Q

Biometrics and credit card security

Can biometrics be used to secure credit cards from fraud?


There are three basic facets of authentication: what you have, what you know and what you are. The simplest thing you have is a key. The simplest thing you know is a PIN or password. Biometrics are a way to have a machine know what you are.

There are a wide variety of biometrics, all of which are unrelated. Voice recognition, fingerprints, face recognition, hand geometry, etc. The technology for one of these has nothing to do with the technology for any of the others.

Nonetheless, they all are alike in a number of ways. For example, all biometrics are probabilistic matches. A biometric system says, "I think so" or "I think not," rather than yes or no. You never say something the same way twice. Your fingerprints aren't quite the same before doing dishes and after them. Biometric systems always balance between "false negatives" (incorrectly saying "I think no") and "false positives" (incorrectly saying "I think so").

Biometrics are very good for some sorts of systems, closed systems that have a specific thing they do that needs merely a yes/no statistical answer. For example, opening a door. They are very bad for networked systems because they are vulnerable to the biometric data being stolen, or the yes/no being forged.

I don't think they're particularly useful for credit card fraud. If you buy something in a store, there's already a biometric system in place -- your signature. It's handled by a person, not by a computer, but a signature check is a biometric system. It's hard to see how adding a computer would make it more reliable. On a network, biometrics could easily weaken overall security. If a hacker can steal your credit card number, they can steal your thumbprint. And it's a lot easier to get a new credit card number than a new thumb.


This was first published in September 2001

Dig deeper on Biometric Technology

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close