SoylentNews is people
SoylentNews
from the I'm-sure-they'll-delete-the-records-when-they're-no-longer-needed dept.
JPMorgan requires staff to hand over biometric data to access new headquarters New York bank is imposing eye and fingerprint scans amid heightened security concerns at corporate offices
JPMorgan Chase has told staff moving into the US bank's new multibillion-dollar Manhattan headquarters they must share their biometric data to access the building, overriding a prior plan for voluntary enrolment.
Employees who have started work at its 270 Park Avenue skyscraper since August have received emails saying biometric access is "required", according to a communication seen by the Financial Times. This allows people to scan their fingerprints or eye instead of ID badges to get through the lobby security gates.
[...] Dave Komendat, chief security officer at Corporate Security Advisors, said biometrics had been used for decades at higher-security areas, such as government installations and data centres, but putting them in commercial buildings for large numbers of people would be used at a new and larger scale.
https://www.ft.com/content/d5351d3d-d64f-4a90-a3da-d1ef8e8bea66
https://archive.ph/YCV85
[Ed. question: Would this be a deal breaker for any of you for joining or continuing to work at the company?]
(Score: 5, Insightful) by pkrasimirov on Monday October 20, @10:09AM (17 children)
Next title probably in line: "Millions of personal data, including biometrics, are stolen". Yeah, I can change my password, I cannot change my eyes. Funny clowns, when that happens they will react like surprised koalas, who could have thought that is even possible? Anyway, zero responsibility taken of course, "not-my-fault" is their strongest game.
(Score: 2, Interesting) by fen on Monday October 20, @10:13AM (4 children)
How do smartphones handle this? Apple talks about hardware separation--this is why you need to redo biometrics on a full phone restore. What are specific problems with fingerprints? Why do we only fingerprint suspected criminals?
(Score: 5, Insightful) by sneftel on Monday October 20, @12:08PM (1 child)
I can't speak for the police, but I suspect they rarely see crime scenes with eyeball prints all over everything.
(Score: 1, Interesting) by Anonymous Coward on Monday October 20, @06:53PM
> I suspect they rarely see crime scenes with eyeball prints all over everything.
This may change in the future when HD security cameras improve(??) Then the crooks will all wear dark glasses and the cameras will be fitted with strobes....
Not something I'm looking forward to, but sort of seems inevitable.
(Score: 2) by DadaDoofy on Monday October 20, @06:49PM
What are specific problems with fingerprints?
The "problem" with fingerprints lies in cheap, poorly designed inaccurate fingerprint detection, not fingerprints themselves.
Why do we only fingerprint suspected criminals?
Not true. We also fingerprint people who apply for "positions of trust".
(Score: 2) by mcgrew on Tuesday October 21, @03:51PM
Why do we only fingerprint suspected criminals?
We don't. We also fingerprint military enlistees, because all that may be left of you is a finger.
I can't remember the movie's name (really long time since I saw it) but there's a Bruce Willis movie where he plays a gangster, and after he saves a dentist's life (or something...) one of the dentist's patients gets blown up in a car, so he does dental work on the gangster to match the corpse's dental records so the mob won't kill (or the cops won't catch) the gangster.
Not the most memorable Bruce Willis film.
Mad at your neighbors? Join ICE, $50,000 signing bonus and a LICENSE TO MURDER!
(Score: 4, Funny) by Anonymous Coward on Monday October 20, @10:27AM (4 children)
Koalas are never surprised. They are so stoned on eucalyptus oil that everything is like "yeah man, that's cool, I'm gonna go chew some leaves".
(Score: 4, Funny) by turgid on Monday October 20, @10:45AM (3 children)
Interesting. I have a tree in the garden. Maybe I'll try a leaf or two.
I refuse to engage in a battle of wits with an unarmed opponent [wikipedia.org].
(Score: 4, Informative) by HiThere on Monday October 20, @01:07PM (2 children)
I believe Eucalyptus leaves are rather high in cyanide. There are reasons why just about only koalas eat them.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 2) by turgid on Monday October 20, @01:16PM (1 child)
What about Fisherman's Friends [fishermansfriend.com]?
I refuse to engage in a battle of wits with an unarmed opponent [wikipedia.org].
(Score: 3, Insightful) by HiThere on Monday October 20, @09:55PM
Just because you can extract a safe version of eucalyptus oil from the leaves (or bark? wood?) doesn't mean that the thing as a whole was safe to eat.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 5, Insightful) by sneftel on Monday October 20, @12:06PM (6 children)
Christ, this same mistake gets posted like clockwork under literally every story about biometrics. "What if the data gets stolen?? I can't change my [piece of anatomy]!"
This mistake stems from the analogy of passwords, which seek to provide secure authentication by means of secrets. There's a datum you know, and the service also knows the datum (or, at least, knows a hash of the thing) and you provide the datum in question to prove that you are the one and only person who knows that datum.
But biometrics aren't about secrecy. Nobody tries to keep their eyes secret. They post pictures of them publicly, in fact. Biometrics only work because of trusted hardware. The thing which says "this is so-and-so's eyeball", or equivalently "this user has an eyeball which looks like such-and-such", is a hardened and attested device which is trusted to only provide true information about the eyeball presented to it, including verifying that the thing being presented to it is an actual human eyeball. Trusted computer hardware is difficult to get right, but people have been working on that problem for the better part of a century and at this point they're really quite good at it.
Think of it as the difference between an old-style (pre-chip) credit card reader and a coin acceptor. It's trivial to copy the magstrip of a credit card, and the credit card reader would have no idea; the secrets are the only thing special about the credit card. But all nickels look the same. The security of a coin acceptor comes from the physical difficulty of copying coins. As long as the vending machine is sure the coin acceptor hasn't been tampered with, it can trust that the signal that a nickel was inserted represents an actual nickel having been inserted.
So when you say "I can't change my eyes", consider first whether you can copy your eyes.
(Score: 4, Informative) by pkrasimirov on Monday October 20, @12:41PM (1 child)
A machine can copy my eyes, more specifically all information it deems sufficient to identify them among others. Whether it will store that information, or a hash of it, or a secure hash of it for future comparison, is not in my control or knowledge. You can argue it's okay because it's not really my eyes but the laws in EU disagree.
(Score: 3, Insightful) by sneftel on Monday October 20, @09:57PM
Again, it doesn’t matter if they get copied. Do you protect your fingerprints? Carefully wipe down all the glasses you touch? No. Biometric information of this site is not a secret. It has no inherent value and is not used in situations where secrecy os important.
As I say: people make this mistake frequently. Politicians aren’t immune.
(Score: 5, Insightful) by VLM on Monday October 20, @01:26PM (1 child)
Technically its very easy to fool those machines.
Its a risk reward thing where you're supposed to have an armed guard standing there making sure people are not holding up a picture of someone's eye or wearing a rubber glove with a picture of fingerprints on it. It doesn't cost much to distract the guard.
The real purpose as usual with these people, is a mix of security theater and ritual humiliation.
With a side dish of "oh it makes people mad so 3% of our employees leave? Thats cool we were expecting 5% layoffs this year so now we only have to "work" for an additional 2%"
My experience is with secured data center doors quite a few years ago; they were mostly for show. They also well out of alignment FAST with heavy use so just turn down the sensitivity dial until anyone's hand works all the time. Also they were ungodly filthy. You'd want to wash your hands after touching the hand scanner but couldn't; this is very "post-covid" making everyone touch everyone else eww gross.
(Score: 2) by mcgrew on Tuesday October 21, @03:56PM
Technically its very easy to fool those machines.
That's the theme of Minority Report that struck me.
Mad at your neighbors? Join ICE, $50,000 signing bonus and a LICENSE TO MURDER!
(Score: 5, Interesting) by VLM on Monday October 20, @01:39PM
"That 24x7 human touch to guard the machines is expensive, lets just buy a scanner and hook it up directly to the door lock on every entrance to save money. If we had to hire a guard to guard the scanner we'd have just hired a guard to guard the door LOL"
(Score: 2) by krishnoid on Monday October 20, @02:27PM
Apple is proof that the technology is quite advanced and has accounted for multiple considerations. Of course, it's probably not what they're using [youtu.be].