back to article Death-to-passwords FIDO Alliance finds a friend at DOCOMO

Japanese users will be able to log in and make online purchases using iris recognition biometrics after telco giant DOCOMO begins shipping Fujitsu ARROWS phones. The telco's 65 million users will be able to use the biometric verification on the ARROWS F-04G said to be the world's first iris snapper. Fingerprint biometric …

  1. Pen-y-gors Silver badge

    Not good...

    It was bad enough having muggers chop off your fingers so they could use fingerprint recognition systems, now they'll need to gouge out your eyes as well! This is getting pretty mediaeval

    1. Anonymous Coward
      Anonymous Coward

      Re: Not good...

      indeed - which is why in the average western nation it's good, as your average mugger isn't a hardened psychopath that can cut pieces of a screaming human being for fifty quid.

  2. Tromos

    co-founding member Nok Nok Labs

    Who's there Labs?

    1. Zog_but_not_the_first Silver badge
      Coat

      Re: co-founding member Nok Nok Labs

      {sigh} These jokes get cornea by the minute.

      Mine's the one with the comedy blind spot in the pocket.

      1. kryptonaut
        Boffin

        Re: co-founding member Nok Nok Labs

        I can't work out if that's aqueous or vitreous humour.

  3. Anonymous C0ward

    What's the false positive / false negative rate?

  4. Andy Non

    Must keep an eye on this technology.

  5. Anonymous Coward
    Anonymous Coward

    I can't see it taking off

  6. Anonymous Coward
    Anonymous Coward

    Sounds easy to hack

    All I (eye) need is a good photo of the victim's eyeball to wave in front of the phone. Or a video clip, if they're really sharp...

    Easier than lifting a fingerprint onto a gummy bear.

    1. Cliff

      Re: Sounds easy to hack

      Pretty easy to defend against - use the flash to constrict the pupil ;-)

    2. Antonymous Coward
      Pirate

      Re: Sounds easy to hack

      Indeed. There's no security in this. It's all about marketing crap at the indolent ignorant.

      Expect a tiny disclaimer to be buried somewhere near the end of the devices' manuals, where no one will ever see it, just "for legal reasons", to the effect of: Do not rely on this "security" crapware for anything requiring actual security now will you? Mmmmmmkay.

      https://cansecwest.com/slides/2015/I see therefore I am - Jan Starbug.pdf

  7. Marketing Hack Silver badge
    Facepalm

    Iris recognition...

    Great, at least if the bad guys get your password, you can change that. What happens once they steal your iris scan from an ill-protected server somewhere?

  8. DanielR

    No e-commerce on the phone

    Only a fool would attempt to do e-commerce on your smart phone. It's not secure at all. Phones are public facing and have no firewalls you'd have to be an idiot to participate. And governments have been going hard trying to get malware on phones. All it would take is for that iris signature to be sniffed.

    I think it's a great idea but cabled into a computer or part of a computer that doesn't have malware built into the hardware of course and behind a firewall.

  9. Jin

    FIDO on a wrong path

    FIDO is sadly promoting biometrics in a wrong manner.

    Biometric authentication could be a candidate for displacing the password if/when (only if/when) it has stopped depending on a password to be registered in case of false rejection while keeping the near-zero false acceptance.

    We could be certain that biometrics would help for better security only when it is operated together with another factor by AND/Conjunction (we need to go through both of the two), not when operated with another factor by OR/Disjunction (we need only to go through either one of the two) as in the cases of Touch ID and many other biometric products on the market that require a backup/fallback password, which only increase the convenience by bringing down the security.

    In short, biometric solutions could be recommended to the people who want convenience but should not be recommended to those who need security. Below is a brief slide titled “Password-Dependent Password-Killer” posted with respect to this theme.

    http://www.slideshare.net/HitoshiKokumai/password-dependent-passwordkiller-46151802

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019