Re: Cash, Credit -- or Prints?
Can anyone explain how sophisticated those fingerprint readers are? Are there readers out there that by themselves are secure devices and essentially are able to talk with their servers thru the PCs/workstations over a protocol such that any man-in-the-middle, like a driver, can not learn anything from the traffic? (...and all that for less than $40, of course...) If not, would a trojan then be able to capture your fingerprint's digital-fingerprint, and impersonate you from any other node on the network? -Frank. R.A. Hettinga wrote: http://online.wsj.com/article_print/0,,SB109744462285841431,00.html The Wall Street Journal October 11, 2004 Cash, Credit -- or Prints? Fingerprints May Replace Money, Passwords and Keys; One Downside: Gummi Fakes By WILLIAM M. BULKELEY Staff Reporter of THE WALL STREET JOURNAL October 11, 2004; Page B1 Fingerprints aren't just for criminals anymore. Increasingly, they are for customers. Fingerprint identification is being used to speed up checkouts at Piggly Wiggly supermarkets in South Carolina, and to open storage lockers at the Statue of Liberty. Fingerprints are also being used as password substitutes in cellphones and laptop computers, and in place of combinations to open up safes. But these aren't the fingerprints of yore, in which the person placed his hand on an ink pad, then on paper. Instead, the user sets his hand on a computerized device topped with a plate of glass, and an optical reader and special software and chips identify the ridges and valleys of the fingertips. Fingerprint technology seems to be reaching critical mass and is spreading faster than other widely promoted biometric identification methods, such as eyeball scanning, handprint-geometry reading and facial recognition. Interest in these and other new security systems was heightened by the September 2001 terror attacks. Fingerprints will be dominant for the foreseeable future, says Don McKeon, the product manager for biometric security at International Business Machines Corp. One reason fingerprint-security is spreading is that technological advances are bringing the cost down. Microsoft Corp. recently introduced a stand-alone fingerprint reader for $54, and a keyboard and a mouse with fingerprint readers. Last week, IBM said it would start selling laptop computers with fingerprint readers built in. These products reduce the need for personal-computer users to remember passwords. A customer uses a fingerprint reader to pay at a Piggly Wiggly store, cutting his checkout time. Earlier this year, American Power Conversion Corp., a Rhode Island company that makes backup computer batteries, started selling a fingerprint reader for PCs with a street price of $45 -- less than half the price of competitors at the time. American Power says it has sold tens of thousands of the devices since. Korea's LG Electronics Inc. has introduced a cellphone with a silicon chip at its base that requires the owner's finger to be swiped across its surface before the phone can be used. This summer, NTT DoCoMo Inc. started selling a similar phone reader that is being used on Japanese trains as an electronic wallet to pay fares or to activate withdrawals from on-board cash machines. Proponents have never had trouble explaining the benefits of fingerprints as payment-and-password alternatives: Each person has a unique set, and their use is established in the legal system as an authoritative means of identification. But some people are uneasy about registering their fingerprints because of the association with criminality and the potential that such a universal identifier linked to all personal information would reduce privacy. Moreover, numerous businesses and governments have tested fingerprint systems in the past only to rip them out when the hype failed to match reality. That's partly because the optical readers have had problems with certain people's fingers. Elderly people with dry skin, children who pressed down too hard, even women with smaller fingers -- including many Asians -- were often rejected as unreadable. Security experts also have successfully fooled some systems by making plaster molds of fingers and then creating fake fingers by filling the molds with Silly-Putty-type plasticizers or gelatin similar to that used in candy Gummi Bears. But advocates say the rate of false rejections of legitimate users has been greatly reduced by improved software. I'd say 99% of people can register their fingers, says Brad Hill, who installed fingerprint-controlled lockers at his souvenir store at the Statue of Liberty this summer when the National Park Service forbade tourists from entering the statue while carrying packages. Mr. Hill was worried that tourists would lose locker keys when security screeners forced them to empty their pockets. Some makers of readers also say their technology can solve the fake-finger problem by taking readings from below the surface skin layer. Or they suggest combining four
Cash, Credit -- or Prints?
http://online.wsj.com/article_print/0,,SB109744462285841431,00.html The Wall Street Journal October 11, 2004 Cash, Credit -- or Prints? Fingerprints May Replace Money, Passwords and Keys; One Downside: Gummi Fakes By WILLIAM M. BULKELEY Staff Reporter of THE WALL STREET JOURNAL October 11, 2004; Page B1 Fingerprints aren't just for criminals anymore. Increasingly, they are for customers. Fingerprint identification is being used to speed up checkouts at Piggly Wiggly supermarkets in South Carolina, and to open storage lockers at the Statue of Liberty. Fingerprints are also being used as password substitutes in cellphones and laptop computers, and in place of combinations to open up safes. But these aren't the fingerprints of yore, in which the person placed his hand on an ink pad, then on paper. Instead, the user sets his hand on a computerized device topped with a plate of glass, and an optical reader and special software and chips identify the ridges and valleys of the fingertips. Fingerprint technology seems to be reaching critical mass and is spreading faster than other widely promoted biometric identification methods, such as eyeball scanning, handprint-geometry reading and facial recognition. Interest in these and other new security systems was heightened by the September 2001 terror attacks. Fingerprints will be dominant for the foreseeable future, says Don McKeon, the product manager for biometric security at International Business Machines Corp. One reason fingerprint-security is spreading is that technological advances are bringing the cost down. Microsoft Corp. recently introduced a stand-alone fingerprint reader for $54, and a keyboard and a mouse with fingerprint readers. Last week, IBM said it would start selling laptop computers with fingerprint readers built in. These products reduce the need for personal-computer users to remember passwords. A customer uses a fingerprint reader to pay at a Piggly Wiggly store, cutting his checkout time. Earlier this year, American Power Conversion Corp., a Rhode Island company that makes backup computer batteries, started selling a fingerprint reader for PCs with a street price of $45 -- less than half the price of competitors at the time. American Power says it has sold tens of thousands of the devices since. Korea's LG Electronics Inc. has introduced a cellphone with a silicon chip at its base that requires the owner's finger to be swiped across its surface before the phone can be used. This summer, NTT DoCoMo Inc. started selling a similar phone reader that is being used on Japanese trains as an electronic wallet to pay fares or to activate withdrawals from on-board cash machines. Proponents have never had trouble explaining the benefits of fingerprints as payment-and-password alternatives: Each person has a unique set, and their use is established in the legal system as an authoritative means of identification. But some people are uneasy about registering their fingerprints because of the association with criminality and the potential that such a universal identifier linked to all personal information would reduce privacy. Moreover, numerous businesses and governments have tested fingerprint systems in the past only to rip them out when the hype failed to match reality. That's partly because the optical readers have had problems with certain people's fingers. Elderly people with dry skin, children who pressed down too hard, even women with smaller fingers -- including many Asians -- were often rejected as unreadable. Security experts also have successfully fooled some systems by making plaster molds of fingers and then creating fake fingers by filling the molds with Silly-Putty-type plasticizers or gelatin similar to that used in candy Gummi Bears. But advocates say the rate of false rejections of legitimate users has been greatly reduced by improved software. I'd say 99% of people can register their fingers, says Brad Hill, who installed fingerprint-controlled lockers at his souvenir store at the Statue of Liberty this summer when the National Park Service forbade tourists from entering the statue while carrying packages. Mr. Hill was worried that tourists would lose locker keys when security screeners forced them to empty their pockets. Some makers of readers also say their technology can solve the fake-finger problem by taking readings from below the surface skin layer. Or they suggest combining four-digit ID codes with fingerprint scanning to virtually eliminate false readings. Makers of fingerprint readers acknowledge the privacy concerns. But they maintain that the threat of personal invasion is minimized because most systems don't store the actual print, but instead use it to generate a unique series of numbers that can't be reverse-engineered to re-create the print. And public willingness to submit to fingerprint readers has soared since the 2001 terrorist attacks, as the need for security overcomes worries about