LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 08-17-2019, 01:19 PM   #1
hazel
Senior Member
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: LFS, AntiX, Slackware
Posts: 3,284
Blog Entries: 9

Rep: Reputation: 1840Reputation: 1840Reputation: 1840Reputation: 1840Reputation: 1840Reputation: 1840Reputation: 1840Reputation: 1840Reputation: 1840Reputation: 1840Reputation: 1840
Fingerprint readers on debit cards coming soon


I saw a preview of this on BBC Click. The card has a fingerprint reader and will not work wirelessly unless the correct finger is pressed against the reader. The idea is to make contactless payment more secure so that the current 50 transaction limit can be raised. According to the people trialling it, it does not respond to photographs or prints, only to a real finger.

I'm not sure how I feel about this. I never use my card contactless because I don't feel safe doing so, without even a PIN to prove it's really me. I understand that ill-intentioned people with nfc readers can skim data off the card unless you keep it in a metal wallet, but they can't skim off the PIN because that's securely encrypted. Would biometrics be the answer?
 
Old 08-17-2019, 11:13 PM   #2
ntubski
Senior Member
 
Registered: Nov 2005
Distribution: Debian, Arch
Posts: 3,498

Rep: Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806
Quote:
Originally Posted by hazel View Post
I understand that ill-intentioned people with nfc readers can skim data off the card unless you keep it in a metal wallet, but they can't skim off the PIN because that's securely encrypted.
I don't think this is true. An NFC reader can talk to the chip embedded in the card, but it's not like the magnetic strip that just holds some passive data. It should be performing some crypographic protocol that doesn't divulge any info.

Quote:
Would biometrics be the answer?
The thing about biometrics, is that they're kind of like passwords that aren't really secret (e.g., you leave fingerprints on everything you touch) and are very difficult to change. It's okay for identification, not authentication.
 
Old 08-18-2019, 02:38 AM   #3
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 12,307
Blog Entries: 9

Rep: Reputation: 3309Reputation: 3309Reputation: 3309Reputation: 3309Reputation: 3309Reputation: 3309Reputation: 3309Reputation: 3309Reputation: 3309Reputation: 3309Reputation: 3309
I was recently following a discussion about biometrics in general; how institutions & companies promise that they won't store that data anywhere, but then they do it anyway.

Some giant databse got hacked in Korea, Millions of sets of biometric data got leaked. The affected people are scarred for life, and NOTHING can fix that anymore.

Apart from that I don't think it's so bad; provided it's implemented safely (yeah, that's a big BUT).
 
Old 08-18-2019, 06:47 AM   #4
fido_dogstoyevsky
Member
 
Registered: Feb 2015
Location: Victoria, Australia
Distribution: Slackware 14.2
Posts: 331
Blog Entries: 2

Rep: Reputation: 393Reputation: 393Reputation: 393Reputation: 393
Quote:
Originally Posted by hazel View Post
I saw a preview of this on BBC Click. The card has a fingerprint reader and will not work wirelessly unless the correct finger is pressed against the reader...I never use my card contactless because I don't feel safe doing so...
My bank will supply a contact only (ie insert chipped part of card into merchant's machine) on request. The only down side is losing the ability to mimic a credit card with a debit card, which IMO is a small price to pay to get away from the risk of wireless card skimming. Maybe ask your bank about it?

Quote:
Originally Posted by hazel View Post
...According to the people trialling it, it does not respond to photographs or prints, only to a real finger...
Sounds safe, but then again I can't get THAT scene from Demolition Man out of my mind.
 
Old 08-18-2019, 07:22 AM   #5
syg00
LQ Veteran
 
Registered: Aug 2003
Location: Australia
Distribution: Lots ...
Posts: 18,078

Rep: Reputation: 2900Reputation: 2900Reputation: 2900Reputation: 2900Reputation: 2900Reputation: 2900Reputation: 2900Reputation: 2900Reputation: 2900Reputation: 2900Reputation: 2900
Quote:
Originally Posted by fido_dogstoyevsky View Post
Sounds safe, but then again I can't get THAT scene from Demolition Man out of my mind.
Stallone ?. People actually watch Stallone movies ??? Damn, now I gotta go find it, to see what this is all about ...
 
Old 08-18-2019, 07:25 AM   #6
hazel
Senior Member
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: LFS, AntiX, Slackware
Posts: 3,284

Original Poster
Blog Entries: 9

Rep: Reputation: 1840Reputation: 1840Reputation: 1840Reputation: 1840Reputation: 1840Reputation: 1840Reputation: 1840Reputation: 1840Reputation: 1840Reputation: 1840Reputation: 1840
Quote:
Originally Posted by fido_dogstoyevsky View Post
My bank will supply a contact only (ie insert chipped part of card into merchant's machine) on request. The only down side is losing the ability to mimic a credit card with a debit card, which IMO is a small price to pay to get away from the risk of wireless card skimming. Maybe ask your bank about it?
That's exactly what I did. I told them to put a note against my name that if they ever found any contactless payments apparently made with that card, they should contact me because it wasn't me that made them.
 
Old 08-18-2019, 06:20 PM   #7
fido_dogstoyevsky
Member
 
Registered: Feb 2015
Location: Victoria, Australia
Distribution: Slackware 14.2
Posts: 331
Blog Entries: 2

Rep: Reputation: 393Reputation: 393Reputation: 393Reputation: 393
Quote:
Originally Posted by syg00 View Post
Stallone ?. People actually watch Stallone movies ??? Damn, now I gotta go find it, to see what this is all about ...
Or you could just take the imdb.com shortcut... but it does have some humour between the violence.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
fingerprint-gui "Could not open fingerprint device" exactiv Linux - Security 4 12-15-2015 04:50 PM
LXer: Encrypted connections coming soon for all Wikipedia readers LXer Syndicated Linux News 1 06-16-2015 01:45 AM
Card & Fingerprint Readers on Linux Fedora \/4A Linux - Hardware 1 09-11-2012 06:25 AM
fingerprint match against collection of previos fingerprint mukesh.methaniya Linux - Software 0 05-22-2011 02:31 AM
how to measure network debit between to boxes ? dukeinlondon Linux - Networking 5 12-08-2003 04:54 AM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 06:42 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration