Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Wednesday October 28 2015, @07:38AM   Printer-friendly
from the point-of-view dept.

Citigroup is testing two concept ATMs from Diebold that will scan a customer's eyes using their cell phone:

The first concept, dubbed "Irving", uses the customer's phone camera to scan their iris instead of having them type in their personal ID number. Diebold estimates that the cash withdrawal process could be shortened to just 10 seconds with this method. The second concept, known as "Janus", is a double-sided ATM that also does away with the card reader. Instead, it can email or text receipts to the user.

Despite growing demand, Citigroup doesn't appear to be in that much of a hurry:

"Larger players sometimes like to wait on the sidelines a little longer to see if a product has merit before investing in it," Javelin analyst Daniel Van Dyk told the WSJ.

The company's reticence is in part due to questions about whether the general banking public is willing, or even able, to submit to regular biometric scans in order to access their hard-earned cash.

Regardless, companies like Citigroup are in the proverbial catbird seat since young people think national banks offer the best mobile services.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Insightful) by bradley13 on Wednesday October 28 2015, @09:41AM

    by bradley13 (3053) on Wednesday October 28 2015, @09:41AM (#255486) Homepage Journal

    This is the elephant in the room for biometric identification. Your particular retina pattern (or fignerprint, or whatever) may be unique, but the representation of that data can be stolen. Unlike a password: if it is stolen, you cannot change it.

    --
    Everyone is somebody else's weirdo.
    Starting Score:    1  point
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3  
  • (Score: 2) by digitalaudiorock on Wednesday October 28 2015, @02:36PM

    by digitalaudiorock (688) on Wednesday October 28 2015, @02:36PM (#255597) Journal

    This is the elephant in the room for biometric identification. Your particular retina pattern (or fignerprint, or whatever) may be unique, but the representation of that data can be stolen. Unlike a password: if it is stolen, you cannot change it

    Absolutely, yet the companies who are pushing this stuff have been managing to spin this as something that can be fixed. I heard one on NPR recently. I don't believe it for a second. Worse yet, as per the GP post, assuming they could fix it to work with only the real deal, there could actually be a motivation to steal that...what could go wrong?

    • (Score: 3, Insightful) by kurenai.tsubasa on Wednesday October 28 2015, @03:31PM

      by kurenai.tsubasa (5227) on Wednesday October 28 2015, @03:31PM (#255628) Journal

      Thirded. The other thing this whole biometrics push doesn't account for are false negatives. We had a thumbprint scanner at work a few years ago. It took about 4 tries to get the damned thing to recognize your prints. We eventually got rid of it after it had been in permanently unlocked mode for about a year and replaced it with key fobs. (No idea how hackable these key fobs are, don't care.)

      What I want is some kind of key fob that stores a 4096 bit private key and give the public key to anybody who needs to authenticate me. The key fob does only four things: allow a keypair to be generated once using radio static or background radiation or somesuch as an entropy source also giving a revocation for me to store somewhere else, cough up the public key when requested, sign, and decrypt. (I suppose encrypt too but that can be handled by any device with the public key.) If it gets stolen, I can publish the revocation I got during key generation. When the revocation is published, no new keys claiming to identify me should be trusted until my identity is verified in some other (preferably offline) way.

      Maybe there could be a web of trust model where your landlord or bank and utilities sign your key (and you sign theirs, establishing them as keys that are trusted by a great number of people over time). Landlords and banks especially would be in a position to verify your identity and sign a new key after the old key's revocation has been published (whether by a troll who somehow obtained the key fob or by yourself after discovering your key fob has gone missing).

      Biometrics are a dead end. (Will sci fi please, please stop portraying this as authentication from the future?! It's confusing to the cows!) Passwords are a kludge. 4 digit pin numbers are an awful variation of the password kludge. But hey, banks are willing to eat the losses from fraud as long as they can get that juicy trail of every last place you bought something and how much you spent, so whatever.

      • (Score: 1, Informative) by Anonymous Coward on Wednesday October 28 2015, @08:23PM

        by Anonymous Coward on Wednesday October 28 2015, @08:23PM (#255754)

        Landlords and banks especially would be in a position to verify your identity and sign a new key after the old key's revocation has been published ...

        Who is this landlord person you speak of? I lived with my parents until I saved enough that I could buy a house in a far suburb, for cash.

        • (Score: 2) by kurenai.tsubasa on Thursday October 29 2015, @12:56AM

          by kurenai.tsubasa (5227) on Thursday October 29 2015, @12:56AM (#255834) Journal

          Ah, don't worry! Being a homeowner myself I've foreseen this situation! In our cases, perhaps the title company, real estate agent, and, if she shows up for closing (mine didn't), the previous owner can engage in mutual key signing.

          (Count your blessings, AC. No jealousy here, but there's a disturbing trend where I live of parents throwing their kids to landlords a week after high school graduation. If I ever find Mr. Right, I'd never do such a thing, because I would hope my child would have your opportunity. This isn't just LGBT children either, surprisingly! These cows just don't understand how wealth works.)

  • (Score: 0) by Anonymous Coward on Wednesday October 28 2015, @08:01PM

    by Anonymous Coward on Wednesday October 28 2015, @08:01PM (#255745)

    No, that's a secondary issue. The real issue is privacy. I'm not giving all these scumbag corporations (and by extension, the government) my biometric information and neither should anyone else. Boycott nonsense like this.

  • (Score: 2) by davester666 on Thursday October 29 2015, @05:23AM

    by davester666 (155) on Thursday October 29 2015, @05:23AM (#255892)

    Give me 2 minutes with a knife and I'll give you a new retina pattern.