Slashdot Mirror

← Back to Stories (view on slashdot.org)

MasterCard Joining Push For Fingerprint ID Standard

Posted by timothy on from the why-not-gum-prints dept.

schwit1 writes with this selection from a story at USA Today: "MasterCard is joining the FIDO Alliance, signaling that the payment network is getting interested in using fingerprints and other biometric data to identify people for online payments. MasterCard will be the first major payment network to join FIDO. The Alliance is developing an open industry standard for biometric data such as fingerprints to be used for identification online. The goal is to replace clunky passwords and take friction out of logging on and purchasing using mobile devices. FIDO is trying to standardize lots of different ways of identifying people online, not just through biometric methods."

3 of 138 comments (clear)

  1. How about NO by AmiMoJo · · Score: 3, Interesting

    If Bastardcard think I'm giving them my fingerprints, or even a hash of my fingerprints, they are going to be sorely disappointed. Even if their own systems are secure credit card related data is the number one target for thieves and crackers. Plus, they are Mastercard are bastards, hence my childish name-calling.

    --
    const int one = 65536; (Silvermoon, Texture.cs)
    SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  2. stop jumping the gun. by nimbius · · Score: 5, Interesting

    1. perfect the payment card identification solutions you currently have.
    2. deprecate the solutions that are blatantly flawed. junk marketing flair such as RFID was a terrible idea.
    3. take a more proactive approach in identity theft, dont just triage it with a new card. target and eliminate payment card processors with a consistent history of exploit or breech. refuse to reinstate service until an independent third party audit is conducted.
    4. use when ready a new standard with a proven track record and a history of functional security. Stop inventing nonsense piecework systems that hackers swarm like flies on sugar.

    --
    Good people go to bed earlier.
  3. Re:Fingerprint != user authentication by Austrian+Anarchy · · Score: 3, Interesting

    I'll just leave this here.

    Exactly where I was going too. It is somewhat amazing that as soon as we find out that fingerprints are not truly unique, we have all of these tools to use them as bona fide ID. Granted, the odds of someone with the same fingerprint as you trying to log into your account are slim, there still should be some other secret associated with the print to allow access. It should be an enhancement to the password, not a replacement.

    On the other side of the coin, back in the early 1970s the US government had not one, but two fingerprint cards on a bank bomber I am researching right now. They did not make a match until they found his real name and pulled his existing fingerprint card to make a match to the prints he left all over his bombs and his notes to the press. That part took almost a full week. His 1972 and 1982 wanted posters had full fingerprint sets, even though he had never been arrested. They came from his US Army enlistment records from 1956, and an enlistment under an alias in 1971. He stayed on the loose until 1986, when he was identified by his picture.

    While there is some science associated with fingerprint identification, it is not quite the science that the authorities want us to believe.

    --
    Time Bomber the Book coming soon.