back to article By 2019, vendors will have sucked out your ID along with your cash 5 billion times

Research house Juniper has stared into its crystal ball and discovered that the number of biometrically authenticated payment transactions will reach nearly five billion by 2019, up from a mere 130 million currently. Apple Pay and Samsung are the only providers that currently use fingerprint scanners for authentication, with …

  1. Anonymous Coward
    Childcatcher

    The big-money will be in wing-wang scanners. Gratification from the purchase suitably augemented.

  2. Your alien overlord - fear me

    Er, when my iris is stolen I've got bigger problems than my online identity. Like being able to see.

    1. Jason Bloomberg Silver badge

      Luckily it's only an image of your iris they will need. They will send that down the line to fake your authorisation of a payment or cash withdrawal and job done. Blink and you'll miss it.

      1. A. Coatsworth Silver badge
        Coat

        Thanks Odin!

        I was envisioning a surge in attacks with handheld eye-blenders like the ones in that scene from The Avengers...

  3. Paul Shirley

    Any facial recognition capable of recognising me at both the start and end of a drinking session is far to imprecise to be safe.

  4. Anonymous Coward
    Anonymous Coward

    What about security of voice biometrics?

    I think that voice biometrics have the advantage that they are more difficult to break than e.g. fingerprint (or presumably iris) spoofing. Yes there are voice replay attacks (recording and re-playing someone else's voice), but I believe that is more easily detectable/preventable, and I could still re-enlist my voice in the system (i.e. my voice isn't permanently compromised - unless speech synthesis becomes amazingly sophisticated). Any thoughts from biometric experts on here?

    1. Roland6 Silver badge

      Re: What about security of voice biometrics?

      From work I did on natural language processing, I suggest that "voice recognition" is subject to the same problems are other biometrics. However, "continuous speech recognition" where you are sampling and analysing a conversation are much more secure and reliable means of identification. It is a bit like footprints - it is easy to replicate a single footprint, but try and replicate someone's walk and you'll see the differences.

      1. h4rm0ny

        Re: What about security of voice biometrics?

        However, getting samples of people's voices should be a lot easier than getting their passwords (excepting TalkTalk customers, obviously). Just get someone talking online or on the phone for a few minutes and you have a decent sample. Reproducing someone's voice to a degree sufficient to fool an ID system may simply not be done yet because there's no need. But I reckon you could extrapolate the necessary indicators from a few minutes talking once we really apply ourselves. You'll have the pitch, tremulousnouss (word?) and be able to take a good stab at accent.

        Remember voice analysis to id someone is just the other half of the coin to reproduce those qualities in a voice used to id someone. It's the same technology, just run backwards.

        Biometrics are only secure so long as the "private key" is secure. And people think the private key of biometric security is the thing itself but it's not, it's the digital representation of that thing.

  5. Jusme
    Stop

    No thanks...

    Three problems with biometrics.

    1) The human body isn't suited to being machine-readable. This means either the match is fussy (got a cold? No cookies for you today) or lax (1-in-100-or-less false positives). Most systems tend to the latter, else they're deemed to "not work".

    2) You only have one identity. Different finger for each website is a bit limiting, and once you've given your DNA sample to $badBoys (via cutekittens.org) they can impersonate you anywhere, forever.

    3) You can't change your biometric identity. Once it's compromised - tough.

    Proper 2-factor authentication is the way to go (i.e. something you have and something you know, not something you know and something else you know asked in a really awkward way, as some sites seem to think...)

    1. Anonymous Coward
      Anonymous Coward

      Re: No thanks...

      But what happens when you have nothing and know very little due to a terrible memory? That's the problem with passwords right now (people can't remember them), yet no one's been able to provide a suitable alternative, particularly for those who don't regularly travel with phones (court employees, perhaps; most courts ban electronics due to multiple security concerns) or, like I said, have terrible memories.

      1. TRT Silver badge

        Re: No thanks...

        Something I have... a wedge of high security paper/cotton printed vouchers each with a unique serial number and anti-forgery devices embedded.

        Something I know... which pocket I keep them in.

        1. Jusme

          Re: No thanks...

          @TRT, oblig. https://xkcd.com/538/

          1. Charles 9

            Re: No thanks...

            You know, that xkcd comic fails to consider two types of people: masochists and true weaklings. Masochists would see the wrench and go, "Yeah! Hit me more!" while true weaklings wouldn't give up the code; they'd give up their consciousness at the sight of the wrench. Either way, you're more likely to kill them than get the codes from them.

        2. Anonymous Coward
          Anonymous Coward

          Re: No thanks...

          "Something I have... a wedge of high security paper/cotton printed vouchers each with a unique serial number and anti-forgery devices embedded.

          Something I know... which pocket I keep them in."

          Sounds like something potentially problematic during a heavy rain (a passing car can splash you or you can slip and fall into a puddle).

          1. hoola Silver badge

            Re: No thanks...

            At least you can dry those out and they do not require power. if your phone gets wet, dropped, trodden on or the battery goes flat you are stuffed.

            The trouble is that in in the UK, schools are pushing biometrics for the critical job of paying for meals etc. The punch line on this is "the system does not store your fingerprint, it turns it into a number and is totally secure". When I asked where the data was held nobody knows. Then company that hawks the system to many schools has no clue and states that the data is encrypted, therefore it is completely safe. Currently you can opt out but this is never mentioned in any of the induction meetings and most parents appear to not care.

            The pupils complain that it is slower then the old NFC cards and at least it they are wearing one, it has a photo on it.

            1. h4rm0ny
              Childcatcher

              Re: No thanks...

              I bet the cost of this system (both purchase and running) are far, far more than the cost of fraud by schoolchildren illegally eating meals.

            2. Charles 9

              Re: No thanks...

              "The trouble is that in in the UK, schools are pushing biometrics for the critical job of paying for meals etc."

              Just wondering. Was there a high incidence of lost or stolen cards in the past? That may have been a reason to push for a method of authentication much harder to lose (it would have to take a serious accident to lose one's finger or have one's fingerprint permanently marred).

      2. Roland6 Silver badge

        Re: No thanks...

        >But what happens when you have nothing and know very little due to a terrible memory?

        Well the real issue is just how bad your memory is; I suggest that if you are capable of independent living - something that can apply to dementia suffers, there are things that you do remember, the issue is plugging into them and using them as forms of two factor authentication. For example, one of my bank cards now asks me 'random' multi-choice questions based on information they hold and have gathered over the years as part of their payment authentication and authorisation process.

        1. Dave 126 Silver badge

          Re: No thanks...

          >those who don't regularly travel with phones (court employees, perhaps; most courts ban electronics due to multiple security concerns) or, like I said, have terrible memories.

          I doubt courts have an issue with RSA hardware tokens.

          https://en.wikipedia.org/wiki/RSA_SecurID

        2. Anonymous Coward
          Anonymous Coward

          Re: No thanks...

          "Well the real issue is just how bad your memory is; I suggest that if you are capable of independent living"

          And for those practically helpless yet adamant they can live independently (hint: I know a few personally)?

          1. Roland6 Silver badge

            Re: No thanks...

            >"And for those practically helpless yet adamant they can live independently"

            Well as I said, the problem is linking into what they do remember...

            However, as you indicate people can be their own worst enemy and so insist on using a password when, in fact, they should be letting the bank ask them questions to which they will know the answer. But yes I do know people who even forget the names of their own children and refer to them as numbers 1, 2, 3 and 4, yet can remember the names of neighbours, friends and relatives!

    2. Mark 65

      Re: No thanks...

      As has been stated before - biometrics are equivalent to username, not password.

  6. Richard Jones 1
    WTF?

    Safety Check

    No movable pocket minicomputer; Check

    No obsession with over priced toys: Check

    No interest in gimmicks: Check

    Existing perfectly serviceable payment systems: Check

    Some potentially crap potential service suppliers; Check but NOT wanted.

    Sort out the present problems, do not build a whole hill of new unknown issues to climb over and sort out.

  7. MacGyver
    Big Brother

    So...

    Why not require that each service NOT be able to hold your biometric data and rather a sort of hash that their specific billing program generates. That way if I use my thumb to buy a coke with a Chase bank app, the app generates a hash based upon the biometric that it read, and sends that hash to the bank to be checked against their stored hash. Make it the law that each payment app behave this way and not simply archive a fingerprint, and that no company can share their hash generating algorithms with another biometric validating app (so that they aren't being lazy and just using one hash generating algorithm per person thereby making that one hash our defacto identity everywhere). If they all have a different hash, and their app is doing the generation, and they all can't share, then no one has any of our real biometrics stored. In the event of a "data breach" they simply update their program to create and use a new hash, the data that was stolen is now worthless.

    Maybe I'm not thinking it through all the way, why wouldn't this solve the problem?

    1. Jusme

      Re: So...

      Maybe I'm not thinking it through all the way, why wouldn't this solve the problem?

      $badBoys don't obey the law. It only needs you to be suckered by one biometric validating app that keeps your plaintext and you're sol.

      1. Anonymous Coward
        Anonymous Coward

        Re: So...

        Or the OS itself siphons the raw data straight from the reader and stores it for its own purposes BEFORE passing it on. Since the OS is always going to be between the fingerprint reader and the app, there's no way around this issue.

      2. Anonymous Coward
        Anonymous Coward

        Re: So...

        There are ways to prevent that, assuming we're only talking phone scanners and not POS scanners etc. but biometrics as 1FA are a really bad idea.

        They're acceptable for things like registration and cashless catering, where the whole process is on a LAN, only a hash is stored, and the scanner calculates and sends only a hash to the backend authentication system, but a POS scanner in a supermarket won't have the grunt to calculate the hash in the short period it'd have to, unless they're building them out of decent hardware (hint: they won't).

        Biometrics as 2FA would make more sense.

  8. Ugotta B. Kiddingme

    extending to medical services as well

    My doctor's office here in southern US has recently installed palm scanners for use at check-in as a means to "speed the check-in process." I politely declined and handed over my medical insurance card like I always have. The lady looked at me with incredulity and inquired why I wouldn't want a faster check-in. I smiled and told her that if she had merely processed my insurance card rather than question me, check-in would already be complete and take no more time than their "new" method. She shrugged and did it "the old way" and I took my seat in the waiting area for my appointment.

    I didn't bother to waste anyone's time explaining why this process was flawed and risky. I did explain to the doctor that I will simply continue as I always have, using identification and insurance cards and, should they make using the scanners compulsory, I and my family will take our medical business elsewhere.

    1. Charles 9

      Re: extending to medical services as well

      Then what happens if ALL doctors demand this, particularly under legal mandate? Would you be willing to renounce your citizenship and move to another country?

      1. Mark 85

        Re: extending to medical services as well

        For the medical establishment to enforce this is just plain stupid. It presumes that you have hands and that said hands haven't been damaged (cut, burned, etc.) since the first time you scanned them for reference. So smack your hand with a hammer and you probably won't be able to get medical attention.

  9. Anonymous Coward
    Anonymous Coward

    Insist on biometric ID and you don't get my money. Simple enough

    1. Charles 9

      Would you be willing to go without if it's bio or bust (as in ALL the vendors do it, especially if required by law)?

      1. Anonymous Coward
        Anonymous Coward

        Insofar as it is possible, then yes. I can certainly do without trinkets. Of course the real test would be when it's something that I need -as opposed to want- with no alternative supply.

        Not especially concerned by the required by law part...if such a howlingly flawed and self-serving law were passed; I would feel no especial compulsion to obey it.

      2. Captain DaFt

        "Would you be willing to go without if it's bio or bust (as in ALL the vendors do it, especially if required by law)?"

        As far as non-essential uses go, comply fully.

        As far as essential uses go, comply only if there wasn't a work-around.

        Why? Because it would insure that within two years using biometrics for security would be banned as unsafe, since so many baddies would be spoofing it as to render it useless.

      3. Mark 65

        Would you be willing to go without if it's bio or bust (as in ALL the vendors do it, especially if required by law)?

        Market economics dictate someone will provide the service - after all, that's why drug dealers exist. It is not about legality it is about demand.

        1. Anonymous Coward
          Anonymous Coward

          Market economics may not be able to come into play. What if the market is captive?

  10. Bucky 2

    My understanding is that bypassing biometric authentication is simply accomplished, and fairly conventional, as depicted in documentaries such as "The Avengers" and the "Mission: Impossible" series.

  11. Flashfox

    Are biometrics safe?

    Although biometrics are a safe way to provide identity, there is a dark side as noted in other posts. Once the device stores your biometric data it can be hacked even if encrypted. I am certain that some will find ways to be able to use the stolen biometric info to impersonate you.

    Are we heading towards the "unique chip implant" where this data is not on the device but in the implant? It would be secure as the data can include your unique DNA and/or other physiological items which would be combined to make up the unique "MyID".

    Anyone for "666"? :-)

    1. GW7
      WTF?

      Re: Are biometrics safe?

      Somebody's been watching too many Bond movies if they think biometrics are safe or reliable. Using the same fingerprint to access multiple services (banks, medical etc.) is about as secure as using the same password for them all, and not being able to change any of them ever. If this ill conceived technology becomes mainstream, I shall be abrading my fingerprints on a sanding machine to ensure a more reliable and secure method of authentication has to be used. Not sure what to do about the eyes though.

      1. Anonymous Coward
        Anonymous Coward

        Re: Are biometrics safe?

        Not sure what to do about the eyes though.

        The same sanding machine will work, I would guess.

        I can't see competitive markets wanting to play with biometrics. Imagine if Talk Talk had lost the biometric data of their customers. Even payment processors like Visa have kept away from effective but challenging security (hence the survival of the laughable and unwanted "Verified by Visa"), so I can't see them wanting to be responsible for biometric data. And it is people like the payments processors that have most to lose from the irretrievable and permanent nature of a biometric data breach.

        The other thing to consider is that currently pathetic data protection laws will change (whether EU driven or outside of the EU), and as part of that penalties will become a lot harsher, and the requirements far more stringent. In that respect the Talk Talk breach is a good thing, that has concentrated minds in a way that (eg) the Carphone Warehouse breach a couple of months back did not. With much more serious penalties (and I suspect the prospect of corporate liability for subsequent losses and restitution), who would want to be sitting on a stash of biometric data? I can see fingerprint scanners disappearing from phones in short order.

  12. Flashfox

    That's why I now wonder how long it will take for us to go to the next step: Bio-metric implants that combine your DNA and other parameters to generate your unique ID. In other words: No implant = No services = Shades of "666" :-)

  13. Anonymous Coward
    Anonymous Coward

    Only reason I might start using Apple Pay

    Is because paying by card in the US with the chipped cards is a big slow hassle! It used to be you could just swipe your card, and optionally sign if the purchase was over a certain limit ($50 in many places) so it was as fast as could be. I always said there was no reason to want to pay via NFC because it wouldn't make things any faster so what's the point (this was back when Android phones had NFC payments that didn't use EMV but rather passed your actual credit card number so they offered zero added security)

    With the chip readers in the US you have to swipe your card, wait for it to tell you to insert your card instead (you can't just insert it first, I have no idea why) then insert your card and wait 10-15 seconds while it does who knows what until it tells you it is OK to remove your card.

    Fortunately places around where I live are just starting to upgrade their readers, and those I frequent haven't yet. So I haven't taken the time to get set up for Apple Pay yet, but when I do I'm going to try it just to see if this speeds things up, which I imagine it will. I can't understand how they could have made the new process so slow - was there no user acceptance testing?

    1. Roland6 Silver badge

      Re: Only reason I might start using Apple Pay

      I doubt Apple Pay will actually be any quicker as instead of waiting for it to tell you to insert your card, you will be waiting for it to tell you to place your phone over the pad, then wait a further 10-15 seconds whilst they negotiate the transaction...

    2. GW7

      Re: Only reason I might start using Apple Pay

      "I can't understand how they could have made the new process so slow - was there no user acceptance testing?"

      I guess there was much user acceptance testing by the users who commissioned NFC payment systems - the banks.

      I wouldn't trust any form of electromagnetic payments as far as I could spit. Many phones now have NFC and chances are an exploit will be found that will enable your NFC credit cards to be syphoned by anyone with a malicious app who can get physically close enough. Someone will work out how. When that happens, carrying a wallet full of cash down a dimly lit street at 3am will be safer, as long as you are prepared to drop it if threatened. In any case, what does a person do when a knife is held to their throat for their apple/google wallet? "We're taking your phone + fingers/eyes so we can get your cash"? No thank you.

      1. Anonymous Coward
        Anonymous Coward

        Re: Only reason I might start using Apple Pay

        Apple Pay and Android Pay both require inputting a security sequence before they can be used. And with an effective window of only 200ms (learned this from one of the Android Pay devs), masquerading is going do be a real difficult proposition.

        1. Anonymous Coward
          Anonymous Coward

          Re: Only reason I might start using Apple Pay

          They also both use EMV, so your actual credit card number is never exposed. Even if your details were slurped, they can't be used by the attacker.

  14. Pascal Monett Silver badge

    Biometric payment systems, pah !

    My fingerprints are like my privacy : I have nothing to hide and it's nobody's business but mine.

    My biometrics on a smartphone ? Those things are already a prime target for malware and now you want to add more interest to the things ?

    No thanks, I'll stick to VISA and cash. Pin and chip is way better than fingerprints : if your card is compromised, just ask for another one.

  15. DryBones
    Alien

    Hmm

    Seems kind of sensational. From what I understand, the biometric info is digitized, encrypted and stored on the device, maybe a copy sent to the OS masters for cloud storage. Authentication is done on the device and what's shared out is a unique transaction verifier.

    So, vendors sucking out your biometric ID? Only if the implementation is utter pants.

  16. Jin

    Unless used very wisely, biometrics could end up pleasing criminals.

    Whether face, iris, fingerprint, typing, gesture, heartbeat or brainwave, biometric authentication could be a candidate for displacing the password if/when (only if/when) it has stopped depending on a password to be registered in case of false rejection while keeping the near-zero false acceptance.

    Threats that can be thwarted by biometric products operated together with fallback/backup passwords can be thwarted more securely by passwords alone. We could be certain that biometrics would help for better security only when it is operated together with another factor by AND/Conjunction (we need to go through both of the two), not when operated with another factor by OR/Disjunction (we need only to go through either one of the two) as in the cases of Touch ID and many other biometric products on the market that require a backup/fallback password, which only increase the convenience by bringing down the security.

    In short, biometric solutions could be recommended to the people who want convenience but should not be recommended to those who need security. It may be interesting to have a quick look at a slide titled “PASSWORD-DEPENDENT PASSWORD-KILLER” shown at

    http://www.slideshare.net/HitoshiKokumai/password-dependent-passwordkiller-46151802

    1. Anonymous Coward
      Anonymous Coward

      Re: Unless used very wisely, biometrics could end up pleasing criminals.

      So what happens when the situation is TOO tough because people have bad memories, but the highest level of security people are comfortable with is too low for security-conscious head honchos to be comfortable with? How do you run a business where regulation requires the use of passwords or key cards but even your best employees are too prone to forgetting their credentials?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like