Home > Ask the Security Experts > Questions & Answers > Biometrics and credit card security
Ask The Security Expert: Questions & Answers
EMAIL THIS

Biometrics and credit card security

Jonathan Callas EXPERT RESPONSE FROM: Jonathan Callas

Pose a Question
Other Security Categories
Meet all Security Experts
Become an Expert for this site


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


>
QUESTION POSED ON: 18 September 2001
Can biometrics be used to secure credit cards from fraud?


>
There are three basic facets of authentication: what you have, what you know and what you are. The simplest thing you have is a key. The simplest thing you know is a PIN or password. Biometrics are a way to have a machine know what you are.

There are a wide variety of biometrics, all of which are unrelated. Voice recognition, fingerprints, face recognition, hand geometry, etc. The technology for one of these has nothing to do with the technology for any of the others.

Nonetheless, they all are alike in a number of ways. For example, all biometrics are probabilistic matches. A biometric system says, "I think so" or "I think not," rather than yes or no. You never say something the same way twice. Your fingerprints aren't quite the same before doing dishes and after them. Biometric systems always balance between "false negatives" (incorrectly saying "I think no") and "false positives" (incorrectly saying "I think so").

Biometrics are very good for some sorts of systems, closed systems that have a specific thing they do that needs merely a yes/no statistical answer. For example, opening a door. They are very bad for networked systems because they are vulnerable to the biometric data being stolen, or the yes/no being forged.

I don't think they're particularly useful for credit card fraud. If you buy something in a store, there's already a biometric system in place -- your signature. It's handled by a person, not by a computer, but a signature check is a biometric system. It's hard to see how adding a computer would make it more reliable. On a network, biometrics could easily weaken overall security. If a hacker can steal your credit card number, they can steal your thumbprint. And it's a lot easier to get a new credit card number than a new thumb.

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary



Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
Browse our Expert Advice



Find Security Solutions for Your Business
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts