Ian Brown <[EMAIL PROTECTED]> writes: >Steven M. Bellovin wrote: >>>Cambridge Trust puts your picture on the back of your VISA card, for >>>instance. They have for more than a decade, maybe even two. >> >> One New York bank -- long since absorbed into some megabank -- did the >> same thing about 30 years ago. They gave up -- it was expensive then, >> and may not have solved any real problems. (Possibly, it simply didn't >> fit their real purpose of attracting more customers.) > >They don't for example seem to reduce fraud -- shop staff don't compare >the photo to the customer carefully enough: > >R. Kemp, N. Towell, G. Pike, "When seeing should not be believing: >Photographs, credit cards and fraud," Applied Cognitive Psychology Vol >11(3) (1997) pp 211-222.
For those who haven't seen this study, it's an important read (it's also been re-published in a somewhat more accessible journal, perhaps it was CACM?). What they did was send students into a supermarket with card photos of either them, someone who looked vaguely like them, or someone who looked nothing like them. Both the FRR and FAR were found to be such that the photo IDs were more or less worthless for fraud prevention. Some banks over here started to introduce photos on cards, but dropped the scheme based on this study and other research which showed that it wasn't worth it: The photos were too small to be useful, only customs & immigration staff and to a lesser extent police have any formal training in matching faces to images, and your typical minimum-wage checkout operator couldn't care less if the image matched or not, their incentive was to move shoppers through quickly, not to check IDs. Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
