SoylentNews is people
SoylentNews
from the I'm-sure-they'll-delete-the-records-when-they're-no-longer-needed dept.
JPMorgan requires staff to hand over biometric data to access new headquarters New York bank is imposing eye and fingerprint scans amid heightened security concerns at corporate offices
JPMorgan Chase has told staff moving into the US bank's new multibillion-dollar Manhattan headquarters they must share their biometric data to access the building, overriding a prior plan for voluntary enrolment.
Employees who have started work at its 270 Park Avenue skyscraper since August have received emails saying biometric access is "required", according to a communication seen by the Financial Times. This allows people to scan their fingerprints or eye instead of ID badges to get through the lobby security gates.
[...] Dave Komendat, chief security officer at Corporate Security Advisors, said biometrics had been used for decades at higher-security areas, such as government installations and data centres, but putting them in commercial buildings for large numbers of people would be used at a new and larger scale.
https://www.ft.com/content/d5351d3d-d64f-4a90-a3da-d1ef8e8bea66
https://archive.ph/YCV85
[Ed. question: Would this be a deal breaker for any of you for joining or continuing to work at the company?]
(Score: 3, Interesting) by fen on Monday October 20, @09:51AM (2 children)
I worked for a major bank at a satellite site. A lot of people had most of their team on the other coast. They faced an hour commute to sit alone in an office a scramble for quiet rooms. There was some talk about sharing ID cards to fulfill the return-to-work requirements.
(Score: 2) by mcgrew on Tuesday October 21, @03:43PM (1 child)
If all of you kids would have said "I ain't goin' back" and all held out for sane policies, the sane policies would have happened. But of course, that's impossible for working people.
But when they demand biometric data is when to flip them the bird and find another job, even if it pays less.
Mad at your neighbors? Join ICE, $50,000 signing bonus and a LICENSE TO MURDER!
(Score: 3, Interesting) by Thexalon on Tuesday October 21, @04:50PM
Yes, workers generally are collectively better off when enough of them stand up for their rights and tell the brass to f--- right off when they pull moves like this.
But:
1. It's a lot easier to do collective moves like that when you have some kind of organization of all the workers for a business that does not include upper management already in place, so you can more easily plan what you're doing and address. There has been at least a century's worth of propaganda that's convinced a lot of people, especially those with college degrees who wear collared button-down shirts and slacks to work, that they don't need those kinds of organizations, or that having them would do more harm than good. Call this kind of organization an "onion" or something like that.
2. The job market is wildly screwed up right now, especially for white-collar types. Somewhere between 30-50% of the jobs on most job boards don't really exist, and many are just resume collectors that they can feed into AI bots. There are other AI bots that are filtering out resumes for numerous secret reasons, and other AI bots flooding these jobs with fake CVs. Some "interviews" aren't real interviews with a person, either, just more bot data mining. It's almost entirely a "who you know" system, which is hard if not impossible for someone to navigate if they're starting their careers. So "just get another job" is easier said than done.
3. Thanks to the immigration crackdowns, anyone in the US under H1B and similar programs is stuck between "hang onto your current job" and "move back to the country they came from", even if they've been living in the US for a decade and have a spouse and kids and a life, which means they will put up with a lot more to hang onto their current job. This is of course part of why management loves having people under these programs.
4. Most companies, especially larger companies, can manage without a bunch of employees for longer than most people can do without a paycheck. That fundamental threat of starvation and homelessness underlies pretty much all mistreatment of employees by managers, in every profession.
It's also worth noting that management has been as of late doing these kinds of things as "stealth layoffs". They create the policy knowing full well that a bunch of people will quit over it. And they will probably be the more experienced, senior level, more expensive staff. Then they can hire junior-level people for less money to replace the senior-level people they lost. And sure, you might think "but you lost the knowledge of the senior-level people too", but that's not considered important to beancounters.
"Think of how stupid the average person is. Then realize half of 'em are stupider than that." - George Carlin
(Score: 5, Insightful) by pkrasimirov on Monday October 20, @10:09AM (17 children)
Next title probably in line: "Millions of personal data, including biometrics, are stolen". Yeah, I can change my password, I cannot change my eyes. Funny clowns, when that happens they will react like surprised koalas, who could have thought that is even possible? Anyway, zero responsibility taken of course, "not-my-fault" is their strongest game.
(Score: 2, Interesting) by fen on Monday October 20, @10:13AM (4 children)
How do smartphones handle this? Apple talks about hardware separation--this is why you need to redo biometrics on a full phone restore. What are specific problems with fingerprints? Why do we only fingerprint suspected criminals?
(Score: 5, Insightful) by sneftel on Monday October 20, @12:08PM (1 child)
I can't speak for the police, but I suspect they rarely see crime scenes with eyeball prints all over everything.
(Score: 1, Interesting) by Anonymous Coward on Monday October 20, @06:53PM
> I suspect they rarely see crime scenes with eyeball prints all over everything.
This may change in the future when HD security cameras improve(??) Then the crooks will all wear dark glasses and the cameras will be fitted with strobes....
Not something I'm looking forward to, but sort of seems inevitable.
(Score: 2) by DadaDoofy on Monday October 20, @06:49PM
What are specific problems with fingerprints?
The "problem" with fingerprints lies in cheap, poorly designed inaccurate fingerprint detection, not fingerprints themselves.
Why do we only fingerprint suspected criminals?
Not true. We also fingerprint people who apply for "positions of trust".
(Score: 2) by mcgrew on Tuesday October 21, @03:51PM
Why do we only fingerprint suspected criminals?
We don't. We also fingerprint military enlistees, because all that may be left of you is a finger.
I can't remember the movie's name (really long time since I saw it) but there's a Bruce Willis movie where he plays a gangster, and after he saves a dentist's life (or something...) one of the dentist's patients gets blown up in a car, so he does dental work on the gangster to match the corpse's dental records so the mob won't kill (or the cops won't catch) the gangster.
Not the most memorable Bruce Willis film.
Mad at your neighbors? Join ICE, $50,000 signing bonus and a LICENSE TO MURDER!
(Score: 4, Funny) by Anonymous Coward on Monday October 20, @10:27AM (4 children)
Koalas are never surprised. They are so stoned on eucalyptus oil that everything is like "yeah man, that's cool, I'm gonna go chew some leaves".
(Score: 4, Funny) by turgid on Monday October 20, @10:45AM (3 children)
Interesting. I have a tree in the garden. Maybe I'll try a leaf or two.
I refuse to engage in a battle of wits with an unarmed opponent [wikipedia.org].
(Score: 4, Informative) by HiThere on Monday October 20, @01:07PM (2 children)
I believe Eucalyptus leaves are rather high in cyanide. There are reasons why just about only koalas eat them.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 2) by turgid on Monday October 20, @01:16PM (1 child)
What about Fisherman's Friends [fishermansfriend.com]?
I refuse to engage in a battle of wits with an unarmed opponent [wikipedia.org].
(Score: 3, Insightful) by HiThere on Monday October 20, @09:55PM
Just because you can extract a safe version of eucalyptus oil from the leaves (or bark? wood?) doesn't mean that the thing as a whole was safe to eat.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 5, Insightful) by sneftel on Monday October 20, @12:06PM (6 children)
Christ, this same mistake gets posted like clockwork under literally every story about biometrics. "What if the data gets stolen?? I can't change my [piece of anatomy]!"
This mistake stems from the analogy of passwords, which seek to provide secure authentication by means of secrets. There's a datum you know, and the service also knows the datum (or, at least, knows a hash of the thing) and you provide the datum in question to prove that you are the one and only person who knows that datum.
But biometrics aren't about secrecy. Nobody tries to keep their eyes secret. They post pictures of them publicly, in fact. Biometrics only work because of trusted hardware. The thing which says "this is so-and-so's eyeball", or equivalently "this user has an eyeball which looks like such-and-such", is a hardened and attested device which is trusted to only provide true information about the eyeball presented to it, including verifying that the thing being presented to it is an actual human eyeball. Trusted computer hardware is difficult to get right, but people have been working on that problem for the better part of a century and at this point they're really quite good at it.
Think of it as the difference between an old-style (pre-chip) credit card reader and a coin acceptor. It's trivial to copy the magstrip of a credit card, and the credit card reader would have no idea; the secrets are the only thing special about the credit card. But all nickels look the same. The security of a coin acceptor comes from the physical difficulty of copying coins. As long as the vending machine is sure the coin acceptor hasn't been tampered with, it can trust that the signal that a nickel was inserted represents an actual nickel having been inserted.
So when you say "I can't change my eyes", consider first whether you can copy your eyes.
(Score: 4, Informative) by pkrasimirov on Monday October 20, @12:41PM (1 child)
A machine can copy my eyes, more specifically all information it deems sufficient to identify them among others. Whether it will store that information, or a hash of it, or a secure hash of it for future comparison, is not in my control or knowledge. You can argue it's okay because it's not really my eyes but the laws in EU disagree.
(Score: 3, Insightful) by sneftel on Monday October 20, @09:57PM
Again, it doesn’t matter if they get copied. Do you protect your fingerprints? Carefully wipe down all the glasses you touch? No. Biometric information of this site is not a secret. It has no inherent value and is not used in situations where secrecy os important.
As I say: people make this mistake frequently. Politicians aren’t immune.
(Score: 5, Insightful) by VLM on Monday October 20, @01:26PM (1 child)
Technically its very easy to fool those machines.
Its a risk reward thing where you're supposed to have an armed guard standing there making sure people are not holding up a picture of someone's eye or wearing a rubber glove with a picture of fingerprints on it. It doesn't cost much to distract the guard.
The real purpose as usual with these people, is a mix of security theater and ritual humiliation.
With a side dish of "oh it makes people mad so 3% of our employees leave? Thats cool we were expecting 5% layoffs this year so now we only have to "work" for an additional 2%"
My experience is with secured data center doors quite a few years ago; they were mostly for show. They also well out of alignment FAST with heavy use so just turn down the sensitivity dial until anyone's hand works all the time. Also they were ungodly filthy. You'd want to wash your hands after touching the hand scanner but couldn't; this is very "post-covid" making everyone touch everyone else eww gross.
(Score: 2) by mcgrew on Tuesday October 21, @03:56PM
Technically its very easy to fool those machines.
That's the theme of Minority Report that struck me.
Mad at your neighbors? Join ICE, $50,000 signing bonus and a LICENSE TO MURDER!
(Score: 5, Interesting) by VLM on Monday October 20, @01:39PM
"That 24x7 human touch to guard the machines is expensive, lets just buy a scanner and hook it up directly to the door lock on every entrance to save money. If we had to hire a guard to guard the scanner we'd have just hired a guard to guard the door LOL"
(Score: 2) by krishnoid on Monday October 20, @02:27PM
Apple is proof that the technology is quite advanced and has accounted for multiple considerations. Of course, it's probably not what they're using [youtu.be].
(Score: 4, Interesting) by looorg on Monday October 20, @11:19AM (2 children)
It sounds scary and over the top. But then I have already done it. I had my fingerprints on my work ID for at least the last two or three jobs I have had. They have photo, fingerprints and some biometrical data such as height on them. It's also the same on my national ID card and drivers license. I got a new ID card just a month ago. I got that one so I guess it wasn't a deal breaker. What are on American ID cards and drivers licenses if you have such an issue with this? Is it just a photo and a name?
I guess it's faster to scan your finger at the entry gate then to bring up a card and swipe. But not by much. After all they want you to have your corporate card visible and you need easy access to it to scan it at doors, the printer, elevators etc. So the time save is probably minimal. I guess the solve the issue of card-sharing. But unless they can prove that is a big problem I am wondering what kind of problem they are really solving. Did they have a large problem with that? Did they have a lot of people enter the building that didn't belong there? After all will this stop people with guns from entering the building for a massive work shooting spree in the lobby?
So I guess it was then. Did they not have an ID system? Which is why the gunman managed to enter the building and ride elevators and such before going on a rampage? Perhaps they should have just had more armed guards in the lobby? Which sounds like a horrible idea. But then they are a bank don't they have like an armed guard in the bank to make people feel all secure and such? I don't know, I never been to a bank in America, so this is all just taken from movies -- where there is always some retired cop in the bank and he gets shot first.
So they are focusing on what they consider to be the perceived benefits or positive aspects of it. Not the negative. Like can we keep this entire database of biometric data secure? Answer probably no.
It sounds a bit over the top for getting to the office. But I guess it's just the next step in "security". Just hope it doesn't escalate to wanting blood samples and such. There is a limit somewhere, but fingerprint and photo wasn't it.
(Score: 2) by VLM on Monday October 20, @01:31PM
Its not an individual case thing.
Imagine I was legally required to use the same password on every site on the internet for the ease and comfort of our local version of the KGB.
Its the same card to open or close an account at a bank, cash a check, request a deposit, enter a school district building, buy a beer if you look young, check out a library book with it, use my public gym, get a minor citation ticket from the police, etc.
Some of those places like the library and gym and bank prefer you bring their card or similar documents but are pretty chill if you walk up with a drivers license and a sob story about forgetting it at home.
Your DL in the USA is the simple, easily cloned, unchangeable root password to every account you have IRL.
(Score: 3, Informative) by quietus on Monday October 20, @01:44PM
I don't know about this particular case, but I can tell you that these buildings have some kind of cargo load bay(s) at the back or in a side street. If there is a security gate there, it's likely to be the kind that you can easily jump.
(Score: 2) by Dr Spin on Monday October 20, @12:02PM
Yes.
Warning: Opening your mouth may invalidate your brain!
(Score: 3, Informative) by turgid on Monday October 20, @12:03PM (2 children)
They already introduced WADU [businessinsider.com] to monitor their staff continuously. I think I'd rather starve to death than work there. They wouldn't have me anyway, I expect.
I refuse to engage in a battle of wits with an unarmed opponent [wikipedia.org].
(Score: 2) by VLM on Monday October 20, @01:35PM (1 child)
It USED TO be a prestigious place to work. USED TO. They're running a selection program to select very "interesting" employees now.
Imagine spending your whole life competing to get into an ivy league school to become a well connected investment banker, maybe at JPM, and then getting there and being all "fuck this place".
(Score: 2) by turgid on Monday October 20, @01:55PM
I knew someone who used to work for JP Morgan in the UK. His head had trouble getting through the office door. He was always finished his work in super quick time because he never finished it plus he already knew how to do everything and couldn't be taught.
I refuse to engage in a battle of wits with an unarmed opponent [wikipedia.org].
(Score: 3, Insightful) by SomeGuy on Monday October 20, @12:07PM
Just a reminder that biometrics are not real security. They are theater, put in place by idiots who believe everything they see in movies and wish to treat their employees like cattle/slaves.
Besides, everyone knows that glorious smart phones uniquely and reliably identify everyone. After all, everyone owns a smart phone, right? Just send a 2FU authentication request to their smart phone app whenever they want to access anything, throw some AI at it too while you are at it, and everything will be perfect, right?
(Score: 5, Informative) by Rosco P. Coltrane on Monday October 20, @12:19PM (5 children)
because my company uses Microsoft cloud services and I refused to let them upload my photo. They argued a bit, then they relented when the union rep came to chat with HR.
I'm pretty sure most of the company would walk out if they tried biometrics.
Also, biometrics are bad. You know why? Because when someone steals your biometric data, you can't change it. And yes, they will be stolen, just like passwords.
(Score: 3, Touché) by gnuman on Monday October 20, @02:34PM (3 children)
Except this is for building access ... they could have just used facial recognition instead here. Yes, if someone steals your head, I'm sure no one would notice and let you in the door, just like if someone stole your RFID key or similar. This is not about secrets. It's about ID, like you have photo in passport so that people/computers can compare the passport with your face.
It's incorrect to compare this to passwords. Passwords are meant to be secret. Your face is not. But I guess they could use DNA in the future, like Gattaca (sans the blood sample)
(Score: 4, Insightful) by Rosco P. Coltrane on Monday October 20, @02:48PM (2 children)
Biometrics for identification purposes are fine. The problem is, they're used for authentication.
(Score: 3, Insightful) by canopic jug on Monday October 20, @05:11PM (1 child)
Indeed. Biometrics are the username, not the password. Attempting to use them in place of the latter weakens the system that is done to.
Money is not free speech. Elections should not be auctions.
(Score: 2) by gnuman on Monday October 20, @08:37PM
For building access, biometrics (eg. face recognition) can take place in addition or in-place of something like RFID cards... RFID cards are not passwords either.... so using biometrics here is not really detrimental. On the other hand, such systems are not meant to replace passwords, etc. -- I fully agree on that. But door access *rarely* uses access codes in addition to keycards or similar. And in most of those cases you'd have human guards to make sure no one is doing anything funny.
(Score: 3, Insightful) by mcgrew on Tuesday October 21, @04:00PM
because my company uses Microsoft cloud services
I'll bet all those companies who use AWS [usatoday.com] are wishing they had chosen M$!
Or better, used their own storage!
Mad at your neighbors? Join ICE, $50,000 signing bonus and a LICENSE TO MURDER!
(Score: 0) by Anonymous Coward on Tuesday October 21, @08:38PM
"My voice is my passport. Verify me."
https://www.youtube.com/watch?v=-zVgWpVXb64 [youtube.com]