I wasn't scared before...
...but if someone's gonna rob my eyes to steal stuff, I am now.
I never did get the idea behind biometrics for two reasons: you can't hide it and can't change it.
TSB has announced plans to roll out iris-scanning technology for its mobile banking app from September. The move will make the UK high street bank the first in Europe to debut iris-scanning tech. TSB's iris recognition tech [source: TSB] Biometric authentication for banking, in general, has become commonplace over recent …
> I never did get the idea behind biometrics for two reasons: you can't hide it and can't change it.
It's actually pretty good as a replacement for your username (which should be considered near public anyway), i.e. identification, other than that you can't change it (so not quite so convenient for forums as the like).
The problem with that, though, is there will always be the eejits who think biometrics are a good replacement for authentication. So, if you use it for identification, and someone else uses it for authentication, you get an overlap between data that can be public (i.e. usernames) and data that should be secret (i.e. passwords). Not quite as trivial to steal and use as a simple username string, but it does open the possibility of it happening - historically there's not been much effort put into protecting handles because they're considered publicly available knowledge.
So using biometrics for authentication is stupid (can't be changed if/when it leaks, currently technology is good but far from perfect etc), and using it for identification is a potentially bad idea too.
that allow a "duress" password that pretends to do things but doesn't in fact enable any real transfers you'll get one setting for each eye. "Do you feel lucky, Punk?"
My concern would be for high net worth individuals (alas/fortunately I am not one such) bundled from the street into a van and waking to find themselves in an abandoned warehouse tied to a chair with their phone being dangled in front of them. How do they then stop the gang of masked ne'erdowells emptying all their accounts (as they will have the time to determine that funds have in fact arrived where expected, and change eye if required). If the person is then released and clever villains have left no real clues even to the crime necessarily having taken place, how would such a person prove it had taken place or that they were not in some way complicit with their "abductors" and should get re-imbursed by the bank?
I expect there's probably a movie about this lurking somewhere on a VHS tape.
My concern would be for high net worth individuals (alas/fortunately I am not one such) bundled from the street into a van and waking to find themselves in an abandoned warehouse tied to a chair with their phone being dangled in front of them.
Or they could just point a gun at them and tell them to put their code in.
Apparently it's great for customers because:
1. You don't need to physically touch the device to login and check balances etc.
2. It's more secure than finger prints.
3. It's just jolly bloody great.
OK well let's see.
1. You can login accidentally just by f*cking looking at it.
2. You still need to physically access the device which is in your f*cking hand to do anything in the app.
3. It can be bypassed using a photograph and a contact lens and as camera get better..
..the first in Europe to debut iris-scanning tech.
Not so - the Nationwide (Probably then The Nationwide Anglia) did a full-scale trial of in-branch iris-recognition back in the halcyon days of the late 90's..
(I was part of it - turns out that wearing contact lenses messes up the recognition - especially if you sometimes switch to wearing glasses.).
They eventually withdrew the service, citing that it didn't really work too well.