Slashdot Mirror
MasterCard To Approve Online Payments Using Your Selfies
An anonymous reader writes: MasterCard is experimenting with a new program: approving online purchases with a facial scan. Once you’re done shopping online, instead of a password, the service will require you to snap a photo of your face, so you won’t have to worry about remembering a password. The Stack reports: "MasterCard will be joining forces with tech leaders Apple, BlackBerry, Google, Samsung and Microsoft as well as two major banks to help make the feature a reality. Currently the international group uses a SecureCode solution which requires a password from its customers at checkout. The system was used across 3 billion transactions last year, the company said. It is now exploring biometric alternatives to protect against unauthorized payment card transactions. Customers trialling the new technologies are required to download the MasterCard app onto their smart device. At checkout two authorization steps will be taken; fingerprint recognition and facial identification using the device's camera. The system will check for blinking to avoid criminals simply holding a photograph up to the lens."
it would prevent photos, but not videos (real footage or animated picture)
Oh yes, this system is going to be really secure.
The system will check for blinking to avoid criminals simply holding a photograph up to the lens
Oh well that's great then, no WAY around that, it's not like a simple app could make a photograph appear to blink.
How long until someone makes an app that adds blinking eyes to a photo?
App? App? App?
Never. Use. Biometrics. For. Authentication
They've partnered with Google so darkies can look forward to gorillas emptying their account.
Obviously this has ridiculously low security, but the way chargebacks work if there is a fraudulent purchase with it, the merchant wears the cost. Not Mastercard. So there's no downside for Mastercard, and the upside is the novelty value will have narcissists using it... and spending more. "Once approved, the chargeback cancels the financial transaction, and the consumer receives a refund of the money they spent. When a chargeback occurs, the merchant is accountable, regardless of whatever measures they took to verify the transaction. In 2013, LexisNexis reported that merchants pay up to US$2.79 for every $1 lost in fraudulent transactions." https://en.wikipedia.org/wiki/...
If the application is locked to the phone, then it's really not so bad. Enrollment would be the weakest link, but that can be done fairly securely with a one-time password that comes out of band.
And yes, applications can be (to some extent) locked to a device.
The system will check for blinking to avoid criminals simply holding a photograph up to the lens.
So a video will work just fine then? This is a STUPID idea.
good thing for them that phones and tablets have pretty good video cameras these days, too......
I'd just print a photo of someone and put it in front of the cam
Once again a company decides to use something that should be equivalent to a user-id as a password and gets it wrong.
This is the same deal as it is with using fingerprints as 'passwords.': http://blog.dustinkirkland.com.....
http://harridanic.com
What's to stop me jailbreaking the device, downloading and installing the MasterCard selfie payment app and then spoofing the camera while feeding it other people's photos? Side note: My browser correct the capitalisation of MasterCard... THE NEW WORLD ORDER IS HERE!!!!
I can't even start to wonder why a critical, money-bound company would even think of facial recognition for secure payments...
Simple hack comes to mind the first 2 seconds after reading this headline:
And can I opt-out before the "payment method" is launched?
I mean .. algorithms have a hard time differentiating between a gorilla and a negroid, how are they going to differentiate a Chinaman from another Chinaman ?
Why bother forcing the user to take a picture? The fingerprinting is far more secure. Until all phones have depth cameras, it sounds like you could use a gif or video of the person to pass the face check. That's too easy to create. Since this system already requires the user to have a phone, why not have them keep the password on the phone so they don't have to remember it? If the phone gets stolen, it's likely to have fingerprints of it's owner on the case and the owner will likely have self-portraits too. A few hours later and the thief has all they need to start buying. If you're concerned about malware stealing stored passwords, then you should also be concerned about malware intercepting the fingerprint and facial 'scan' and reusing that data.
Why do I get the feeling this data will be sent to the police to look for criminals. After all, anything that helps get those bad guys away from my family is good.
Plus I wouldn't want a purchase halted because the recognition software failed to recognize my soggy head (it rains a lot here).
And you can bet your last dollar that the photographs will go via all the 3 letter agencies too.
Assuming that logging in to the app is done securely the first time it is installed, the app can then generate a strong private/public key pair and use that for identifying itself.
Abusing the feature would then require at least:
1) A valid private key, either by the initial setup or somehow stealing it from a device it was generated on, and
2) Photos/video of the user
The second is easy to come by nowadays, the first one is considerably harder.
... though most people are stupid enough to give their fingerprints over to a private company... Unbelievable.
"Gorillas are not authorized to use this credit card."
Sorry, after seeing Google was one of the partners working on this face recognition thing, I couldn't help myself. :p
I'm not sure many citizens would willingly let their Government build a handy database of every persons; photo, finger print, location, and finances all in one place.
Yet that appears to be what this payment gateway will allow. Sure, its a private enterprise, but since when did that stop a Government demanding or just taking the data?
With access to this source, they can mine for facial recognition & finger print hits. With the phone tracking they can then map people to location to their face.
Attend a demonstration? or protest march? If you take your phone they know what you look like and spot you in the crowd, if didnt take your phone they can match your face to your account.
Even if the Government don't intend to do this, we already see bored Intelligence Analysts digging through their dirt on girlfiends, neighbors, etc.
Imagine a 'HotOrNot' search, that then links them to their phone and finances.. Stalker paradise.
Will be first port of call then for many fraudsters.
Google name, city, of mark to find their (normally) public Facebook profile, and save their profile pics to use for facial recognition.
Easy peasy.
Tim
There are already cameras installed and running facial recognition in many public places in the US. This information would surely be obtained and used by government agencies using national security letters. If it's not here already, the day is coming where you are monitored and tracked nearly all the time. That's not freedom. STOP USING CREDIT CARDS! Use cash whenever possible. If you continue to use credit cards, you are selling your freedom in the name of convenience.
Preamble to demanding to have your face scanned regardless?
I sort of worry that there is a drive in the industry to simply push such technology just for their benefit, and maybe also because of some more sinister motives with regard to what one might call the surveillance society.
Simply having people develop such technology might be a bad thing I think.
This is MasterCard's way of starting it's own biometric database....
Won't be long before they will claim the only safe way to identify a person is their DNA. Of course they will be more than happy to share that information with gov and health insurance company that will be more than glad to charge you up the wazooou.....
By then corporations will know every single possible detail about us. Your resting heart rate, your normal internal temp, what pheromones you secrete etc etc etc......And may TFSM have mercy in our souls if we continue on this path of empowering right wing bible thumpers (in the west)
We are sooo fucked.....well beyond what Orwell predicted...probably in a generation or 2.
Unless we collectively wake the fuck up and change how our society works and what we value (yeah right lol).
It is still stupid, as the software can be cracked or you could cheat the sensor with a photo printout or a photo on another phone.
The system will check for blinking to avoid criminals simply holding a photograph up to the lens
That will work as long as no one invents a portable computer with a high resolution display. Such a device could be called .... a tablet.
You could implant a cryptographic radio transponder with a 666-bit keypair in people's forehead or right hand. The plus side is that it'd combine the positive aspects of a "something you have" transponder with biometrics' resistance to loss or theft. The minus side is protests from Christians who think it's the mark of the Beast mentioned in the revelation to John of Patmos.
* Actual theft, not copying.
Gorillaz? I thought keeping the snack counter at Feel Good Inc. supplied with Milk Duds took an American Express business card.
STOP USING CREDIT CARDS! Use cash whenever possible.
Sometimes it isn't possible. What should someone use to buy goods that aren't sold in any store within his home town, such as electronic parts in the post-RadioShack era?
And the chance of that being implemented correctly is what, 1%? Now obviously MasterCard probably is better at this than random app-devloper considering that they have to pay the people whose cards are hacked, but since it's a closed app we only can speculate.
Honest question... Identical twins had better really trust one another if they get a card with this feature.
Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
It is still stupid, as the software can be cracked
Yup. It is based on public key cryptography, so all you need is every quark in the universe calculating once per planck time, and you will have it cracked in less than a googol years. Trivial.
you could cheat the sensor with a photo printout or a photo on another phone.
Can you look at a phone and tell it isn't a live person? Why do you think it would be difficult for a computer? Some early naive implementations of facial recognition could be fooled by a photo. Modern state-of-the-art facial recognition can detect the difference.
This technique may not be perfect, but it is a big security improvement over the current system. It will require two factors: biometric and physical possession of a registered device. For transactions over a set size, it could require a PIN as well, as a third factor.
Says it all. This is just a way to get 100% of everyone into a photo database so we can be tracked everywhere more effectively. Guess what, assholes? I don't have and don't want a smartphone, I'm not going to cooperate with this bullshit, and I think I'm far from alone in that sentiment.
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
Payment card holders should have a physical token with a number on it that changes and matches that of there bank. Thus tying the transaction to the person holding the payment card. Add a keypad to the payment card and then the consumer can reasonably be held liable for any "unauthorized" charges. If the consumer doesn't like unlimited liability (which is reasonable) then they can take measures (probably should be default) to set maximum hourly, daily, monthly limits and get notification upon hitting said limits (ie via email, text, phone, etc).
Provided the merchant secures there own system there is no liability beyond this. Provided the consumer doesn't reveal the password there is no liability either. Best of both worlds. Provided the bank secures its systems again- no liability there either. This system would put the liability on each party for failing to secure there part of the transaction.
Easily.
I doubt that. I doubt that a facial recognition software can differentiate reliably humans and photos (or videos), as a person could be standing still and then you get a false negative (nobody wants that). I also doubt that it is not possible to feed it recorded information which is from the software's point of view also only a video stream.
Personally, I find a chip + PIN save enough. The your third option is the standard these days (at least in Europe). Maybe they should extend the PIN to 5 or 6 digits. And to prevent future IR scans of the pad, it should be heated to, e.g, 28C.
Looks like http://www.shocard.com/ lost the pitch completely :-(
I doubt that. I doubt that a facial recognition software can differentiate reliably humans and photos (or videos)
Try this:
1. Show your mom of photo of yourself.
2. See if she can distinguish between you and the photo.
3. Ask her how she did it.
What she will say, is that the photo is 2D and you are 3D. As your mom shifts her head left and right, she sees you from a slightly different perspective.
A cell phone can do the same. It has a 3-Axis motion detector, so it can detect its own movement, and see if the perspective of your head corresponds to that movement. It would be impossible to duplicate that with a photo, and nearly impossible to do it with a video.
a person could be standing still and then you get a false negative
No human with a beating heart can hold a phone that steady.
Personally, I find a chip + PIN save enough.
That option will be available if you prefer it.
Maybe they should extend the PIN to 5 or 6 digits.
Bad idea, since people will write them down. 4 digits is good enough. Brute force guessing of PINs is a non-problem.
Just need to make a fun novelty "What does your fingerprint say about you?" quiz - have users log in with Facebook, upload a high-quality pic of their fingerprint, then give them some silly fortune cookie blurb. Then it's just a case of replicating their fingerprint and stealing a selfie off of their Facebook page. SHOPPING SPREEEEEE
Both of you are wrong and so is Dustin Kirkland (whoever he is). The core of your error is in this statement:
Only secrets can be used as token for authentication.
That sentence is true, as stated, but only because it includes the word "token". Yes if you're using secret tokens for authentication, then the tokens must be secret. But exchanging secrets (or proof of possession of secrets, which is what most cryptographic authentication protocols do) is not the only way to do authentication. Not by a long shot. In fact, humans hardly ever use secrets for authentication.
How do you identify and authenticate your mom? Do you ask her for a secret password? Of course not. You use the same tools for both identifying and authenticating her, and those tools are a set of biometric markers. The same set of tools are also used in high security situations. Back when I was a security guard in the Air Force, I was trained that personal recognition is the very best form of authentication. Not only is it not necessary to check the badge of an individual you know personally, badge-checking is inferior to personal recognition for authentication (note that badge-checking may still be important for authorization, verifying that the person who has been identified and authenticated actually has permission to enter. Thus I was trained to always check the access control list before allowing someone near nuclear weapons).
With respect to user authentication in electronic contexts we generally use secrets because computers don't (or at least haven't) had the ability to use the sorts of biometric authentication that humans use quite effectively. But, when we equip them with biometric sensors, they can.
HOWEVER, this does not mean that biometrics are useful for authentication in all circumstances.
Secret-based authentication has the advantage that -- assuming the secret has sufficient entropy and can be assumed not to have leaked nor been intercepted and cannot be rerouted (note that that's a pretty long list of criteria, some of which are hard to establish) -- you don't have to worry about the possibility that the authentication could be spoofed. An attacker who doesn't know the secret can't fake knowing the secret.
Biometrics, though, are not secrets. They are public knowledge. This means that an attacker must be expected to have access to copies of our fingerprints or faces. The biometric authentication process is different, though. It does not rely on secrecy of the authenticator, but instead on non-replayability. If we can be certain that (for example) the fingerprint placed on the scanner belongs to the person we wish to authenticate, and that the stored template we match against belongs to the person we wish to authenticate, then we can perform a good authentication. The fact that the fingerprint is not secret does not matter.
Where biometrics fail is if (a) we can't be certain that the livescan data acquired from the sensor belongs to the person trying to authenticate or (b) the stored template belongs to the person we wish to authenticate. Part (a) is particularly difficult to validate in many contexts because faking the input isn't necessarily hard to do, and in some cases an attacker can even bypass the sensor entirely and simply inject a digital copy.
This doesn't mean biometrics are worthless, it just means they're only useful in certain contexts. And, again, their utility for authentication has nothing to do with their secrecy. And rotation is likewise irrelevant and silly to discuss. You need to rotate secrets because you can't be certain they have stayed secret and because if they have low-ish entropy they may have been brute forced. None of that applies to biometrics because they're not secrets and their utility as authenticators does not depend on secrecy.
Can we please kill this incorrect meme about biometrics as identifiers, not authenticators? They can be either, o
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
YOU'RE ALL FUCKING MORONS!!
Privacy/Security is not the problem. It's the simple fact the absolute motherfucking theiving scumbags at mc want to penetrate smartphones with their 'one more pos useless ap'. I'd be happier sending them a pic of a smartphone shoved in their collective asses.
Obviously this has ridiculously low security, but the way chargebacks work if there is a fraudulent purchase with it, the merchant wears the cost. Not Mastercard. So there's no downside for Mastercard, and the upside is the novelty value will have narcissists using it... and spending more. "Once approved, the chargeback cancels the financial transaction, and the consumer receives a refund of the money they spent. When a chargeback occurs, the merchant is accountable, regardless of whatever measures they took to verify the transaction. In 2013, LexisNexis reported that merchants pay up to US$2.79 for every $1 lost in fraudulent transactions." https://en.wikipedia.org/wiki/...
I heard that merchants actually pay "up to" a zillion dollars per dollar lost due to fraudulent transactions.
Of course, the actual amount is considerably less than $2.79. It is, in fact, exactly $1. Because if they lost two dollars per dollar lost they would have lost two dollars, not one. If they want to say that each dollar of goods lost costs them up to $2.79, then they should use the actual or average figure, because up to $2.79 means anywhere between a 0 and 279% of the base cost,m which is way too vague to be meaningful as anything other than "at most about 3x"
See subject: ...Are 6's (@ start, middle, end of them) + RFID ink (used to track cattle already) are ALL you'd need to implement a "cashless society" & serious CONTROL of people really (quoting David Rockefeller to the late Aaron Russo in that regard "Anyone gets outta line? We cut off their 'chip', they starve" except you DON'T NEED A CHIP ANYMORE TO PULL IT OFF, only a 'mark' (holographic rfid ink tatoo))...
Look into both tems of technology here &, be amazed.
(Oh, "the infamous 'they'" say "Those aren't 6's on those UPCs" but anyone with EYES comparing one with a "6" on it would say QUITE otherwise (I myself did & worked with UPC symbols in programming for the likes of Welch Allyn + their subsidiaries & partners in my programming career professionally)).
APK
P.S.=> It's interesting stuff & "The Number of the Beast" is highly possible due to them both... apk