I wasn't scared before...
...but if someone's gonna rob my eyes to steal stuff, I am now.
I never did get the idea behind biometrics for two reasons: you can't hide it and can't change it.
The eyes have IT: TSB to roll out iris-scanning tech for mobile banking
TSB has announced plans to roll out iris-scanning technology for its mobile banking app from September. The move will make the UK high street bank the first in Europe to debut iris-scanning tech. TSB's iris recognition tech [source: TSB] Biometric authentication for banking, in general, has become commonplace over recent …
-
-
Thursday 20th July 2017 17:11 GMT Ben Tasker
Re: I wasn't scared before...
> I never did get the idea behind biometrics for two reasons: you can't hide it and can't change it.
It's actually pretty good as a replacement for your username (which should be considered near public anyway), i.e. identification, other than that you can't change it (so not quite so convenient for forums as the like).
The problem with that, though, is there will always be the eejits who think biometrics are a good replacement for authentication. So, if you use it for identification, and someone else uses it for authentication, you get an overlap between data that can be public (i.e. usernames) and data that should be secret (i.e. passwords). Not quite as trivial to steal and use as a simple username string, but it does open the possibility of it happening - historically there's not been much effort put into protecting handles because they're considered publicly available knowledge.
So using biometrics for authentication is stupid (can't be changed if/when it leaks, currently technology is good but far from perfect etc), and using it for identification is a potentially bad idea too.
-
-
Thursday 20th July 2017 16:31 GMT M7S
Perhaps as with some high end trading systems
that allow a "duress" password that pretends to do things but doesn't in fact enable any real transfers you'll get one setting for each eye. "Do you feel lucky, Punk?"
My concern would be for high net worth individuals (alas/fortunately I am not one such) bundled from the street into a van and waking to find themselves in an abandoned warehouse tied to a chair with their phone being dangled in front of them. How do they then stop the gang of masked ne'erdowells emptying all their accounts (as they will have the time to determine that funds have in fact arrived where expected, and change eye if required). If the person is then released and clever villains have left no real clues even to the crime necessarily having taken place, how would such a person prove it had taken place or that they were not in some way complicit with their "abductors" and should get re-imbursed by the bank?
I expect there's probably a movie about this lurking somewhere on a VHS tape.
-
Thursday 20th July 2017 17:16 GMT werdsmith
Re: Perhaps as with some high end trading systems
My concern would be for high net worth individuals (alas/fortunately I am not one such) bundled from the street into a van and waking to find themselves in an abandoned warehouse tied to a chair with their phone being dangled in front of them.
Or they could just point a gun at them and tell them to put their code in.
-
-
-
-
Friday 21st July 2017 08:43 GMT Halfmad
I heard an interview with an "expert" about this.
Apparently it's great for customers because:
1. You don't need to physically touch the device to login and check balances etc.
2. It's more secure than finger prints.
3. It's just jolly bloody great.
OK well let's see.
1. You can login accidentally just by f*cking looking at it.
2. You still need to physically access the device which is in your f*cking hand to do anything in the app.
3. It can be bypassed using a photograph and a contact lens and as camera get better..
-
Friday 21st July 2017 10:41 GMT CrazyOldCatMan
The move will make the UK high street bank..
..the first in Europe to debut iris-scanning tech.
Not so - the Nationwide (Probably then The Nationwide Anglia) did a full-scale trial of in-branch iris-recognition back in the halcyon days of the late 90's..
(I was part of it - turns out that wearing contact lenses messes up the recognition - especially if you sometimes switch to wearing glasses.).
They eventually withdrew the service, citing that it didn't really work too well.
Biting the hand that feeds IT
