back to article You really do want to use biometrics for payments, beam banks

Two in three European consumers actively want to use biometric technology when making payments, according to a new Visa-sponsored survey. Nearly three in four (73 per cent) see two-factor authentication – where a form of biometrics is used in conjunction with a payment device – as a secure payment authentication method. More …

  1. Rich 11

    Just to be clear, consumers are saying what they would like to see, would be willing to use, and believe would be more secure rather than whether it would actually be more convenient, secure and reliable?

    1. Anonymous Coward
      Anonymous Coward

      They say they want to use what they know about

      They are saying they want to use what they've been hearing about for the last 2-3 years.

      While fingerprints are not perfectly secure and really should be used as a username rather than a password, is the security of fingerprints really a concern? If your phone is lost or stolen, a third party still need to go through a lot of work to fake your fingerprint and hope it is done before you remotely deactivate it via Find My iPhone or similar. It isn't worth it for a thief to steal your phone on the basis of hoping to fake your fingerprint and use Apple Pay or Android Pay to buy stuff. Still a much better deal to steal your wallet, at least there's usually cash in there, and in the US credit cards that are authorized with a signature that is not checked.

      1. Basic

        Re: They say they want to use what they know about

        "before you remotely deactivate it via Find My iPhone or similar."

        That's the problem.. What are you going to do? Grow new fingerprints? Once your fingerprint is compromised, it's useless forever.

  2. staringatclouds

    You really do want to use biometrics for payments, beam banks

    Um no, no I really don't

    1. Scott Broukell
      Stop

      Exactly. It's been said before and I'll say it again - you can change your password, but you can't change your finger prints!

      1. AndrueC Silver badge
        Stop

        ..plus there are a variety of (mostly unpleasant) ways for someone else to 'borrow' your fingerprints.

      2. Anonymous Coward
        Anonymous Coward

        @scott

        "Exactly. It's been said before and I'll say it again - you can change your password, but you can't change your finger prints!"

        Which is just the problem here: I can't change the PIN code on my bank or credit card. Theoretically I can do it for my credit card, but only once per usage period (roughly 3 years) and it also means you won't be able to use your card for a while. Obviously these things differ per bank, but there are already several which opt to using the same PIN code.

        Conspiracy or not but I sometimes think that this stuff has been well prepared and orchestrated. Just so we're clear here: I also oppose this whole biometric stuff with a passion.

        1. Anonymous Coward
          Anonymous Coward

          Re: @scott

          I can't change the PIN code on my bank or credit card.

          Last time I checked, I could change the PIN for any of my (UK) debit and credit cards on the spot at an ATM.

  3. Gert Leboski

    Bare faced lies.

    These idiots who say it is in our best interests. Screw them, they are having no biometric data of mine, if I have ANY choice in the matter. I wonder how long we will have any choice.

    1. AndrueC Silver badge
      Joke

      Re: Bare faced lies.

      Wally, is that you?

      Strip 1

      and

      Strip 2

  4. James 51

    If the same survey advocated homeopathy I wouldn't be rushing to the tap. Biometrics are user names, not passwords and I wonder if people understand the limitations of the technology.

  5. Doctor Syntax Silver badge

    "a great deal of excitement in the payments space"

    That devalues anything else he said.

  6. Cynical Observer
    Facepalm

    Oy Vey!

    Two-thirds (68 per cent of those quizzed) want to use biometric authentication methods to pay for things,

    LMFTFY

    Two-thirds (68 per cent of those quizzed) are blithely willing to allow biometric data - or some hash thereof -to be stored in a database that may or may not be accessed by person or persons unknown.

    Any such persons may or may not be acting within the auspices of the legal system.

    What could possibly go wrong?

    1. paulf
      Joke

      Re: Oy Vey!

      Let me suggest an alternative fix:

      "Two-thirds (68 per cent of those quizzed) answered the carefully crafted survey questions and gave the response required by the person paying for the survey".

      Sorry for the massive cut and paste but Sir Humphrey's example is much more eloquent than mine:

      Sir Humphrey: "You know what happens: nice young lady comes up to you. Obviously you want to create a good impression, you don't want to look a fool, do you? So she starts asking you some questions: Mr. Woolley, are you worried about the number of young people without jobs?"

      Bernard Woolley: "Yes"

      Sir Humphrey: "Are you worried about the rise in crime among teenagers?"

      Bernard Woolley: "Yes"

      Sir Humphrey: "Do you think there is a lack of discipline in our Comprehensive schools?"

      Bernard Woolley: "Yes"

      Sir Humphrey: "Do you think young people welcome some authority and leadership in their lives?"

      Bernard Woolley: "Yes"

      Sir Humphrey: "Do you think they respond to a challenge?"

      Bernard Woolley: "Yes"

      Sir Humphrey: "Would you be in favour of reintroducing National Service?"

      Bernard Woolley: "Oh...well, I suppose I might be."

      Sir Humphrey: "Yes or no?"

      Bernard Woolley: "Yes"

      Sir Humphrey: "Of course you would, Bernard. After all you told you can't say no to that. So they don't mention the first five questions and they publish the last one."

      Bernard Woolley: "Is that really what they do?"

      Sir Humphrey: "Well, not the reputable ones no, but there aren't many of those. So alternatively the young lady can get the opposite result."

      Bernard Woolley: "How?"

      Sir Humphrey: "Mr. Woolley, are you worried about the danger of war?"

      Bernard Woolley: "Yes"

      Sir Humphrey: "Are you worried about the growth of armaments?"

      Bernard Woolley: "Yes"

      Sir Humphrey: "Do you think there is a danger in giving young people guns and teaching them how to kill?"

      Bernard Woolley: "Yes"

      Sir Humphrey: "Do you think it is wrong to force people to take up arms against their will?"

      Bernard Woolley: "Yes"

      Sir Humphrey: "Would you oppose the reintroduction of National Service?"

      Bernard Woolley: "Yes"

      Sir Humphrey: "There you are, you see Bernard. The perfect balanced sample."

    2. Anonymous Coward
      Anonymous Coward

      Re: Oy Vey!

      I'm always deeply suspicious of surveys that don't publish sample sizes or methodology of data collection

      A 68% figure could be obtained by asking 17 people who want to sell biometric sensors and 8 people in a shopping centre who think biometric is a washing powder

      "Would you use Biometrics ? - Yes, Funny you should ask, we've developed this nifty little gadget that scans the pores on your nose at a thousand paces, it's really good"

      "Would you use Biometrics ? - No I'll stick to my usual brand please"

      Not suggesting this is what actually happened, just a little light relief, but when assessing claims like this it would be useful to know the sample size & methodology

      I've seen too many Government surveys that look like they were collected by a man with a clipboard standing in the "Aye" corridor of the House of Commons querying the "random passers by" about some issue

  7. wolfetone Silver badge
    Facepalm

    This can only ever end well badly.

  8. Anonymous Coward
    Anonymous Coward

    new Visa-sponsored survey

    so, let me guess, what result would make the sponsors happy... correct!

    and think of all the governments, democratic and even more democratic ones. Wouldn't it be wonderful if somebody else designed, implemented and paid for a system accessible to the government, to hold all fingerprints of an adult (and more) population? ID cards are so outdated! Combine fingerprints with iris (FBI, hello), and DNA sampling (anyone?) and you have a perfect control over who does what with whom and how. Now, if I only I come up with a flash-based presentation (powerpoint is like SO outdated!) to show it to the right people in the right offices! Gravy-train ahoy...

    1. Steve Davies 3 Silver badge

      Re: new Visa-sponsored survey

      Purveyor of Biometrics conducts survery and concludes that customers want to use their products.

      Quel Surprise.

      What a load of old bollocks.

      And No I don't want biometrics. Visa can go finger themselves for all I care.

      1. King Jack
        Coat

        Re: new Visa-sponsored survey

        "Visa can go finger themselves.."

        That's the whole point.

  9. Anonymous Coward
  10. Dan 55 Silver badge
    Devil

    I didn't even want contactless

    Not that that didn't stop you foisting it on me either.

    1. alain williams Silver badge

      Re: I didn't even want contactless

      I took a chisel to my card and cut the antenna - result: no contactless.

      1. Dan 55 Silver badge

        Re: I didn't even want contactless

        Indeed, but how many people would be willing to chop their finger off?

      2. John Tserkezis

        Re: I didn't even want contactless

        "I took a chisel to my card and cut the antenna - result: no contactless."

        Kinda like taking the water out of your pool to prevent any drownings.

        It's a bit drastic, and there are better ways of doing it.

  11. N2

    And when

    You lose my data, what next?

    cut my fingers off?

    No thanks

  12. Charles 9

    Well, think of it this way. Too many people have bad enough memories that they can't remember PINs or passwords, even if their lives depended on it. Plus they tend to LOSE things. What do you do when you can't KNOW anything and sometimes don't HAVE anything?

    PS. If you read the article thoroughly, it seems they only want the biometric to be part of a multi-pronged approach, which might help to mitigate the stolen biometric bit.

    PPS. As for changing fingerprints, what about acid etching?

    1. GrumpenKraut
      Mushroom

      > As for changing fingerprints, what about acid etching?

      You need to destroy the tissue deep enough to stop re-growing of the prints. You finger(-tips) would awfully screwed then. Think Niki Lauda.

      1. Charles 9

        You don't have to stop them altogether. Just alter them enough so they change into one the system doesn't recognize since fingerprints are epigenetic. Alter them too much and it's like busting an error code: something else comes out instead. People who receive finger lacerations seem to experience this. Perhaps medical science can find a way that isn't so painful.

        1. Anonymous Coward
          Anonymous Coward

          So for the convenience of Visa & so that the makers of biometric sensors can make a profit we can undergo unnecessary & possibly painful surgery to change our access key for their system when it gets compromised

          Or we can remember a password that we can change by thinking of a new one

          Tough choice

          1. Charles 9

            "Or we can remember a password that we can change by thinking of a new one"

            Yes, tough choice, because many people CAN'T remember passwords. Hell, many people can't remember PINs? Why do you think reset exploits are so good? Because people forget them all too easily.

            How do you authenticate someone with nothing to KNOW or HAVE?

  13. Chris G

    Profile

    The use of biometrics for all financial aspects of your life will give not only the commercial providers of the services unparalleled access to your spending and other behavioural patterns but also governments who typically have relatively open access to financial records for tax and many other reasons.

    Profilling you will be easy, I can see where even payments online could need fingerprint verification as so many devices have readers now.

    Fuck'em is all I can say!

    I keep some money in the bank, then take it out as I need it and pay cash for most things. Thank god I don't live in California, when I lived there before, many gas stations had no means to process cash only credit cards.

  14. Anonymous Coward
    Anonymous Coward

    Dear Customer,

    Would you like to use biometric data to secure your account? it's almost 100% infallible.

    Customer: Yes, Where do I sign up?

    Dear Customer,

    Would you like to use biometric data to secure your account? If truth be told there have many different cases where it has not been 100% infallible and we can't guarantee we won't sell this biometric data onto other companies.

    Customer: Not a chance.

    All depends on how you ask the question really. An informed person would say no.

  15. Thatguyfromthatforum

    Semi related: has anyone seen those "cashless and proud" visa ads all over the place? Why the fuck would you be proud? I'm all for cash thanks, it means for example if I want to buy political book a from book shop b and not be put into category c, I can.

    1. Mike 16

      Cashless

      ----

      if I want to buy political book a from book shop b and not be put into category c, I can.

      ----

      So, you must live somewhere without ubiquitous CCTV. Not a Brit or Mercan then?

      Also, "for the prevention of counterfeiting", I expect all stores to soon be required to scan bills for "enhanced" serial numbers, and "check them" on line against a registry. Of course, ATMs will also note the numbers on any bills they issue. A bit less far into the future, NFC tags in the book cover.

      All "science fiction" now, but how long ago would you be considered barking mad to suggest that millions of people would be wandering around parks and graveyards at night, hunting Pokemon?

  16. Invidious Aardvark

    “Unlike a PIN which is entered either correctly or incorrectly, biometrics are not a binary measurement but are based on the probability of a match."

    Am I the only person somewhat disturbed by the fact that he appears to be advocating a form of 'authorisation' that boils down to "you sort of, maybe, could be be almost right-ish" rather than "Yes, that is the correct answer to the question I asked"?

    I'm really not sure that talking up an authorisation method as being good because it isn't binary is a good idea. Authorisation should be certain, not fuzzy, otherwise it's a bit like having a PIN and the system saying "Well you got 5 of the 6 numbers correct so go on then, take some money!".

  17. not.known@this.address
    Go

    I really cannot see a problem with this*

    I say full speed ahead because they promised Chip'n'PIN would stamp out any form of card crime and look at the success that has been...

    I mean, Chip'n'PIN must be a perfect solution otherwise they would be trying to foist some other dumbass idea on us...

    *for a given value of "see"

  18. CustardGannet

    "Two in three European consumers actively want to use biometric technology"

    In other news :

    Eat dog turds, 500 billion flies can't be wrong.

    "The opinion of 10,000 men is of no value, if none of them know anything about the subject."

    ~ Marcus Aurelius (Roman Emperor, 161-180 CE)

  19. Jin

    Biometrics ruins cybersecurity

    It is a pity that so many people are misinformed. Biometrics ruins cybersecurity, however inconvenient for many people to admit. This video may help for understanding this fact. .

    https://youtu.be/wuhB5vxKYlg

    1. Charles 9

      Re: Biometrics ruins cybersecurity

      So what happens when you have a terrible memory and keep forgetting your phone?

      It may be inconvenient for YOU, but for many people biometrics is the ONLY thing guaranteed to be on their person. You can't rely on what they KNOW (for they may not have a good enough memory to KNOW anything) OR what they HAVE (for they may not have anything on their person), so what choice do you have?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon