MasterCard Joining Push for Fingerprint ID Standard

CommanderFrank

CommanderFrank

Cat Can't Scratch It
Joined
May 9, 2000
Messages
75,399
MasterCard has joined the FIDO Alliance. No, it doesn’t mean the company is going to the dogs, it means MasterCard will now research the mechanics of using biometric data as a principle identifier for cardholders.

The addition of MasterCard will help FIDO expand its standard to more types of transactions. The company's experience handling the multitude of existing payments-industry standards will also be valuable.
Click to expand...
 
Using fingerprint biometrics for anything digital will be a disaster. The only legitimate uses I can see for fingerprints is for things like local access control where the person exists in the flesh and the print can be verified locally. If you're just passing the fingerprint data over a network, then it can be spoofed, and there's no way to change your prints.
 
Yea I don't think so. I'd never want to use that at a gas station, supermarket, etc. At a bank as part as of a >multi-step< verification system? Sure, I could see that.
 
Everything is a pattern and it will all be replicated eventually so it's only a matter of time.
 
KarsusTG said:
Didn't myth busters prove how easy it is to fool biometric stuff?!?!
Click to expand...

thats what i was thinking....they proved how easy is it to was to trick the system with a piece of freaking paper!

first the iphone5s and now this ugh what next
 
If someone steals your physical credit/debit card, they might be able get your fingerprints off of it.

JEANYUS!
 
i am against this idea.
credit and debit cards are not permanent things, your identity is.

if they want to do it with a notary, just so they can keep track of actual identity at the initial signups, ok. but not for everyday usage.
 
Same here. Biometrics I ABSOLUTELY POSITIVELY REFUSE to have it used as a key/password to anything important. I like my Mastercard I have now, but I would drop them in a heartbeat if they force biometrics on me in order to use it.
 
I think I'm going to start a company that sells fake fingers with randomized prints for people who are paranoid about using their real ones for bio-metrics.
 
GaryJohnson said:
I think I'm going to start a company that sells fake fingers with randomized prints for people who are paranoid about using their real ones for bio-metrics.
Click to expand...

i'll buy half the company :)

outside the mythbusters heres another example why its best to avoid the tech

then again you'd be selling cases of this.....just creepy how some tech has the potential to screw us over
 
Lets just get rid of magstrips first and get to chipped and pin cards. All that has to happen is to increase the amount of time it takes to copy a card compared to when a card is lost so that thieves lose out.

But nope. Can't have that. It would cost too much money.
 
aireyc said:
Using fingerprint biometrics for anything digital will be a disaster. The only legitimate uses I can see for fingerprints is for things like local access control where the person exists in the flesh and the print can be verified locally. If you're just passing the fingerprint data over a network, then it can be spoofed, and there's no way to change your prints.
Click to expand...

This, and, surely, if faced with a subpoena from a secret court, a company like mastercard would never turn over your fingerprint data to the government. And I know for a fact that their servers are completely secure and won't be hacked. This, in addition to the thorough background checks on employees at every level and their immunity from successful social engineering attempts will make your biometric data safe from unconstitutional or improper government demands and hackers alike!

Welcome to the future fellas.
 
Better off with a choice of biometric verification, like retina scan, or voice recognition...not that any of these methods are fool proof, but it does give you more flexibility should you be missing any digits.
 
daglesj said:
If you can't change it, you really shouldn't use it.
Click to expand...
It would likely only be one step in the authentication. Something you have (card), something you know (pin), something you are (fingerprint). Without the card and pin, the biometrics are irrelevant.
 
TeeJayHoward said:
It would likely only be one step in the authentication. Something you have (card), something you know (pin), something you are (fingerprint). Without the card and pin, the biometrics are irrelevant.
Click to expand...

But then if your biometric data is hacked/copied then it makes it useless for ever more on any system that uses it.

One step or three step it doesn't matter. Your biometric data then gets 'blacklisted' that could well stop you from taking up certain services.
 
daglesj said:
But then if your biometric data is hacked/copied then it makes it useless for ever more on any system that uses it.

One step or three step it doesn't matter. Your biometric data then gets 'blacklisted' that could well stop you from taking up certain services.
Click to expand...
I understand what you're saying. However, the only folks who would get their biometric data blacklisted would be known card thieves. Even then, it would just stop them from using their cards in person. It's not like you have to have a fingerprint scanner at home to buy something off Amazon. Having your fingerprints "compromised" (*cough*FoIA*cough*) would result in you needing nothing more than a new PIN, and maybe a new card. You can alter any one of the three factors and be secure again.
 
royce321 said:
i'll buy half the company :)

outside the mythbusters heres another example why its best to avoid the tech

then again you'd be selling cases of this.....just creepy how some tech has the potential to screw us over
Click to expand...

You don't have to go to that trouble if you're willing to take the finger(s) when you take the wallet.
 
Have the CC as a WiFi radio device about the size of mem stick. Your thumbprint unlocks/ it so data can be transmitted. The thumbprint is not transmitted. Your account keycode is time synchronized on the bank server and the CC. Clock chips are good enough now.

If you intercept the signal via the internet or other methods, it is only good for an instant.

All the thumbprint does is make sure you are the one giving out your number.

Stealing one and trying disable the thumbpad would kill the clock.
 
aireyc said:
Using fingerprint biometrics for anything digital will be a disaster. The only legitimate uses I can see for fingerprints is for things like local access control where the person exists in the flesh and the print can be verified locally. If you're just passing the fingerprint data over a network, then it can be spoofed, and there's no way to change your prints.
Click to expand...

This pretty much wins the whole thread. It offers little in the way of protection if you can jsut spoof the pass/fail response, and you are at great peril if the system does not potect your digitized prints well. The safest would probably be encoding to the card and having the check be local, but I don't see that as doing much good other than maybe protecting honest vendors from BS charge backs.
 
The US isnt even running behind the bandwagon of chips in credit cards, so any sort of biometric data for credit cards is probably about 40 years away.
 
thedge said:
The US isnt even running behind the bandwagon of chips in credit cards, so any sort of biometric data for credit cards is probably about 40 years away.
Click to expand...
My latest card is chip-and-signature. Still can't find a good chip-and-pin card!
 
You must log in or register to reply here.
Back
Top