Stories
Slash Boxes
Comments

SoylentNews is people

Submission Preview

Link to Story

VISA and Biometric Authentication

Accepted submission by anubi at 2024-03-03 00:07:51 from the Anyone run this by Cellphone Security? dept.
Security

Looks like VISA credit card has developed a way of storing biometric data on our cellphones, then use that as an authenticator.

https://reclaimthenet.org/visa-applies-for-biometric-authentication-patent [reclaimthenet.org]

What could possibly go wrong here?

I guess I am really leery of cellphone security and app resilience. Is it so complex that it's too finicky to use? Does it require a good internet connection to work? ( Can you hear me now? ), or maybe it's based on QR codes?

I have been wrestling with a fast-food burger app over login issues. I am quite jaded over trusting anything I have to log on to to get a fresh timeout permission. For this, all I am risking is the cost of a trip to the restaurant vs. the liklihood the coupon offer will still work when I present at the register. ( The Wendy's Story already discussed here ).

How much impact would a denial- of- service cause for you? How robust is this technology. I've already seen the most expensive cars shut down for the most trivial crap. That's why I drive an old one made before their design became enshittified.

Cut n paste snippets below.
------------------------

ReclaimTheNet.org

Visa Applies for Biometric Authentication Patent
The growth of controversial biometric payment methods.
Didi Rankovic
February 27, 2024

-------------------------

Visa – one of the world’s two biggest payments processors – appears to be moving into biometric data-based authentication, at least according to a patent it has applied for. And Visa claims that this would be fully privacy-friendly.

If Visa’s patent – designed, according to the giant’s filing, to provide “biometric templates for privacy preserving authentication” – is approved and implemented, the end result would be replacement of PINs with biometric identification.

The method would be used at ATMs, payment checkouts, and Visa made sure to note that the technology’s use can be extended to unlocking apartments or letting people into venues like theaters, amusement parks, etc.

These latter, non-payment scenarios would allow Visa to monetize the patent via licensing to other companies.

The rationale for using such a system is said to be to improve security of user information in physical spaces.

The patent states that the system would work by customers enrolling into the program which means creating “a biometric template” on their device.

This data is encrypted and signed, and that signature, rather than the biometric information, is used by “access device” to verify the signature.

This, Visa said in the filing, is what preserves privacy, since the templates are stored on the user device rather than “in some giant database.”

This appears to be the key point the company is trying to make with the proposed patent, and was careful to stress that security breaching of such databases results in “disastrous” consequences.

That’s because the use of biometrics is at once safer than that of PINs and passwords, but also much riskier, given that unauthorized access provides those behind a hack to a large amount of personal information.


Original Submission