Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Security The Almighty Buck

Biometric Voice Recognition Credit Cards 122

Posted by timothy from the all-others-pay-cash dept.
securitas writes "New Scientist's Celeste Biever reports on the latest in biometric security devices: voice recognition credit cards. The device is three times the size of a normal credit card, has a 'microphone, a loudspeaker, a battery and a voice-recognition chip' and is intended to help reduce credit card fraud. The owner speaks a password into the card and the card emits an authentication squawk. Bruce Schneier loves the concept of BeepCard's related sound authentication technology. Other articles at the Telegraph and The Register."
This discussion has been archived. No new comments can be posted.

Biometric Voice Recognition Credit Cards More

Biometric Voice Recognition Credit Cards

Comments Filter:

  • Re:3x the size!?! (Score:3, Interesting)

    by emc ( 19333 ) on Saturday April 24, 2004 @03:05PM (#8960264)
    I hope it's 3x as thick, not 3x as long or wide...

    and no, I did not RTFA

  • Miss Piggy in the Middle of a Sandwich (Score:5, Interesting)

    by t_allardyce ( 48447 ) on Saturday April 24, 2004 @03:13PM (#8960309) Journal
    Read the article but still not sure how it would stop a man-in-the-middle? True it would require that you disrupted communication but thats feasable - eg if someone is using their card on their cell-phone, kick in a cell-phone jammer as soon as the person speaks into the card, the card still plays the sound for you to record it but it doesnt get through the call? it could also work the same way on a comprimised computer or malicious web-site (think IE browser bug that allows your active-x to hi-jack someone elses)?

    People have to remember that the transaction isnt secure until its been made.

  • Hmmm... (Score:4, Interesting)

    by LordK3nn3th ( 715352 ) on Saturday April 24, 2004 @03:16PM (#8960326)
    I wonder how successful this will be.

    This seems to be one of those technologies that either flop or revolutionize the way business is done.

    It's a nice concept, but what happens when someone "loses their voice", so to speak? Can't buy anything until with it until their voice returns? How well does it interact with accents, background noise, etc?

    I don't know how feasible this is but I'd imagine a thumbprint-sensitive card would be much more easier to deal with.

  • Voice print?!?! (Score:2, Interesting)

    by leon.gandalf ( 752828 ) <leon.gandalf@gmail.com> on Saturday April 24, 2004 @03:24PM (#8960359)
    now thats just plain stupid. If you want a biometric card put a damn thumb print reader on it.

  • no special hardware? (Score:5, Interesting)

    by hak1du ( 761835 ) on Saturday April 24, 2004 @03:30PM (#8960395) Journal
    Why do I like this? It's a physical authentication system that doesn't require any special reader hardware

    I don't see why a microphone is any less special than a USB port or an IR port. If anything, just about any computer these days has a USB port.

    And using IR for authentication, many modern phones and almost all modern PDAs will do; all you need to do is plug an IR dongle costing a few dollars (in quantity) into the USB port. And IR can be made interference proof much more easily than sound.

  • You know what... (Score:2, Interesting)

    by Anonymous Coward on Saturday April 24, 2004 @04:05PM (#8960605)
    I'll just take my chances with credit card fraud. With the current zero-liability policies of most issuers, or the $50/card legal limit, I can afford it.

    Merchants can afford to take their chances, too. According to that well-known radical organ, The Wall Street Journal, credit card fraud amounts to $0.06/$100 of overall charges. Oh, the humanity! You can see why merchants spend so very much time whinging about a massive 0.06% loss rate.

  • Re:Potential problems... (Score:2, Interesting)

    by clone22 ( 252516 ) on Saturday April 24, 2004 @04:39PM (#8960813)
    If the same password were asked for all the time then there is a higher risk of compromise. The way authentication works is that you are asked to say a word/phrase and you have to say what is in the grammar that the interpreter is expecting to hear and the voice print must match. Number sequences are easier to get a match for, grammar wise. But, they also make it easier to spoof, since you could dial in a number sequence in your Palm Pilot with 0.wav .. 9.wav and play it. Also, the sampling rate when recording the .wav needs to be pretty high.

  • Re:Convenience? (Score:1, Interesting)

    by Anonymous Coward on Saturday April 24, 2004 @05:09PM (#8960997)
    If you read the earlier article on BeepCard, the card produces a unique squawk each time, like a SecurID card.

    I'm a bit hazy on how these unique sequences work. Off the top of my head, I think the card has a local high-precision timer in it, and it uses the timer value as an input value to a cryptographic function. If the timer is accurate WRT the server timer, then the encrypted values can be compared. But the factor of the time-input prevents a replay attack.

  • Re:Convenience? (Score:3, Interesting)

    by afidel ( 530433 ) on Saturday April 24, 2004 @11:31PM (#8962897)
    Exactly. In fact if the credit card companies were serious about security all cards would have had a photo on them a decade ago or longer when CitiCorp and a couple others started using the tech. That way even the proverbial high school drop out would have little trouble spotting a stolen card (more high tech theft like imprinting the number on a card with the thiefs pic would still work but it would significantly raise the bar) that combined with one time use online numbers ala Amex Blue would get rid of probably 90+% of ID theft.

Slashdot Top Deals

Kleeneness is next to Godelness.

Close