Slashdot Mirror

← Back to Stories (view on slashdot.org)

Fingerprints Replace Credit Cards in Seattle

Posted by ryuzaki0 on from the well-in-one-store-anyway dept.

prostoalex writes "According to CNET News.com, Thriftway introduced biometric systems in its Seattle stores as far back as 2002. The customer would have to be identified first and submit his own fingerprints, as well as register credit cards with the grocery store. But then a Pay By Touch system became quite popular among the store regulars. According to CNET, "one man even drove 400 miles to use the technology". The store also reports 0% of such transactions being fraudulent."

6 of 376 comments (clear)

  1. kinda on the same lines... by ozzmosis · · Score: 4, Informative

    But this is not surprising concidering the cost of a home finger print scanner of only 39$.

  2. Re:Supposing you had a decent resolution... by Jack+Porter · · Score: 3, Informative

    You etch it using PCB fabrication techniques, and then cast it with gummy bears. Details here.

  3. copying fingerprints is easy by Torstibutz · · Score: 4, Informative

    just check:
    http://www.ccc.de/biometrie/fingerabdruck_kopieren ?language=en

  4. IDENTITY != AUTHENTICATION by malcomvetter · · Score: 3, Informative


    When will people learn that identity factors are not the same as authentication factors?!?!

    A Fingerprint is something you are

    It would be a whole different story (and different pros/cons) if this was about a store requiring a fingerprint bio in place of a signature (something you do) on a Credit Card transaction.

    The biggest deal here (not mentioned very much in these /. posts) is that the store is keeping your CC info, and obviously stored in some format that they can recover (i.e. either plaintext or symmetrically encrypted (not hashed) ). Assuming the authentication was secure, would you even want them to keep that info for convenience purposes?

    That makes their DB such a huge target ... forget the claims that they have 0% fraudulent transactions ... all the transactions are happening on customers CC from other merchants because their DB traffic was spoofed, hijacked, usurped, or the DB was just plain owned!

    Who would ever capture the CC info and then try to make fraudulent purchases at a grocery store anyway? They'll go for the high-end merchandise instead, using a totally different transaction service.

    And let me guess, each customer signs an agreement (without reading it- legal jargon, bah!) stating that you release the company from any liability of storing your CC info!


    Remember: Anytime biometrics are used singulary (without another form of authentication) it is for convenience and NEVER Security.

  5. Gummy bear fakes fingerprint reader by IASmaster · · Score: 3, Informative

    I remember hearing how gelitan gummy can be used to fool a fingerprint reader. I thought it was kind of cool. If someone questions you, just eat the evidence. read the story here

    --
    There's no place like ~/
  6. Fingerprint scanners are not reliable. by LinuxFreakus · · Score: 4, Informative

    I know several people who have season passes to Disney World... when you enter the parks, there is a fingerprint reader for season pass holders.

    I've borrowed 3 different season passes before and never had a problem getting past the scanner, it just isn't reliable.

    I bet a warm hotdog would work too.