Slashdot Mirror
Debit Card With Built-In Fingerprint Reader Begins Trial In the UK (theverge.com)
British bank Natwest is trialing the use of a new NFC payment card with a built-in fingerprint scanner. "The trial, which will include 200 customers when it begins in mid-April, will allow its participants to make NFC payments (called 'contactless' in the UK) without needing to input a PIN or offer a signature," reports The Verge. "The standard [30 British pound] limit for contactless payments will not apply when the fingerprint is used." From the report: Currently, anyone can make a contactless payment in the UK by tapping their card on the terminal to make a payment. As a result of this lack of security, a [30 British pound] limit is applied to such payments, with retailers requiring you to place your card into the card reader and enter a PIN for more expensive purchases (commonly referred to as the "Chip and PIN" method). Although mobile payments require authentication, customers often find they're subject to the same [30 British pound] limit. The fingerprint data is stored locally on the card, meaning there's no security information for a hacker to be able to steal from a bank's central database. It's not foolproof -- there's always the risk a sufficiently determined thief could steal and imitate your fingerprint -- but it's much more secure than a PIN that someone could learn by simply looking over your shoulder as you enter it.
This type of 2FA relies on the two factors being (1) something you have, and (2) something you know. In the case of Chip and PIN, the chip (embedded in the card) is something you have, and the PIN is something you know. The orthogonality of these two factors means scenarios which result in the loss of one are unlikely to result in the loss of the other, and vice versa. Even if someone steals the card, they cannot use it because you have not revealed our PIN. Even if you tell someone your PIN, they cannot use it without physical possession of the card.
This new card they're trying changes the two factors to two things that you have. That makes fraud far more likely, because things which result in the loss of one are likely to result in the loss of the other. If you lose the card, a thief may be able to lift your fingerprint off the card itself. If someone dies and a person runs across the body, they have access to both the finger and the card.
That's really the whole point of 2FA. It's not "throw a couple roadblocks in the way of thieves and hope one of the works." It's designing the two roadblocks so there's minimal intersection of their weaknesses. Switching it to two physical factors results in a system that's not much more secure than having just a single factor.