Debit Card With Built-In Fingerprint Reader Begins Trial In the UK (theverge.com) 58
British bank Natwest is trialing the use of a new NFC payment card with a built-in fingerprint scanner. "The trial, which will include 200 customers when it begins in mid-April, will allow its participants to make NFC payments (called 'contactless' in the UK) without needing to input a PIN or offer a signature," reports The Verge. "The standard [30 British pound] limit for contactless payments will not apply when the fingerprint is used." From the report: Currently, anyone can make a contactless payment in the UK by tapping their card on the terminal to make a payment. As a result of this lack of security, a [30 British pound] limit is applied to such payments, with retailers requiring you to place your card into the card reader and enter a PIN for more expensive purchases (commonly referred to as the "Chip and PIN" method). Although mobile payments require authentication, customers often find they're subject to the same [30 British pound] limit. The fingerprint data is stored locally on the card, meaning there's no security information for a hacker to be able to steal from a bank's central database. It's not foolproof -- there's always the risk a sufficiently determined thief could steal and imitate your fingerprint -- but it's much more secure than a PIN that someone could learn by simply looking over your shoulder as you enter it.
Not foolproof if they use hacked POS teminals (Score:1)
My biggest issue with card payment is the multiple points of attack. They can physically steal your card, steal your number + 3 digit code, install a MITM card reader, install hacked or modified terminal or card reader or simply walk down the high street with a terminal in a bag and wave it at people's pockets collecting hundreds of contactless payments.
I will NEVER use a debit card; i only ever use my credit card and if i'm in ANY doubt i'll use a pre-paid credit card loaded with the required amount instea
Re: (Score:2)
This is just putting off the inevitable: a chip embedded *in* your hand.
Its simple for the chip to detect if it has been removed from the person, but I'd really like to see some sensors so it knows when you are asleep (like fitness bands do).
simply walk down the high street with a terminal in a bag and wave it at people's pockets collecting hundreds of contactless payments.
Not if it needs a fingerprint you fool.
Re: (Score:3)
re the "hacked terminal" MITM,
they could put an LCD display on the card so you can check the amount before authorising, but lets face it, nobody will bother reading.
Re: (Score:2)
Re: (Score:3)
It's not foolproof -- there's always the risk a sufficiently determined thief could steal and imitate your fingerprint
Why would you do that? The chip, or hacked/cloned/fake chip, is the one that's telling the terminal that all is OK. "Uh yeah, this is the chip in the card, I've, uhh, verified the owner's fingerprint, all good here, nothing to see, move along". They're doing the checking in the wrong place.
Re: (Score:2)
The way it works is that the terminal sends the chip a one-time code, the chip does some kind of transformation on it and sends back the result. The transformation involves a secret number that the banks knows and the card knows but which is never transmitted. So it can't easily be spoofed, because reading that number from the card is damn near impossible (physical defences that wipe the memory when tampered with, and which would require destroying the card anyway) and the numbers that are transmitted can't
Computer hacker steal my fingerprint.... (Score:1)
I hope these scanners check for a pulse or other signs of life.
I often like tech advances, but in this case, I'm fairly happy to just lean over the pin-pad so no-one else can see.
Also, for small purchases (£30) we can use contactless with no verification, if our card is stolen, the bank promises to refund misuse (perhaps requiring timley reporting of loss to them and police)
Re: Computer hacker steal my fingerprint.... (Score:2)
Re: (Score:2)
"I often like tech advances, but in this case, I'm fairly happy to just lean over the pin-pad so no-one else can see. "
Agreed.
Contactless always seemed to me to be a solution in search of a problem. This initiative even more so.
Surely we haven't atrophied to the point where 5 key presses (4 digit PIN + confirm) is too heavy a burden !
Personally, I prefer a little 'friction' or effort when spending - it acts as a brake on impulse purchasing and a few seconds delay isn't going to hurt retailers (more time is
Re:Computer hacker steal my fingerprint.... (Score:4, Informative)
Re: (Score:2)
London Transport already had a contactless card (Oyster) - adding debit/credit contactless brought no new intrinsic benefit.
As for other areas - I'm still not convinced. In a typical cafeteria, supermarket check-out, other retail service point the transaction usually comprises three phases:
(1) pre-payment actions (being greeted, looking at what you've bought, barcode scanning or entering details into a till...)
(2) payment
(3) post-payment actions (getting receipt, picking up / packing up purchased items,
Re: (Score:2)
Contactless is a hell of a lot faster. In some places, this matters a lot: it has seriously shortened the lines in office cafeterias, and in places like the London Underground where you can travel with a contactless debit card, adding a PIN terminal to the turnstiles would have resulted in nightmare congestion.
Erm no, the Oyster card did that, not the contactless card. Before the Oyster card, we had paper tickets with a mag stripe... Hell we still have those as I only go into London 3-4 times a year, like many people who live and work in Berks or Hants. All a contractless card has done is introduce a new, gaping security hole into our lives. The specification for both the Mastercard and Visa system sends your name, card number and expiry date in encryption so weak it may as well be clear text. It will send this
Weakens security (Score:5, Insightful)
This type of 2FA relies on the two factors being (1) something you have, and (2) something you know. In the case of Chip and PIN, the chip (embedded in the card) is something you have, and the PIN is something you know. The orthogonality of these two factors means scenarios which result in the loss of one are unlikely to result in the loss of the other, and vice versa. Even if someone steals the card, they cannot use it because you have not revealed our PIN. Even if you tell someone your PIN, they cannot use it without physical possession of the card.
This new card they're trying changes the two factors to two things that you have. That makes fraud far more likely, because things which result in the loss of one are likely to result in the loss of the other. If you lose the card, a thief may be able to lift your fingerprint off the card itself. If someone dies and a person runs across the body, they have access to both the finger and the card.
That's really the whole point of 2FA. It's not "throw a couple roadblocks in the way of thieves and hope one of the works." It's designing the two roadblocks so there's minimal intersection of their weaknesses. Switching it to two physical factors results in a system that's not much more secure than having just a single factor.
Re: (Score:2)
If you lose the card, a thief may be able to lift your fingerprint off the card itself. If someone dies and a person runs across the body, they have access to both the finger and the card.
These are both pretty outlandish scenarios with high probabilities of getting caught, assuming that the fingerprint reader isn't good enough to reject the fake.
Also, consider the alternative. Many people use really bad PIN numbers, the same on every card, and easily observed when typing them in. Some people can't even use PIN numbers due to things like numerical dyslexia, so are still using a signature.
Re: (Score:2)
That's the sort of thing you get when you reply on NatWest for innovation :-(
Re: (Score:2)
This type of 2FA relies on the two factors being (1) something you have, and (2) something you know. In the case of Chip and PIN, the chip (embedded in the card) is something you have, and the PIN is something you know. The orthogonality of these two factors means scenarios which result in the loss of one are unlikely to result in the loss of the other, and vice versa. Even if someone steals the card, they cannot use it because you have not revealed our PIN. Even if you tell someone your PIN, they cannot use it without physical possession of the card.
This new card they're trying changes the two factors to two things that you have. That makes fraud far more likely, because things which result in the loss of one are likely to result in the loss of the other. If you lose the card, a thief may be able to lift your fingerprint off the card itself. If someone dies and a person runs across the body, they have access to both the finger and the card.
That's really the whole point of 2FA. It's not "throw a couple roadblocks in the way of thieves and hope one of the works." It's designing the two roadblocks so there's minimal intersection of their weaknesses. Switching it to two physical factors results in a system that's not much more secure than having just a single factor.
Further more, biometrics are terrible for authentication, they're better for identification.
Plus this will not be liked with couples who share bank cards (happens more than you'd think as joint accounts are a PITA).
But lets not kid ourselves here, this move by Natwest was not for security, the contactless transceiver still sends everything on the front of your card to whatever asks for it, it's a gimmick to retain customers in a very competitive market that's entering a recession. The "challenger bank
Biometrics for Ident ONLY not Auth (Score:2)
BIometrics should never be used in place of a password, they should only replace the identification, userID, Login, etc. It should never ever replace the password.
And there is one simple reason for that, biometrics can't be changed, and they are for the most part trivial to obtain. For example you leave your fingerprints on everything you touch. These very things make them good for identification and absolutely awful for authentication. Authentication should always be something in your head (password) and v
Re: (Score:2)
>"biometrics can't be changed, and they are for the most part trivial to obtain."
Yes and no. It depends on the biometric. Palm deep vein scan is not trivial to obtain clandestinely; you don't leave it anywhere, it is not visible to the eye or regular cameras, it is live-sensing, and palms are rarely faced in a visible way.
>"For example you leave your fingerprints on everything you touch."
And you also leave your face image on all kinds of cameras and photos all over. And your voice on all kinds of d
Re: (Score:1)
I agree 100%. Any bio-metric information can only be used in the context of identification not authentication. Full stop.
Biggest problem (Score:1)
Why only 30 Pounds ? (Score:2)
FTFA :
Currently, anyone can make a contactless payment in the UK by tapping their card on the terminal to make a payment.
Nope, that should read :-
Currently, anyone can make a contactless payment in the UK by tapping anybody's card on the terminal to make a payment.
That the trouble : with existing cards, if I accidentally dropped one without noticing, someone might use it for weeks (keeping under £30 per purchase) before I noticed at the next statement, because I have many different cards for different purposes. UK police say that the typical use of a stolen contactless is about £100-£600 (in one bizare case it was about £30,000). Thieves act fast, and you are unlikely to get money back from the bank if you tak
Re: (Score:2)
You were originally required to enter a PIN after a number of consecutive contactless transactions but I'm not sure if this is the case anymore. Losing 30k from a single card is nothing but negligence on the bank's part, they should have recognised the unusual pattern of spending and put a stop to it straight away.
Re: (Score:2)
You were originally required to enter a PIN after a number of consecutive contactless transactions but I'm not sure if this is the case anymore.
On another (UK) forum where this was discussed, people's experiences varied greatly. Some found they had to enter a PIN every few purchases; others had never been asked to enter a PIN. It did vary with the bank, but there seemed to be other factors at work too.
Hmmm (Score:1)
So what happens when... (Score:2)
Someone who doesn't have the right print tries it? Does it just not work at all, or does it only allow the £30 limited option?
I know an inordinately large number of people who effectively share their contactless card with their spouse/partner (just nip into the shop and pick something up for me will you please?) and it's going to cause some major behavioural changes if they suddenly can't do this any more.
Re: (Score:2)
No cash and a message to contact the bank?
The bank then asks for a list of approved ID and photo ID to link the account to the card and the finger print secured by the bank when the account was created.
The next step will be to have the reader as a add on to computers/internet.
Want to shop online? Use the fingerprint and card together as the final step to approve the secure online payment.
Interesting for police too. Buy the wrong service/product onlin
Ouch (Score:1)
Debit or Credit? (Score:2)
Use your fingerprint to use the card (Score:2)
but it's much more secure than a PIN that someone could learn by simply looking over your shoulder as you enter it.
Also reminds me of working retail. We got new card readers that had little covers that hid the buttons. We'd have ladies come in to use their debit c