Fun with Fingerprint Readers 300
Two pieces of news that came in today make a fun counterpoint to each other. First, a grocery chain is trying out a biometric checkout system. Bring your groceries, pay with a fingerprint. Unfortunately, a story in Bruce Schneier's monthly newsletter notes that fingerprint scanners can be fooled with a bit of gelatin.
Stick my finger in it (Score:4, Funny)
Re:Stick my finger in it (Score:3, Insightful)
Uhhh, you must've missed the part about taking latent prints and etching them into PCBs, right? Unless you religiously wear gloves, you could be pretty much screwed on this fingerprint deal.....
Biometrics (Score:2, Redundant)
Thanks.
Re:Biometrics (Score:5, Interesting)
On the other hand, if a biometric database is compromised, you lose the integrity of a part of your body. This means someone can now use tricks like the gelatin one outlined here to impersonate you. But you can't get another body. You can't revoke the compromised data.
In general, biometrics are more accurate for authentication, but their failure modes are much more severe.
Re:Biometrics (Score:4, Funny)
Well, I've got ten fingers and ten toes. That makes me good for twenty lost body parts, if I can get my foot up onto the checkout without straining my groin.
*Should* hash the finger print data (Score:2)
Re:*Should* hash the finger print data (Score:2)
Also, if you're only taking the hash, that makes the system easier to spoof, since an attacker doesn't care about the whole print, just its values at certain points.
Re:*Should* hash the finger print data (Score:2)
What's this idea that hashs weaken the uniqueness of its data? If that was the case, password crackers would be a LOT faster than they are.
Re:Biometrics (Score:2)
But since biometics would happen locally, could the average criminal get the biometric database, duplicate a fingerprint from the encoded fingerprint data and use it? How about cloning up some DNA? Beyond a physical attack, these things don't come easily, and definately not in the volume of compromised users that would make something like this profitable.
Biometrics are nice not because it will be impossible to duplicate, but rather because it will be difficult and expensive to duplicate.
Re:Biometrics (Score:2)
Duplication/compromise of the system *will* happen, if the reward is high enough. The question becomes, what do you do then? For traditional card systems, you revoke the card. You can't do that with biometrics, which is a concern for any system of this sort.
Re:Biometrics (Score:2)
Re:Biometrics (Score:5, Insightful)
You shop at a supermarket where your checkout is governed by your fingerprint. This works pretty well, for you... they store some personal info (CC#, name, address, etc.) and you just touch a pad to check out.
Now imagine that someone manages to replicate your fingerprint (which sounds like it will take about $10 and an afternoon). What do you do? If it were a credit card which had been stolen you could have it destroyed and reissued... but that doesn't work with your finger! Once someone spoofs your finger, it's over. You can never use your finger for ID again, because it's not certain that you're the only one.
That's bad.
Or how about this: Biometrics are easy. Really easy. I mean, you don't have to carry anything, you don't have to remember anything, it's great!
Which is why all kinds of places like video stores, restaurants, etc. would love it... they could make things more convenient for their customers and get faster customer service times, etc. The big drawback is that every transaction is indellibly associated with _you_. Right now, you can pay cash, give fake names, etc. and leave no trail as to what porn you rent, or how much cabbage you buy (you cabbage loving sicko!), but with super-convenient biometrics they know _exactly_ who you are every time.
That's probably bad too.
What's worse? Well, consider that you're pretty attached to your body in general. Though it's possible for you to get fake ID, a fake birth certificate, etc. there's very little in the way of a fake body you can get (plastic surgery aside, modifying the bits used for biomentrics isn't generally feasble - think retinal scans). So now, if for some reason you need a new identity, you pretty much can't have one. There's just no slipping through the cracks.
Why is that bad? Well, it's really only bad if you are doing something illegal, right? Sadly, "something illegal" often can be translated as "something politically unpopular". The idea that we should have the ability to change our government, by revolution if need be, is so deeply ingrained into the Western conciousness (and maybe the Eastern as well, though I don't know...)that it's not at all surprising you get creeped out by biometrics.
Re:Biometrics (Score:5, Insightful)
Why is that bad? Well, it's really only bad if you are doing something illegal, right?
Wrong! What if you're in a witness protection program?
OR if you simply have a stalker and need to change your identity? Or if you have a shite name and you wanna change it. Or if things about you change, like you had leprosy but are now cured. Somone with outdated info will read you still have leprosy.
Your data is probably readily available from many sources, some of which will be insecure. You're screwed.
Re:Biometrics (Score:2)
Umm, they need your finger to do that. It is possible that I might not notice a thief picking my pocket, but I'm pretty sure I'd notice if he were trying to make a gelatin mold out of my finger.
Re:Biometrics (Score:2)
Did you read the article? It plainly stated that the most interesting part of the experiment was lifting fingerprints from a surface and producing an artificial finger.
Re:Biometrics (Score:2)
Re:Biometrics (Score:2)
One response pro-biometrics (Score:5, Informative)
Biometrics, like any other system, has it's flaws. Schneier himself points out in a previous article "Biometrics is a unique identifier, not a secret". And now it doesn't even appear to be a unique identifier. So what gives?
What gives is that it's quite possibly the best system around, at least when compared to all the others. What are your alternatives? Passwords? Digital Certificates? Smart (dumb) cards? SecureID tokens? None of these are as unique to a user as a Biometric is. As a matter of fact, NONE of these are unique to a user - Certs are unique to the computer or card they reside on, the cards and tokens are physical objects that anyone can have, and finally your password everyone knows because you wrote it on a Post-It(TM) note on your monitor (or under the keyboard or tape dispenser).
Now, that doesn't mean you can blindly put a Biometrics system in place and call it a day. Installing a setting up Biometrics requires thought, consideration and risk analysis.
To answer some of the fears, no, most Biometrics databases don't give you anything when compromised. Why? Because they don't store the biometric. They merely store minutiae from the sample. These can be loosely defined as a series of data points illustrating some of the salient features of the biometric registered. If it's your fingerprint, the database merely contains a bunch of vectors illustrating where the most important ridges and forks and such are on your print. THIS INFORMATION IS NOT ENOUGH TO RECOVER THE PRINT. It's encryption, it's processing (the database might be encrypted, though). While you could potentially create a Biometric from the minutiae (assuming you understood the data format and what it describes) that fooled the algorigthm the minutiae were sampled from, your "faked" fingerprint would not fool a different algorithm.
Regarding anonymity, it will still exist. Nobody will stop you from going to the ATM and picking up cash before you head to the store to get the Goatse man's greatest gaps volume 16.
Anonymity needs to exist, but so does liability and responsibility. That ever-necessary anonymity will continue to exist, and you will probably be able to get it just as well as you can now. The difference is you will not be able to erase yourself and get away from your previous responsibilities/liabilities. The two are different concepts.
As for the "identification" issue with Biometrics, allow me to illustrate one simple point - most commercial Biometric fingerprint systems have a false acceptance rate of 1 in 100000 at most. Any decently sized organization compiling Biometric data will probably register a heck of a lot more. Identifying a user in a big population from a random biometric sampling is a data processing nightmare - that's why that whole Visionics video-camera-at-stadium thing sucked so bad. Biometrics however are really good for saying "My name is John Doe, and here's a fingerprint (or two) to prove it". Or, at a company case "my userid is jdoe and here's my fingerprint to prove it".
This problem is the identification (finding user in a population) versus authentication (verifying a claimed ID) problem, and it's much discussed in Biometric literature. God knows I've had to preach this one out about 600 times in the past few months when meeting with different departments.
So it really comes down to implementation, and alternatives. You can have your money tied to a credit card number, and when someone finds the receipt you threw away they can impersonate you at Amazon.com until the next bill arrives. Or, you can have it tied to you card, but need a fingerprint to access the card. The idea is enhancing, not necessarily replacing.
As a lot of you have heard, authentication/verification systems usually work with something you know (password, pin), something you have (token, smart card, mag card) or something you are (biometric). The best systems use all of the above.
Even then you still need to figure out your risk scenario. For your average office building with access controls at doors and other entry points a system asking for "userid" and "biometric" will probably be good enough. If you're running a DoD installation with nuclear weapons, I expect a system with ID check, Smartcard, 10 fingerprints, retina scan and password will be necessary (I hope).
Finally to address this cool gelatin crack - this is neat stuff. I'm glad to see that people are coming up with potential attacks - it makes the developers of this stuff work even harder to create systems that can't be fooled. The latest capacitive sensors I've seen might not even be fooled by this - they claim they read the second or third layer of skin, not the external one. But even if it does fool them, it won't in a few months.
Remember, biometrics are not your enemy - if anything they help keep your privacy stronger by providing better control of who gets to pretend to be you (imagine your PGP keys being protected by a passphrase AND a fingerprint or two). There will always be issues with this or any other system - I just can't think of one that will be better than a properly implemented Biometric system.
-Jack Ash
Re:One response pro-biometrics (Score:3, Interesting)
Yes, they are two different concepts, but you're sort of implying that being able to escape liability isn't important or desirable (from a social, not an individual, standpoint). I think I rather dissagree with this.
Heck, let's take the easy witness protection program that someone else mentioned in this sub thread. Assuming that my biometrics are on file with a bunch of different businesses, agencies, etc. How is it then possible to change my name and dissapear? As long as cash remains a viable option then there's the cash only solution, but cash becomes less and less viable every day, though hardly anyone notices. Public prejudice ("who would need/have such a large amount of cash but a criminal?" and other such drivel) are as much at fault as anything else.
Bottom line is: there is, I believe, value to being able to shed one's identity, and biometrics is completely at odds with that.
Re:One response pro-biometrics (Score:3, Interesting)
In any event, as you yourself agree cash is always available as a last resort. And if you truly need a witness protection program I expect the Government will have enough resources to change or wipe your records from at least the databases that matter. Hopefully together with the new ID you'll move far away enough that you won't need to frequent the same businesses you were before (and a nice hello to globalization issues here).
Yes, I realize there will be problems, but nothing irresoluble with good will and a little bit of effort.
Think of the advantages on the other hand - Joe Shmoe is behind his child support payments and has skipped state - well, guess what - now you have a good chance of finding that deadbeat and getting him back on plan... And so on for any other number of crimes.
Look at it this other way. Shedding your ID right now is most likely illegal in some way (note, I said likely - there might be cases and forms in which it xan be done legally). And difficult. But it can be done. And people can still track you, with difficulty, but it can be done. This is merely one of those technologies that will make the former harder and the latter easier, but both will still be possible.
-JackAsh
Re:One response pro-biometrics (Score:2)
To answer some of the fears, no, most Biometrics databases don't give you anything when compromised. Why? Because they don't store the biometric. They merely store minutiae from the sample. These can be loosely defined as a series of data points illustrating some of the salient features of the biometric registered. If it's your fingerprint, the database merely contains a bunch of vectors illustrating where the most important ridges and forks and such are on your print. THIS INFORMATION IS NOT ENOUGH TO RECOVER THE PRINT. It's encryption, it's processing (the database might be encrypted, though). While you could potentially create a Biometric from the minutiae (assuming you understood the data format and what it describes) that fooled the algorigthm the minutiae were sampled from, your "faked" fingerprint would not fool a different algorithm.
Sounds like little more than security through obscurity, and we know were that's gotten us in the past. Using an encoding system that is difficult to understand and assuming that no one will figure it out is not a good idea - I think the telephone companies have plenty of stories to back that up.
I also don't buy the argument that it would be impossible to create a fingerprint that generated the same hash points. As I see it, this is little different than crypt()ing passwords. Of course the function is one-way so that you can't derive the original data from the hash, but given enough processing time and knowledge of the algorithm(s) an input can be generated that creates the same hash.
The biggest problem I see with bioinformatics (or at least fingerprints) is that they are forever tied to you. Passwords can be changed infintely, but you can't very will replace your fingers if someone dupes the prints.
Re:One response pro-biometrics (Score:2, Insightful)
Actually there is no obscurity here - it's just a sound mathematical principle. Think about it this way - when you digitally sign a message with PGP or with a certificate a mathematical signature is created with a digest from your message that verifies in no uncertain terms that that message has not been tampered with (within a certain degree of probability). Obviously, the cryptographic message digest is of a certain fixed, limited size, which means there are a lot of character combinations that could have generated a digest like that, it's just that you are not likely to a) encouter them; or b) find one that makes sense in any language.
Fingerprints are similar to that. I'd suggest going to google images and search for the term "fingerprint minutiae" there's several graphics there that can explain it better than I ever will. But to simplify, let me suggest a simplified model:
My fingerprint, when scanned, results in a model that contains an XY grid centered in the image, with a diagonal ridge at coordinates 5,17; and a whorl at -6, 12; and a fork at 3, -4.
Now there's about 80 other minutiae on my finger, that my current scanner picks up, but this will suffice. As you can imagine you cannot reconstruct my fingerprint from this data. It's just impossible. You might get an idea of what it looks like, but it's never exact because the minutiae are not enough to describe the print itself.
You argument is sound - this is very similar to the crypt() function. One way, etc.
Except with this data you can very easily generate one print that will fool this one algorithm. Real easy, even - much more so than brute forcing a crypt() hash. Just create a basic fingerprint and modify it to contain those features within it. Heck, even make it a bit imperfect - a fingerprint is never read the same way twice, and most modern algorithms are smart enough to check for identity matches.
The problem is that the next algorithm at a different ATM or shop doesn't look for the same features, but rather different ones. It might focus on ridges exclusively and their relation to each other, or some other random bit. And unfortunately you do not have that data - you just have the data that was important to the other algorithm. In essence the minutiae algorithms are EXTREMELY lossy, so much so that you would need to crack more databases than you want in order to compromise a single print.
And hey, if all your fingerprints are compromised you can always switch back to passwords
I guess my point is technology will make it infeasible to duplicate fingerprints exactly - Biometrics (at least as related to computer authentication) are still in their infancy. Being able to dupe a system with a jello mold is not exactly an attack that should succeed on a mature system. But it'll grow, and get so insanely good it'll take a heck of a hack to get through it.
-JackAsh
Re:Biometrics (Score:4, Insightful)
In this case "somthing you are" is a fingerprint.
"something you know" is a pin number or password.
"something you have" is typically something like a credit card, smart card, security fob, etc. This category doesn't apply to the case at hand.
So, once somebody replicates your fingerprint, all you need to do is change your pin number. Problem solved.
Re:Biometrics (Score:2)
That's the advantage that stuff which is not a part of your body has... you can change it.
For example: if somone manages to replicate my SecurID token (I know it's tricky, but just pretend here) then yeah, I can just change my password, but the amount of effort they have to go through to get my new pin is certainly less than they had to go through to get both my old pin _and_ replicate my token. Naturally, for maximum security I'd want to change both.
Can't do that with biometrics.
Re:Biometrics (Score:2)
Re:Biometrics (Score:2, Insightful)
Re:Biometrics (Score:2)
I have several times encountered historical descriptions of criminals having an eye poked
The fascinating part is, that there seems to be a technique, to hit a human head with a stick in such a way , that a single blow would pop out the eye of the eyesocket.
This kind of punishment seems to have been a specialists job. I have seen a description, where an old woman was summonend to execute this particular kind of punishment (17th. century, Europe).
This arcane technique is probably forgotten by now, but one never know if it would resurected if retinal scans became common:-0
Thank god there's a flaw... (Score:4, Insightful)
Any way you look at it, it's still more secure than credit card numbers. Then again, you can always cancel your credit card number. What would you do here, cancel that finger, and start using another? You can only do that for so long...
Re:Thank god there's a flaw... (Score:2)
That having been said if someone's willing to hack off a person's finger to get access to their ATM (or whatever) why not just hold a gun on them and make them access it.
Volunteers for finger dontation test? "No"... (Score:2, Interesting)
Just think.... (Score:3, Funny)
Still a cool system (Score:4, Insightful)
Latent fingerprints (Score:4, Insightful)
But what's worse in *this* particular case is the demonstration that latent finger prints can near-trivially be developed into a fingerprint glove that fools the device. Just picture it... A would-be thieve would watch you in the supermarket, picking up a bottle of Coke, put it back because you do prefer Mountain Dew after all. He picks up that bottle by the neck, pays for it with cash. From there on he could plunder your credit card.
Sounds scary to me...
Re:Still a cool system (Score:2)
Re:Still a cool system (Score:2)
Right. And then you say "Ah crap." You call the credit card company. They say "no biggie." And you're limited to $50 in liability. They give you a new 12-digit number, and everyone goes home happy. Not a big deal.
I fail to see why this is a "big step up" or an "improvement." At some point, your biometric information is reduced to a series of zeroes and ones. Kinda like a credit card holds on its magnetic stripe. Except that you can only get a "new number" 10 times.
So fine, maybe they can't steal your physical credit card any more. But you do a lot of purchases over the phone or internet, right? So now you get a thumbscanner for your serial port, and you scan yourself when you want to make a purchase instead of typing in your twelve digit PIN. Since a bunch of zeroes and ones fly over the Internet in either case, this is no more secure at all!
If it ain't broke... don't fix it!
Re:Still a cool system (Score:2)
Re:In CA you need an ID to use your credit card (Score:2)
Re:In CA you need an ID to use your credit card (Score:2)
Comment removed (Score:5, Funny)
OLD news (Score:2, Interesting)
That airport also funded development of an iris scanner they are using at the moment BTW, which is now being licensed to IBM and some others
Nothing new... (Score:2, Funny)
Bring something, know something (Score:5, Insightful)
However, the kroeger system falls back to the old "bring something, know something" mode which makes it much more secure.
Sure someone can duplicate my fingerprint (how easy that would be to both do and hide when checking out is another point, but let's assume that it's reasonable to lift a latent print, make a mold and check through without the clerk noticing), but they still must know my pin.
This is no worse than the current system of debit cards with mag stripes on the back that are trivial to duplicate with not much more equipment.
It is, however, much more convenient.
Assuming I can change my pin to be something other than my telephone number, I'd use this system.
Re:Bring something, know something (Score:2)
considering your finger print will be in a db, and anyone in the IT dept. can get, it would be pretty easy.
as far as fooling clerks, thats probably easier then you think, considering most "counterfitting" is done guy clipping the corners of hight decomination bills and pasting them to a lower denomination bill. That kind of shows you how muchs clerks think about what there doing vs. doing it by rout.
mag strip duplicaton is more expensive and requires more know how then faking a finger print scanner.
your point about a pin number is good, but howlong will that last? CC companies have already determined its cheaper to pay off bad purchaser then to force there customers to enter a pin.
Re:Bring something, know something (Score:2)
Unfortunately, the fingerprint system has sometimes been marketed as having close to zero false positives, but perhaps many false negatives. Maybe some company won't implement layered security and trust everything to the fingerprint. They'll be screwed. Or, they'll trust the fingerprint and passcode and be equally screwed.
Unlike a credit card, it seems to be comparitively easy to create a false fingerprint. Plus, if your credit card is stolen you will generally find out. If someone goes the Photoshop route and creates a set of fingerprints from your grubby prints last night's Heineken then you may not find out for days.
Re:Bring something, know something (Score:2)
Re:Bring something, know something (Score:2)
But that's not when they'd do it. They'd come over to your house late at night, pick a few things out of your trash, and just lift the prints then. Or just lift them from your door knob, or the door handle of your car, or sit around in a mall with little security and lots of people when you use the atm there. Tons-o-places to lift prints, since no one really thinks about leaving prints anywhere. Now true that all those places might not give you the BEST print, but there's bound to be lots of places that do.
This is no worse than the current system of debit cards
Right, but is it any better, thats the million (give or take) dollar question. If companies are going to spring mucho dinero to upgrade systems (and then likely to pass that expense onto the customer, citing "improved security for the betterment of the customer") only to end up with a system that in reality is no more secure than the one it replaces, that would be a "bad thing".
I agree that it is more convenient though. However the "you can only be hacked ten times before you can no longer purchase anything" issue is an interesting one. You could DOS people quite effectively that way (esp co-workers since lifting their prints off of their keyboards would be trivial).
Re:Bring something, know something (Score:5, Insightful)
Re:Bring something, know something (Score:2)
Also, different banks (say) would have different # for my account. Not so with fingerprints. Anyone at any company can lift your prints from their DB and search on any other company for any details they want.
Abraded fingers (Score:2)
It was a standard joke that you had to return your fingers when you finished working.
Xix.
Too much work (Score:3, Funny)
Bah! Too much work - I just wanna shape shift ala Mystique!
A Couple Choice Tidbits (Score:5, Insightful)
Yes - leave those purses out in the car so the guy stealing your stereo can get your credit cards too.
Kroger customer Mary Smith said she has a daughter in Katy who wants nothing to do with the finger image method of payment. She told her mother that it is "a way to get into your identity."
It's funny, Smith said, "you'd think it would be the old fart who'd be afraid."
This is funny because she doesn't appear to realize that her daughters fear is based on having more knowledge about technology and is justified fear. She is thinking "I'm not old- I'm cool and cutting edge." and that vanity is letting her opt in to a system where one day her checking account will be cleaned out by a bunch of tweakers who got her fingerprints off her car door and bought all the sudafed they could carry. Smart enough to build a meth lab - smart enough to make gelatin fingers.
from article: (Score:5, Funny)
tsutomu@mlab.jks.ynu.ac.jp
someone is going to find a whole shitload of emails tomorrow morning
There's an even easier way (Score:3, Informative)
Used to be, you could just shine a flashlight into the reader and get enough contrast out of the previous user's print to satisfy some readers.
There have been improvements since, and it would never have fooled a live finger detector anyway. But it's a good example of low-tech bypassing of high-tech security.
Reliability (Score:2)
Signatures (Score:5, Insightful)
Re:Signatures (Score:2)
The problem is that if people believe that fingerprints and other biometrics are "more secure" than signatures, they'll rely on them more and more - making it easier for criminals to do more damage, and making it harder for honest people to prove they didn't commit the fraudulent transactions.
Re:Signatures (Score:2, Interesting)
That is an insightful question.
It points to how to implement a reasonably good fingerprint system.
"Most financial transactions" require both a signature and a revocable token. If your checkbook or credit card is stolen you call up the bank and report it, and then you're off the hook (theoretically) when someone forges your signature.
A good system would need to combine the fingerprint either with a revocable token (e.g. thumbprint your Mastercard) or with a PIN.
Your grocery store may already have stuck you with a frequent shopper card, required to get their best prices. Combining one of those with a fingerprint scanner and a good revocation policy might work.
Re:Signatures (Score:2)
How can you care about the risk of someone faking your finger print when most financial transactions are verified with a signature?
It's a lot easier to fake my fingerprint than it is to fake my signature. I've been practicing my signature for many years now. I doubt you're going to be able to learn how to reproduce it in the amount of time it takes to create a wax fingerprint.
Re:Signatures (Score:2)
Re:Signatures (Score:2)
When you hand a check to a cashier at the supermarket do they ever check to see if your signature looks like all of your other ones? Nope.
Nope, but you can challenge the charge later by asking them to show the cheque with your signature on it.
weak is the system based on only a finger (Score:4, Interesting)
Just as you need both a username and a password to log in to any computer system, a combination of a fingerprint and password, or fingerprint and pin should be used for any reasonable authentication.
Combined with decent access controls (this person may only do X at Y time) and a complete audit of actions, fingerprint biometrics can fit nicely into an extremely secure environment.
I'd certainly rather use my finger than my RSA number keychain!
Re:weak is the system based on only a finger (Score:2)
I'd certainly rather lose my RSA number keychain than my finger!
(Make mental note never to go work in ultra secure environments)
Psst! Buddy! Ya wanna buy a finger? (Score:2, Funny)
Forget payment systems. I want drive up service! (Score:2, Interesting)
NOTE: Locations will be based on best deals, and include E-Coupons and such, as well as projected route
Painless, quick, and efficient. That's how grocery stores should operate. Forget fingerprint scanners. Eliminate the long checkout lines, crowded aisles, and rude people.
Re:Forget payment systems. I want drive up service (Score:2)
No going in and squezing the vegetables?
No trying to put boxes of condoms in old ladies troleys?
No sneeking a peek at the cashiers boobs?
What's the fun of that???
Re:Forget payment systems. I want drive up service (Score:2)
In that case, why not just stay at home while your car drives itself?
Starfleet??? (Score:3, Interesting)
Finger and Pin (Score:2)
I've got one question.
How long do you think you will last when that guy cutting off your finger is yelling at you to tell him the pin?
I'm guessing for the average joe it will be measured in seconds. (Especially as the media and powers that be preach this constant message of 'just hand over whatever they want - don't fight back')
.
In Seattle Also (Score:2)
They give a brief mention to Kroger in the linked article [nwsource.com] as well..
I liked this part... (Score:2)
So they leave it in plan sight in the car, so they can come back to a broken window and and a missing purse. (not to mention all of those unmentionalbes inside the purse)
That's it. (Score:2)
Maybe they don't need Men anymore? To turn them on with those Secure Touches?
Problems with fingerprinting (Score:5, Interesting)
Let's leave out, for now, the fact that it's not possible to verify this claim at all: there's no way to test all living people and compare their prints. This is troubling, but a bit of a red herring.
More troubling is the way fingerprinting is practiced. There's a case in Philly right now where a federal judge has prohibited [go.com] the prosecution from testifying that two fingerprints "match." From this article: [nandotimes.com] The answers, respectively, are "no," "no one knows," and "no."
I'm home sick and I don't feel like doing more research on this right now. The above links and Google [google.com] will help if you want to look at it more.
Re:Problems with fingerprinting (Score:2)
The issue is, the certainty of picking up just one or two latent prints on a door knob, and then comparing to the fingerprint card, has not been fully determined--and for good reason, the latent print is simply not the quality of the professional print.
This is one of the reasons why, in the states that fingerprint for driver's licenses, the prints are never used for criminal investigations--the quality of one thumbprint smudge on the little glass platen is simply not good enough to compare a latent print to.
This is kinda a fun time to talk about dl fingerprinting--since dl privacy is a big thing for me and all. California law, for instance, says that they must take a thumbprint of an individual getting a license. If you are a hairdresser, working with bleach, or a bricklayer, working with lime, it is highly possible that they will not have fingerprints. There is some type of print that would normally appear, but it has not. So is the fingerprint the potential print...or the one the blank one that is showing up. Apparently, they just write off the print as being uncollectable...which is very telling. It begs the question...what is your identity anyway?
Retina Scanners (Score:2, Troll)
Re:Retina Scanners (Score:2, Funny)
Whatever for?
So you can snarf hisfingerprints, hmm?
Re:Retina Scanners (Score:2)
It's good he's Japanese (Score:2, Interesting)
Excellent (Score:2)
I wonder if I get a higher credit limit on my thumb than any of the other digits.
Obvious solution... (Score:5, Funny)
Re:Obvious solution... (Score:2)
--Dan
Everything has problems (Score:2, Insightful)
Next up... (Score:3, Interesting)
However... (Score:3, Interesting)
Re:However... (Score:2)
Faces and Gelatin (Score:2)
See also (Score:2)
This is NOT a bad thing... (Score:3, Insightful)
In all such transactions:
- Authentication is necessary. (ie the transaction requires at least one of these mechanisms).
- All the authentication methods are vulnerable - no security mechansim is perfect.
- All of these could be subverted by to invade your privacy.
However, if you can't use cash for your transaction or you prefer not to for the convenience, you've got to live with the authentication tradeoffs.
As pointed out, authentication is necessary for many transactions - there is no escaping this fact. So the best questions when evaluating the technology is RELATIVE to its alternatives.
So fingerprint readers can be spoofed easily (assuming you can get a copy of the finger you want to copy, which is not necessarily easy). Well credit cards numbers can be obtained and used fradulently; signatures can be forged.
None of these mechanisms are fundamentally good or bad. However, I believe having alternatives IS good for two reasons:
1. It provides competition between different authentication mechanisms so that people get a choice in what security/convenience tradoff they want to make.
2. Having multiple authentication mechanisms automatically increases the diversity of the authentication infrastructure which means that it is harder for an organisation to subvert because they need to coordinate your identity across multiple systems rather than having a single one.
In the scenario described (and many previous articles on the same subject at Slashdot), these new systems augment rather than replace existing ones. As long as this continues to be the case, I am more than happy for these mechanisms to exists and compete.
ST Microelectronics (Score:2)
Implications for Movies. (Score:2)
But what about retinal scanners?
If Arnie is locked out of a secret military compound trying saving the "presidents"/"a friend's"/"his own" "daughter"/"wife"/"pet cockerspaniel" and he comes up against a retinal scanner...
Well then he's still gonna have to handle that the good ol' fashion way...
By ripping out the "Drug Lord's"/"Mafia Boss's"/"Buddy gone bad's" eye ball!
It's comforting to know that some things will never change.
:)
More than $10... (Score:4, Insightful)
"Hey, let me use your finger so I can copy it and steal stuff with your prints!"
The second method that allows latent prints to be used requires more work. Still, if you have a laser printer, I'd estimate it runs only $50-100. And the costs of the trick can probably be reduced quite a bit.
As to the security issues: Prints alone = bad. Prints + PIN = Somewhat bad. But most crooks prolly aren't going to be that desperate.
It is probably best to use fingerprints as a method of correcting for the deficiencies of credit cards. i.e. verifying that the person with the card is indeed the owner.
It's probably most useful if fingerprint scanners can ever be made economical for the home user - Person makes a CC purchase online, pushes their thumb on a reader, and the image of their thumb gets hashed and sent to the CC company for verification. As a result, a CC thief has to steal the user's fingerprint in addition to their CC #. Theft of a fingerprint no longer means you've permanently lost its usefulness, as it's only used in conjunction with other methods. Your only problem is that the next time around the thief only needs to yoink your CC # - But I have a feeling repeat strikes of CC theft almost never happen.
Re:More than $10... (Score:2, Insightful)
It's probably most useful if fingerprint scanners can ever be made economical for the home user - Person makes a CC purchase online, pushes their thumb on a reader, and the image of their thumb gets hashed and sent to the CC company for verification. As a result, a CC thief has to steal the user's fingerprint in addition to their CC #.
Wheee, now both the CC and the finger print hash are stored in the same insecure, slapped together, e-server in bumfuck idaho. This offers no more protection than just a CC# and when someone steals your hash you have to take some lye to your fingertips.
Until you can make all e-comerce servers rock solid secure I don't want my ID based on something that would physically hurt to change.
Prints already on file (Score:2, Insightful)
How many people already have their prints on file? No...not just criminals. People who have been arrested, but not convicted. Members of the military, police, child care workers. Children of paranoid parents, etc, etc, ad infinitum. All 'respectable' persons. Clear prints, already in electronic format, ready to be stolen/hacked/duplicated and used.
Think about THAT when the vote comes up for biometric entry into the country.
All the 'kid registration' over the last few years has been a desensitization to this point.
Tests Ive done with biometric readers (Score:2, Interesting)
Hardly a dealbreaker. (Score:2)
2. Scan matches fingerprint to ID record
3. Checker's terminal displays photo of recognized person
4. Checker notices that the fingerwielder looks nothing like the registered fingerowner.
5. Fingerwielder flees.
Alternatively, you can require a PIN code to use in conjunction with the scan. This is what they did at High Tech Burrito [hightechburrito.com] when they tested a thumb-scan system in Berkeley.
Re:Hardly a dealbreaker. (Score:2)
--
Benjamin Coates
Latent fingerprint reproduction (Score:2)
Soon, everybody who's now cloning cell phones will be able to do this. So much for fingerprint-based biometrics.
mandatory (Score:2, Insightful)
Next, they'll demand a fingerprint in order to qualify to buy food at non-extortionary prices.
Shaws, Stop and Shop, Kroger... You should rot in hell.
Far easier to fake than you think.... (Score:5, Interesting)
If the previous person to use the reader had greasy or sweaty hands, and they don't intentionally wipe or smear the plate you can fake their print easily.
Either hold your palm closely over the plate, or breath gently over the reader. Enough to create enough warmth to simulate a finger.
With a little practice I could do it over and over. Quite fun giving a demo to security people!
Okay, you have to get a victim's print first. (Score:2)
Geting a usable print that isn't smudged in some respect is not that easy. Ask any AFIS operator. Getting the right finger from a glass is also hard if the glass was rotated in the least.
Its not likely to be done on casual contact.
It requires collusion or coercion.
That's no reason to give up on biometrics yet.
No temperature sensor on the unit? (I'm sure that the gummy bear wasn't the same temperature as the guy's finger. Yuck.)
And I can't forget my finger at home.
I still like a LONG biometric password (my fingerprint) for logging on.
Re:Its insecure but... (Score:2)
For example, let's say that some scientist said that he invented a calculator that is almost never wrong. Now a common person using this would assume that it is always right. They aren't going to double check the results when they see that 2+2=5. I've simplified it a lot, but I mean, how often do you double check the receipts after you buy stuff at the grocery store? I think Dateline had reported that 3 out of 10 items at grocery stores are usually rung out wrong.
The thing with credit cards and cash is that merchants know what to watch out for. (ie strip of paper inside cash, checking with bank with credit card).. In addition, most of the times, you need access to the credit card number or the CC itself. But for a finger print, if someone steals it, you can't call up a bank and tell them that someone is using your finger print and you want them to cancel it. Also, if everyone assumes it's so secure, are they going to believe you and have the same security features (such as you not being responsible for the charges) when you report it "stolen"
The only way it would work is for your fingerprint to replace your signature...even then, there's still some inherent insecurities..