Slashdot Mirror

← Back to Stories (view on slashdot.org)

Fingerprint Purchasing Technology Ensures Buyer Has a Pulse

Posted by samzenpus on from the no-zombie-shopping dept.

An anonymous reader writes "A small U.S. university has come up with a novel solution to reduce the possibility of using a dead person's hand to get past a fingerprint scanner through the use of hemoglobin detection. The device quickly checks the fingerprint and hemoglobin 'non-intrusively' to verify the identity and whether the individual is alive. This field of research is called Biocryptology and seeks to ensure that biometric security devices can't be easily bypassed."

24 of 156 comments (clear)

  1. How about O2? by Comrade+Ogilvy · · Score: 4, Insightful

    Checking for oxygenation level might be possible. Does not have to be a very accurate reading.

    1. Re:How about O2? by gandhi_2 · · Score: 4, Insightful

      Passwords, someone complains you can just beat people with wrenches.

      Biometrics, someone complains you can just cut off a body part.

      Biometrics with life detection, someone complains the system can't detect if the persons family is being held hostage....

      --
      THL phish sticks
    2. Re:How about O2? by X0563511 · · Score: 2

      Erm, no? HIPAA talks about medical records. If all you're doing is keeping a particular biometric, that would not fall under HIPAA.

      --
      For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
    3. Re:How about O2? by Nihilanth · · Score: 2, Insightful

      For the last bit, this is probably a desired feature. You'd -want- the device to be able to detect if you're under duress.

  2. Gun to the Head by rodrigoandrade · · Score: 2

    Does the device only check for pulse or does it also compare to the person's normal blood pressure (which was obtained upon registration into the system) to make sure the person being authenticated isn't being coerced into granting access to unauthorized personnel/burglars, etc???

    1. Re:Gun to the Head by ColdWetDog · · Score: 2

      One would hope the cashier would notice. After all, the assailant can only point the gun in one direction.

      Ee's not dead! Ee's just pining for the fjords!

      --
      Faster! Faster! Faster would be better!
    2. Re:Gun to the Head by X0563511 · · Score: 2

      Blood pressure is a wildly varying metric.

      Try it. Measure your blood pressure at various points of the day over a week.

      I'd also be interested how one might reliably check blood pressure with access to only a finger.

      --
      For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
    3. Re:Gun to the Head by Anonymous Coward · · Score: 3, Funny

      If someone's using a severed hand to pay for gas, I think your gas station might have bigger problems.

  3. IANAL by masao · · Score: 5, Funny

    How will lawyers use it?

  4. Biometric Authentication is a bad idea. by Anonymous Coward · · Score: 5, Insightful

    Here's a good reason why: What happens when someone manages to steal your password? You change it. What happens when someone managed to recreate your DNA or other biological identifier used for authentication? Good luck getting new DNA or fingerprints.

    1. Re:Biometric Authentication is a bad idea. by fredrated · · Score: 2

      Sounds like the basis for a start-up!

    2. Re:Biometric Authentication is a bad idea. by Nemyst · · Score: 2

      If someone manages to recreate your DNA and then recreate an adult hand from that, I'd say A) you have bigger problems than authentication and B) we've gone way past current technological levels.

  5. Protects against zombies by bab72 · · Score: 2

    And it also protects you data during the zombie apocalypse!

    --
    Bab72 (Not my real name)
  6. Not checking pulse by crow · · Score: 4, Insightful

    The title is wrong. This is not checking for a pulse. If it were, then people with artificial heart pumps like Dick Cheney wouldn't be able to use it. They are alive, but do not have a pulse.

    That said, I could see something like this checking for a pulse. This brings up the interesting problem of how to handle biometric checks for people who don't have those biometrics. Not everyone has fingers. Not everyone has eyes. Not everyone has a pulse. Maybe you don't care about that, as you don't have any of them among your target users, but what happens when that changes? You need a plan to handle that.

    1. Re:Not checking pulse by CanHasDIY · · Score: 5, Funny

      ...people... like Dick Cheney... are alive...

      That seems debatable.

      --
      An enigma, wrapped in a riddle, shrouded in bacon and cheese
  7. Almost worthless by codepigeon · · Score: 3, Informative

    I actually read the article; what a useless waste of a web page.

    There is only one paragraph that mentions anything about the technology, and that is the paragraph in the summary here.
    The rest reads like filler material and pimping the advantages of investing/working in the upper midwest.

    Lame. I was hoping for more details.

    1. Re:Almost worthless by dgatwood · · Score: 2

      A replacement for credit cards that is even less secure than the current ones doesn't sound like a good idea to me.

      If this is just checking for the presence of capillaries, I can't think of any reason that it couldn't trivially be fooled by a slight tweak to the gummy bear trick in which you stick the glue pattern print onto a shaved elbow instead of a gummy bear.

      If, on the other hand, this is trying to determine who you are based on the pattern of blood vessels, I suspect that the methodology is just plain doomed to fail. What makes fingerprints a good method of identification is that they are relatively static. By contrast, the blood vessels in your skin change significantly over the course of your life, particularly in your fingertips. Every time you get a paper cut, new capillaries form. Imagine having to update your biometric profile every time you get a paper cut or a solder burn. :-)

      --

      Check out my sci-fi/humor trilogy at PatriotsBooks.

  8. Does it check to see if he has a gun to head? by boddhisatva · · Score: 4, Insightful

    This kind of stuff is good marketing. Useless, but that hasn't stopped anyone from blowing money so far.

    1. Re:Does it check to see if he has a gun to head? by boddhisatva · · Score: 2

      Once they're in, you're dead weight. And speaking of dead...remember that gun to your head?

  9. Too late to matter by RicardoKAlmeida · · Score: 2

    Now convince criminals that your disembodied fingers won't work. There will always be skeptics. Don't worry, your missing fingers won't do the job for them.

  10. yeah, right by cellocgw · · Score: 3, Interesting

    Show me a biometric test that can't be spoofed for 10% the cost of the test hardware. Go ahead, I dare ya.
    Fake retinas and fake fingerprints took, what, a couple weeks to show up after their respective scanners went into production? Why should any other sort of bio-scanner/detector be any different?

    --
    https://app.box.com/WitthoftResume Code: https://github.com/cellocgw
  11. Gummy bear attack by femtobyte · · Score: 2

    Does this device offer the least bit of protection against the "gummy bear attack" (i.e. a thin molded replica fingerprint, formed from, e.g., etched gelatin, over a living finger)? If not, then it's pretty useless (because lugging around a whole dead body or even severed finger is already riskier/harder than a simple replacement mold).

  12. Are they adding a pulse oximeter? by rwyoder · · Score: 2

    The article was delightfully free of actual info, but I assume they are just adding this: http://en.wikipedia.org/wiki/Pulse_oximetry

  13. Old idea by drdread66 · · Score: 2

    Whoop-de-doo. There are several outfits that have done something similar over the years, including companies that have tens of thousands of fingerprint devices out on the street already. I would be somewhat surprised if the tech covered in this article is not already patented by Lumidigm or somebody like them.

    "Liveness checks" have been a part of fingerprint tech for many years now, ever since the famous "ghosting" attack on the early L-1 and Cross Match sensors. Whoever wrote the article didn't do their homework if they think this is actually "news."