Fujitsu has launched a new range of ATMs on the European market, featuring its PalmSecure biometric technology and support for mobile NFC.
Fujitsu says that PalmSecure "maximises security" when used with NFC devices but the truth may be the other way around, because palm scanning used in 1:N matching mode needs a second factor like a card or a phone. And thus the biometric ATM falls short of
what people have been led to believe by watching sci fi movies. You don't just walk up to a machine, get scanned, and your money comes out. The mindane reality is that someone else's money will come out unless the manufacturers take special precautions.
In Japan, cardless palm scanning ATMs require custoemers to enter their date of birth and a PIN. The reason is that when you try to match a scanned palm against a central database of enrolled banking customers, you get a number of false matches. We don't
know how many false matches because the vendors are secretive about their true in-field error rate, but we do know that false matches will rise as more users are enrolled. If they used biometric alone, then a customer may be given randmom access to someone
else's bank account. To stop this, the ATM needs a second factor, which in Japan tends to be something-you-know - a PIN.
I interpret the European announcement about integrating with mobiles as meaning that the PalmSecure ATM will use the phone as a second factor.
© Finextra Research 2014