I can only see this going into a very dystopian path. Based on their actions, I don’t trust these companies, their security practices, nor their privacy policies. Why would I give them my biometrics? And my full palm, at that!? Hell no!
You must log in or register to comment.
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 57 users / day
- 383 users / week
- 1.5K users / month
- 5.7K users / 6 months
- 1 subscriber
- 2.44K Posts
- 57.3K Comments
- Modlog
contactless cards are already a thing. why why why
All this trouble and they didn’t even make the scanner shaped like a hand so you can high five it. Waste of potential.
It won’t be long now until we have the eye scanner things from Minority Report and the only way to protect your privacy is to become blind
deleted by creator
Saw this at Whole Foods the other day for the first time and commented to the cashier that it was kind of creepy and her response was “I know right”.
These types of things never work for me because my skin changes so much 💀
It measures your blood flow and veins using thermal and maybe infrared (?), so your exterior skin doesn’t come into play.
Body parts aren’t secure. They’re removable.
Stop telling people their body is insecure. Everyone is beautiful!
Except me.
And probably imitable, if not, soon enough.
I don’t understand what this solves… We can use a card faster than this (a mere tap), and if we forget our card, it’s programmed into our phones and even our watches as a backup.
Its meant to save you a step. Before at whole foods you had to get out your phone, open the amazon app, scan your prime QR code, then get a card and pay. This just does all that with an enrolled palm.
I still don’t trust it. I laughed at it when I saw it and even the clerk admitted it was dumb.
Oh no! I trashed my faithful Palm Pilot ™ years ago :/
I trashed the Pilot. But I still have the Pre and Pixi haha
Well, one of them has Android now…
Drop the Pilot. Try my balloon.
Whelp, it was only a matter time.
And bad legislation.
I don’t get the issue with it ? Why wouldn’t fingerprint be the best way to pay for stuff ?
For the same reason this isn’t a good idea. Privacy aside, when your biometrics get leaked (and they will), you’ll have no recourse, because biometrics are literally a part of your body and you can’t change them.
How do biometrics get leaked ? Can they 3d print my finger ? What difference does it make to all my dsta getting sold on the daily ? I don’t see how it changes things
They don’t need to 3D print anything, only to “side load” the hash (it’s more complex than that, but that’s the gist). If your ID is tied to your finances, and it gets leaked, you can’t change your ID. Your finger/palmprint is always your finger/palmprint.
Right. But can’t they do that anyway? Your ID is linked to your finances. You get people stealing IDs all day everyday.
Family Guy did an episode on it.
If I’ve got your records you I’d birth certificate your job numbers your state details. Address phone emails passport passwords. I’m you. Except I have my biometrics.
Biometrics cannot be forcibly taken. I can’t rock up to the bank manager with a severed finger. Yet I can take out a loan in your name without the fingerprint.
For fuck sake our security relies on signature. A badly written name.
@Mojojojo1993
The #MythBusters know why this is not a good idea.
https://youtube.com/watch?v=MAfAVGES-Yc&feature=share9
@01189998819991197253
removed by mod
So nothing is safe. Therefore???!!
Smash it!
I’d rather not go to prison. If I were a billionaire, I could probably avoid prison with a good/sleazy lawyer, but, as it stands, I cannot.
LG did this on a phone. It didn’t really work, at all
Theirs was camera. This one is camera and thermal. Creepypasta for sure!
I still think the idea of tech implants are cool but I’ve also reached the point where I wouldn’t get one unless I learned to build it myself and was in charge of every single aspect of it.
Considering I lack degrees in medicine and computer science, I don’t think I’ll have them done anytime soon lol
You don’t need degrees to hack stuff.
I’d want to get some type of learning before I started to cut myself open.
There’s really a body hacking community!
One scar away from losing access to your ability to pay …
Biometrics can not really be changed. Except maybe through time or trauma (i.e. age or injury). They can be used to uniquely(?) identify a person - except maybe twins - at the expense of anonymity, which has it’s own set of problems.
But because they can not easily be changed they’re a terrible security feature. Once they leak, they’re unusable and you’re hosed. You can’t issue a new palm print for your bank account like you could a new chip card and password.
Also, just because you waved your hand over a scanner does not mean that you approve and consent of the transaction. With tap to pay there were ideas of mobile point of sales devices just tapping on peoples backpacks in a crowded area. You don’t even keep your biometrics markers in your pocket, they’re just out in the open for anyone with a camera. This may be bordering on paranoia, but a few years back (2014) German hackers from Chaos Computer Club took iris scans from Angela Merkel (then Chancellor of Germany) and finger prints of Ursula von der Leyen (then Minister of defense) using nothing but press fotos. Cameras have only gotten better.
TL;DR: Biometrics can be used for identification but should never be used for authorisation.
Paying with your phone works on the presumption that your phone is locked and you accept responsibility for ensuring your phone wasn’t breached. It uses contactless technology, but it’s still effectively chip and pin as far as your bank is concerned.
Meanwhile, paying with a contactless card is processed as “cardholder not present” where the seller assumes de facto liability and must prove otherwise. Contactless payments were never a new type of card processing, it was a new method but is categorised the same as when mail/phone ordering from a catalogue. The same with online purchases. They were always a step below card & signature or chip & pin. Paying with your phone is the same as chip & pin though, where the onus is on you to ensure the transaction is secure.
Paying with your hand has all sorts of issues making it impractical. You would definitely need an additional confirmation eg PIN, but claiming that your hand is as secure as a traditional card doesn’t lend well to pinning the liability on you. So banks are unlikely to use it.
Biometrics also aren’t great and uniqueness. At least where computers are concerned.
Recently we had one of our customers install fingerprint readers on their points of sale, the idea being any staff member can log in just by touching the pad. Even with only a few hundred staff registered, you get people logging in as each other.
I worked with Kronos, had their top tier biometrics in a 1,000+ employee company.
The data is only as good as the person loading the data.
Some people don’t have good fingerprints.
It was bad enough that of you had a person with a bad fingerprint, Kronos would just take ANY input. It would even tell you if a persons fingerprint wasn’t good enough. It happened fucking constantly.
So either it’s so good you can’t escape it, it is so bad you can’t use it to identify anyone uniquely. It’s literally either a threat or an inconvenience.
Someone took the novel “The Java Script Café” from “Stealing the network: How to own an identity” (page 141) and made a business model for it.