Idea #4: Protect your biometric data

November 4, 2006 By Jason Kolb 6 Comments

Here in the Chicago area we have a supermarket called Jewel-Osco which lets you pay by touch with your fingerprint. I think this is one of the worst ideas I’ve ever seen.

I will NEVER give my fingerprint to ANYONE. Why? Because Jewel-Osco has to keep a record of your fingerprint on a server somewhere, and that server can be compromised. What happens if the backup tape that has your fingerprint on it falls off the back of a truck? It’s pretty hard to reset your fingerprint.

Protect your biometric data like it’s pure gold. You only have one body, you can’t reset it or send for a replacement.

Part of the 60 Ideas in 60 Days series.

Share and Enjoy:

Filed Under: Online Identity

http://xmlhacker.com M. David Peterson

>> It's pretty hard to reset your fingerprint. <<

WOW!!! I totally hadn't even considered this until you pointed this out (not the fact that you couldn't reset your fingerprint, but the fact that if it ever were to be compromised, thats it… game over.)

Thanks for the wake-up call!
http://www.60ideas.com/story/15/ Anonymous

Protect your biometric data

I will NEVER give my fingerprint to ANYONE. Why? Because Jewel-Osco has to keep a record of your fingerprint on a server somewhere, and that server can be compromised. What happens if the backup tape that has your fingerprint on it falls off the bac…
Sean

Do they keep a record of your fingerprint? In the clear? Do they have to?

You've got ten finger-prints. Can you reset to another finger-print?
Robert Schechter

http://www.biometricwatch.com/BW_35_November_2006/BW_35.htm

http://www.recoverablebiometrics.com
http://www.paybytouch.com/ Larry Hollowood, Chief Security Officer, Pay By Touch

Jewel-Osco does not keep a record of the fingerprint. As a matter of fact, no merchant that uses the Pay By Touch payment system has access to any biometric information. All biometric data is securely encrypted at the point of sale and is transmitted encrypted to Pay By Touch for authentication purposes. Pay By Touch does backup its database for recovery purposes, but biometric data is never stored on a tape or other physically transportable media.
http://www.jasonkolb.com Jason Kolb

Thanks for the feedback Larry, most helpful. Do you store the fingerprint via a reversible encryption algorithm or a one-way hash? If it's secured via a one-way hash at the point of sale I'd definitely be much more receptive to the idea.

The Web vs. the App Ecosystem

The Web vs. native app from an app store debate has been raging lately. It's nice to see an old-fashioned blog discussion, makes me … [Read More...]

The Future Evolution of Software

I've been thinking lately about where software has gone in the last few years, and where it might go in the next. I tried to identify some … [Read More...]

The Fundamental Shift in BI & Analytics

I'm probably biased because I'm working on this problem, but I think there is a fundamental change coming in business intelligence and … [Read More...]

Data as a Renewable Commodity and Profit Center

One of the reasons I love data is because there's so much potential for mining real value from it, especially when you combine it with … [Read More...]

A diagram of a wormhole that I'm calling a relationship

Data Relationships 2.0

One of the most under-appreciated tools of the last decade is Yahoo Pipes. If you've never seen it, it allows you to wield together … [Read More...]

A Different Way of Thinking About Data

I think that at some point in the near future the tools we use to consume data is going to change completely and totally from what we've … [Read More...]

Data Wormholes and Relationships

This is kind of an obscure topic, but I've been trying to figure out what the best way to count things is, and how to best identify … [Read More...]

Personalization vs. Sharing

I came across this TED talk about "online filter bubbles", which is pretty interesting if you have the time: The gist of it is that … [Read More...]

The Joys of Cardinality

When you start getting into multi-dimensional data analysis, you quickly run into something called the "Curse of Cardinality" (so yes, the … [Read More...]

The First 5 Months of Kinect Hacking: Amazing

I hadn't been keeping up on the Kinect mods that are coming out, I've been too busy doing far less glamorous backend work lately. … [Read More...]

Have new posts emailed as they’re published: