back to article Go on, corporate drone, log in... We'd recognise your VEINS anywhere – Barclays

Barclays is ramping up its fight against online fraud with the roll-out of a biometric scanner that uses Hitachi’s Finger Vein Authentication Technology (VeinID). Unlike fingerprints, vein patterns are extremely difficult to spoof or replicate. Barclays Biometric Reader will allow customers secure access to their online …

  1. Valeyard

    app

    it'd be nice if they just allowed rooted phones to run the banking app really

  2. moylan

    'extremely difficult to spoof or replicate'

    'extremely difficult to spoof or replicate'

    until they've become a big enough target for the hacking community to take an interest in?

    1. DougS Silver badge

      Re: 'extremely difficult to spoof or replicate'

      Exactly! I'm sure when fingerprint readers were introduced a few decades ago they were promoted in exactly the same. "Everyone's fingerprints are unique, this is the best security possible because no one can forge the fingerprint of a live human user".

      Stick a VeinID reader on a laptop or smartphone and tie it to people's bank accounts, and watch how quickly ways around it are found, just as fingerprint readers have various hacks (depending on the type of reader)

    2. Ron Risley

      Re: 'extremely difficult to spoof or replicate'

      Perhaps this is the killer app for 3-D printing.

  3. AceRimmer

    Eeewwww

    "The scanned finger must be attached to a live human body"

    Does it have to be the original human body or will any body capable of pumping blood do the job?

    1. HelpfulJohn

      Re: Eeewwww

      "Human" body? What's wrong with the equivalent of a mini-dialysis-machine? A simple pump, two tubes and some red goop. Severed finger required.

      Or a Retina display of "here's one I did earlier" Jpegs of famous fingers?

      Or a finely crafted tattoo? Or several, printed onto exchangeable gloves?

      "Oh", says the copper, "my scanner tells me you're Sir Goodly Ownsalot, and you own this building. Well, have a nice evening, m'lud."

      Or a simple card verifier like the ones everyone has in movies.

  4. i like crisps

    VAMPIRES!!!

    Why was it that the first thing that popped in to my head when reading about this on Teletext today was the horror film 'BLADE'?.....i keep thinking that at some point they will want to take a blood sample...or pint!!

    1. Lyndon Hills 1

      Re: VAMPIRES!!!

      Didn't realise teletext still existed...

  5. hi_robb
    Joke

    Hmmm

    I've been trying to log in to my Barclays Bank account this morning.

    So far all my attempts have been in vein...

    /gets coat and is dragged of stage.

    1. Anonymous Coward
      Anonymous Coward

      vein

      Will any other 'appendage' with prominent veins do as well?

      1. JaitcH
        Unhappy

        Re: vein

        Depends on the 'appendages' size ... and length ... unless the scanner is adjustable.

  6. Anonymous Coward
    Anonymous Coward

    Wrong turn

    First, fingerprint readers were the ideal of biometric verification, then iris scans, the voice prints, and now this. At hat point does some bright spark realise that biometrics are just as mcuh of an arms race as any other form of verification, but with the added advantage of an inability to withdraw or alter the factor?

  7. This post has been deleted by a moderator

  8. Neonin

    Mugging

    I barely trust a bank with my money, I'm not trusting them with any form of my biometrics.

    Of course, putting these on ATMs as the way to access your money like they've done in Brazil couldn't POSSIBLY go wrong... I'm sorry knife/gun-toting person, you want me to put my finger where?

  9. Primus Secundus Tertius Silver badge

    Voice recognition

    Re the last paragraph about voice recognition technology.

    Once upon a time banks employed staff who knew their customers. But that was before the hoi polloi had bank accounts.

  10. Anonymous Coward
    Anonymous Coward

    Another get out for the banks

    No doubt they'll rush this out to consumers to use at ATMs as it gives them a water tight get out from having to refund the customer in all cases.

    Shaken up customer: I was frog marched to an ATM and forced to withdraw all my money at gunpoint.

    Bank 'customer service' wonk: Ah yes but you aurhorised with your finger.

    Customer: But I was going to be shot, what do you expect me to do?

    Bank: But you still authorised it so we aren't liable to refund you.

    Customer: So you expect me to get shot to defend my account and your bank?

    Bank: You may think that but we couldn't possibly comment.

    Glad I don't bank with Barclays, if it gets introduced across the board then I guess it'll be money under the mattress time.

  11. razorfishsl

    Hay……!!!!

    Whilst you were scanning my veins I felt a prick in my finger…

    Yes the Vein scanning was not working so we defaulted to DNA testing.

  12. Anonymous IV
    Joke

    So they did not use artificially-coloured blood?

    No, they did not dye in vein...

  13. Andrew Findlay

    Tamper-resistant hardware?

    Biometrics are only safe where the scanner and the entire data path can be trusted. That should not be too difficult if it is part of an ATM, as those are well-defended bits of hardware. It is much harder in a device handed out to consumers.

    In this case, the finger scanner would have to authenticate itself securely to the bank, encrypt all communication, and be tamper-proof to the extent that nobody could feed recorded data into it in place of the output from its own sensor. Quite hard in a cheap lightweight device...

    It might be OK if the device itself is tied to the account, as then a criminal would have to modify my own scanner to access my account and I would probably notice that quite rapidly.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019