Face To Face With the 'Human Barcode'

silentbrad writes with this excerpt from the Financial Post: "Fast-evolving biometric technologies are promising to deliver the most convenient, secure connection possible between you and your bank account — using your body itself in place of all of those wallets and purses stuffed with cash, change and plastic cards. Biometrics is the science of humans' physiological or behaviourial characteristics and it's being used to develop technology that recognizes and matches unique patterns in human fingerprints, faces and eyes and even sweat glands and buttock pressure. Its applications in the financial realm are a potentially huge time and effort saver, but that's just a beginning for the technology's usefulness. ... [BIOPTid Inc.]'s One Touch cube, set to be on the market within a year, is an external device that users can hook up to their computers and mobile electronics to replace passwords for Internet logins and banking. The cube reads a personal sweat gland barcode to verify identity from the moisture on a user's fingertip. ... 'Biometrics is something that's used by governments, it's used by "Big Brother" to keep an eye on us and we want to change that,' says [BIOPTid chief Scott McNulty] 'We think biometrics is something that can be actually used by the people and it becomes their technology that they use to protect themselves.'"

but you can change a password

[Anonymous Coward]

Once a biometric has been compromised (e.g., someone obtains a copy of your fingerprints), you're stuffed.

"Protect themselves?"

[hotdiggity]

“Biometrics is something that’s used by governments, it’s used by ‘Big Brother’ to keep an eye on us and we want to change that,” says Mr. McNulty. “We think biometrics is something that can be actually used by the people and it becomes their technology that they use to protect themselves.”

...

The best way for me to protect myself with biometrics...is to keep the details of my biometrics out of any government or private company's database, thank you very much.

biometrics will be broken ...

[RichMan]

Scan the eyeball it has a deep 3d structure that is unique: opps,
Researchers create synthetic iris that can defeat eye-scanning security systems:
http://www.theverge.com/2012/7/26/3188518/synthetic-iris-scanning-security [theverge.com].

See all the ways to cheat on drug piss tests ....

If it is a system, it can be hacked. No system should ever take validation as 100% proof.

'We think biometrics is something that can be actually used by the people and it becomes their technology that they use to protect themselves.'"
This from the banking system that brought us 4 digit PIN codes that were considered perfect validation. *sigh*

oops, someone wrote a clueless article again

[slashmydots]

I guess yet another author has fallen victim to not knowing what the hell they're talking about again. Our technology isn't good enough to do true biometrics. Any system like he outlined is a glorified fingerprint scanner. It's not a magical device that "senses" your finger. Any biometric device takes some set of 0's and 1's and compares it to other 0's and 1's and if they match to a certain degree, it's approved. That means any of them can be faked to be close enough or hacked to approve wrong data.

Fingerprints are an image file compared to another image file. Iris scans are an image file taken by a camera and compared to another image file. Face recognition is the same. All three of those are infinitely more fake-able than a password.

To get my money now, you have to get it out of my wallet. Good luck. To fake my face, they need to take a picture of my face. That's a bit easier. To fake my fingerprints, they need to get a hold of my fingerprints and I definitely leave those in more places than my wallet. You may recall that the Mythbusters made a laser printed fingerprint on a $100 laser printer, licked it, and got past a top of the line $1000+ fingerprint reader. To fake my iris, they need a closeup of my face, also not so difficult. There really isn't any biometric data that's good enough right now to be used in financial transactions short of a DNA sequence and I'm not giving them a DNA sample and waiting weeks to buy a bagel.

Identification != Authentication

[Anonymous Coward]

Identification is the process by which the identity of a user is established, and authentication is the process by which a service confirms the claim of a user to use a specific identity by the use of credentials (usually a password or a certificate).

All biometric systems only do identification. It's about time everyone gets what biometric really is: A FANCY USERNAME.

This Summary Reads Like A Press Release!

[TheSpoom]

You know, I'm OK with the occasional bad link or poorly researched story, but could we avoid regurgitating obvious press releases from private companies? Look, editors, I really, really rarely complain about you guys, but we do expect at least a little bit of work in filtering and, you know, editing stories.

Re:Brain-damaged

[Joce640k]

Let's see. Easy to fake. Impossible to revoke. Ripe for abuse. No duress password. How is this going to protect anybody or anything? At some point, convenience trumping everything else is going to lead to a lot of INconvenient situations.

You forgot one: We leave copies of them behind us wherever we go (DNA, fingerprints...).

Re:oops, someone wrote a clueless article again

[SirGarlon]

If you follow the tech industry long enough, all the hype gets recycled and comes back in slightly regurgitated form later. For example, "thin clients" (the Next Big Thing in 1997) and "cloud" (the Next Big Thing in 2007).

Biometrics were all the rage in the late 1990s, when people were starting to recognize how problematic passwords could be. The enthusiasm died out quickly. Parent has outlined the main reasons why: they're easier to spoof than might first appear, and to use biometrics in authentication requires biometric data to be transmitted and stored (and therefore subject to compromise).

I think face recognition technology is starting to change the tech industry, but not in a good way. It's not used for authentication. It's used for automated surveillance and tracking. *That* is the future of biometrics.

Re:Brain-damaged

[19thNervousBreakdown]

Almost though, right? Because honestly, it's an insane claim. Your sensors are measuring an image, we can make very convincing images. Make your sensor fancy, have it measure heat. We can generate heat to incredibly precise degrees faster than you can blink. Heartbeat, capacitance, translucency, these are all child's play once we know what you're looking at. Since your sensors are almost surely of lower resolution than we're capable of reproducing, the key is the algorithm.

Now this? Sweat glands? We can make Blu-Rays, but you don't think we can spoof a sweat gland to the precision that you're measuring it? Please.

My ears will perk up in interest if or when a biometrics company claims that they're measuring an effect we're unable to reproduce. Create a biometric system that authenticates based on the subjective experience of consciousness. Now that's biometrics.