know what the fuck you just said little kid, but you're special. -Tracy Morgan
BTW, it didn't actually go well unless your fingertips smell of tuna.
The benefit of biometrics should be that people don't have to remember more password. The fact that people can't (or don't want to) remember passwords is a good reason to be working on technologies where you can be identified by your voice or fingerprint rather than a string of characters.
I'd rather be lucky than good.
Why do I like this? It's a physical authentication system that doesn't require any special reader hardware
I don't see why a microphone is any less special than a USB port or an IR port. If anything, just about any computer these days has a USB port.
And using IR for authentication, many modern phones and almost all modern PDAs will do; all you need to do is plug an IR dongle costing a few dollars (in quantity) into the USB port. And IR can be made interference proof much more easily than sound.
It's a good thing that mankind has never developed technology able to record voices to a high degree of accuracy.
Mary had a little lamb, it's fleece was white as snow. And everywhere that Mary went, the lamb was sure to go. Ha, Ha, Ha.
Remember Bubba Smith? He'd have to love this..seriously, the guy could impersonate *anything* in Police Academy.
SHOPOWNER: 'Please verify your card, Mr. Smith."
HIGHTOWER: *Squawk*
SHOPOWNER: 'Thanks'
Cha-ching!
...seem fairly obvious. First, if one of these devices is at a public terminal, it wouldn't be hard at all to get a .wav record of the transaction; then, I have your password FOR LIFE!
Second, if someone's voice is drastically altered, (s)he would have to find a way to prove identity outside of the voice recognition system.
Third, any technology that might let me verify someone's voiceprint could also be used to generate a false voiceprint. A simple tape recording of you talking could be enough to forge your voice electronically. (Hmmm... cool plot possibilities for a Tom Clancey thriller)
Fourth, my (hypothetical) twin, who probably has an almost-identical voiceprint, is not necessarily to be trusted.
Human being (n.): A genetically human, genetically distinct, functioning organism.
I'll just take my chances with credit card fraud. With the current zero-liability policies of most issuers, or the $50/card legal limit, I can afford it.
Merchants can afford to take their chances, too. According to that well-known radical organ, The Wall Street Journal, credit card fraud amounts to $0.06/$100 of overall charges. Oh, the humanity! You can see why merchants spend so very much time whinging about a massive 0.06% loss rate.
I know. I was saying more generally that advances in this area are useful as they move us towards a future where biometrics get good enough that people don't need passwords.
Also, I would imagine that the point of password for a system like this is mainly just to make it easier on the system identifying your voice, since it will only have to be able to identify your voice for one given phrase. This means that password in a system like this don't have to be nearly so cryptic and hard to remember as traditional password to be equally secure. You should now be able to safely have a passord like "bosco" rather than "B0sZc110~9*".
I'd rather be lucky than good.
My company is making a new creditcard system too. Our card will feature the CinderBlock (TM) theft prevention system. Essentially using the latest technolodgies we have embedded a magstip on a 16'x6'x8' piece of concrete. Its weight alone makes a quick snatch from an unsuspecting individual that much more unlikely. And in the event of a successful theft it features ValueBlast brand thermite and a OnStar(TM) accessible detonator. One push of a button and some poor theif just lost his arm, but your credit is secure.
Please call 1-800-URB-ROKE for more information.
There is nothing wrong with being gay. It's getting caught where the trouble lies.
I have a speech impediment and this technology wouldn't work for me very well. :(
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
No, the challenge for Beepcard has been and apparently continues to be knowing the difference between voice recognition and voice identification. Yes, the phones have to learn to recognize your voice but that's not because your voice is a beautiful and unique snowflake; it's because the parameters that make up voices are widely varying and we haven't figured out exactly how brains turn streams of voice into words. So-called "voiceprints" are a myth. Google for forensic phonetics if you don't believe me. IANAPhonetician but I am a linguistics grad student and I've had enough grad level phonetics to know that spectrographic analysis of a voice does not provide any kind of unique identification the way fingerprinting does (or is supposed to at least).
Stupid idea, waste of R&D money, and a poor solution to a problem that has many better solutions that credit card companies are not interested in because it involves them changing the way they do things. Whoever's financing this obviously needs to enroll in an introductory phonetics class at the local university before they lose their shirts on a dumb, unworkable idea.
OK so it's Saturday night and I'm at the bar, the DJ is blasting the sounds, and it's my round. Now how exactly is my credit card gonna hear me say anthing over the ear-splitting bass? Not to mention how is the bartender gonna hear my credit card squawk?
OK so your average
Jiggity