Wednesday, February 18, 2015

Banks consider use of fingerprints instead of passwords

RBS and Natwest have announced plans to allow iPhone (5S and higher) users to access accounts with fingerprints, eliminating pin codes and passwords.  Phil Muncaster has a story on Infosecurity here. It would appear that a similar facility would be offered for ATM’s.  One could imagine the same concept developed with retinal scans.  Will people have bar-coded tattoos some day?  
But depending on fingerprints is not necessarily safer than strong passwords (and especially 2-step verification) according to the article, partly because the large number of fingerprints a person leaves.  But exploiting them is difficult and requires very dedicated criminals --- although Russia and China seem to have a plentiful supply of unemployed techies so motivated.
The innovation needs to be evaluated in conjunction with newer ATM debit and credit cards that have much harder-to-reproduce chips.  There is also the idea that making accounts safer could have the side effect of increasing violent crime (this already happens with autos – carjacking increases because cars are much harder to steal).  

No comments: