Biometric scans and human chip implants offer the ultimate solution to rising ID crime says Geoffrey Down, managing director, Savantor.
People world wide have been paying with plastic for decades. In the UK, debit and credit card transactions hit a record high in December 2004, with an average of 220 transactions taking place per second.
However with the increasing option of carrying out day to day purchases and transactions online, research show that 10% of all credit card payments are now made online – a five-fold increase since 1999.
As this growth continues, and increasingly transactions are carried out without the need for the actual presence of plastic, what will happen to the cards that have shaped the way we undertake our purchases?Mobile Payment
The move towards contactless payments has already begun. Mobile phone manufacturer Nokia, for example, has released a shell for its series 3220 mobile phone that will enable consumers to use the handset for making contactless payments. The shell uses near field communications (NFC) technology and allows customers to make payments by pointing the phone at a point of sale terminal. Payment information, such as debit and credit card details, is stored in an integrated smart chip in the shell. This type of technology will inevitably take off with younger generations who are increasingly dependent on their mobiles, regarding them as essentials rather than luxuries.
Unfortunately, the downside of a near future with an increasing use of payment by mobile is that the theft or loss of a phone could also mean the loss of credit/debit card functions. Biometric payment systems
So how else can payment be made without the use of cards? Japan’s third largest bank, The Bank of Tokyo-Mitsubishi, will deploy a biometric security system based on vein-pattern recognition technology in branches nationwide in October 2005. The bank will start issuing Visa credit cards with embedded integrated circuits that contain customer vein pattern information and work with a system developed by Fujitsu. The cards function as cash cards, credit cards and as electronic money. Palm vein patterns are read whenever cardholders use ATMs or make transactions at bank counters.
This vein pattern technology works by shining light in the near-infrared region (the infrared region closest to visible light) on customers’ palms. The palms are held about 4cm above a scanner, which takes a snapshot of the palm, illuminating the vein patterns just below the skin. This unique pattern information becomes the basis for security applications.
Biometric payment systems are most widely used by supermarkets, but they are also being pilot tested in several fast food restaurants and have applications at petrol stations and hotels as well. Customers register a fingerprint scan with a store or restaurant and enter their credit or debit card account numbers to set up their accounts. When it comes to making the purchases, customers place their fingers on the sensors for identity purposes and pay without ever having to show their cards.
In the UK last year Pay By Touch announced that the Oxford, Swindon and Gloucester Co-op will begin piloting its finger scanning solution in three stores around Oxfordshire.
Pay by Touch allows customers to pay for purchases using a simple, secure method of finger scanning at the point-of-sale, completely eliminating the need to carry cards, cash, loyalty cards or a chequebook. Finger imaging links the individual to an electronic wallet, which holds their financial and loyalty programme information. The initial enrolment process takes about a minute as customers put their finger on a reader, enter a code, and swipe the cards they want to use. The Pay By Touch finger scanning technology does not store actual fingerprints, instead it creates a set of geometric points that allow for a secure identity match at point of sale.
The Malaysia government has bought the rights to the world’s smallest microchip that can be embedded in everything from currencies to human bodies. Measuring 0.5 millimetres squared, and produced at less than 0.05 pence each, the chip, the size of a dot, uses the radio frequency identification RFID chip technology. The chip can be inserted into the human body, animals, bullets, credit cards and other items for verification purposes, and can replace price bar codes used to tag products.The problem with biometrics
Biometrics are known to have problems inherent in their use, not least because most bodily readings vary significantly over time. Customer resistance is easy to understand, as no one likes having their bodies measured or having their personal data stored by commercial organisations. However, the need for better identification and authentication won’t go away, and the wide range of possible biometric technologies is evidence of this.
Finger print recognition is the most widely used and can be stored on a smart card or SIM card. Readers can even detect the presence of a pulse to counteract the possibility of amputation by criminals! Whilst we know fingerprints are unique and do not change throughout life, readings can be affected by dirt or cuts.
Iris scanning is an increasingly popular technology for applications where fingerprint recognition is not sufficiently secure. The iris is more complex and therefore more unique than a fingerprint. Some UK financial institutions have piloted the use of iris scanning at ATMs. The downside of this is that customers are often reluctant to have a laser light shining in their eyes.
Voice authentication works by recognising characteristics of the human voice. It is promising as a low-to-medium-level identification technique that is particularly attractive for use with mobile phones, where the necessary hardware is already in place.
However, the quality of mobile phone microphones may not be good enough to support voice recognition, and the reliability of the technique in noisy environments is not proven.
Hand geometry is an exciting technology. The main drawbacks are that the equipment is relatively large, and there are potential problems for people with arthritis, or who have lost a lot of weight since their data was recorded.
There are other contenders such as retina scanning and facial recognition but no one technology has yet looked ready to dominate.
Biometric measurement is prone to errors in:
- False positives that allow a wrong person access
- False negatives that deny a valid user access
In most cases, you can improve the error rate on one of these criteria by adjusting the sensitivity of the measurements, and at the price of accepting a worse error rate on the other criteria. RFID chips
Whilst this technology started in retail as a stock tracking tool to replace bar codes, it is increasingly being used in other areas. In the USA the CIO of Boston’s CareGroup Healthcare System, has had himself chipped. The product is a VeriChip which carries a 16-digit ID number that can be matched to a medical database, allowing doctors to scan him and pull up his records. While he is apparently the first person to test an RFID chip for medical purposes, there are about 40 other people in the US with implanted VeriChips, who are testing them for ID and security-access purposes.
In the UK Kevin Warwick, the cybernetics professor at Reading University, has had an RFID chip implanted in order for a door entry system to recognise him and allow entry to his office, turn on lights etc without any physical intervention. He has also gone one step further and had a chip implanted into his nervous system to communicate directly with a computer and has managed to manipulate prosthetic limbs using this link. He has done this over the Internet and has also managed to communicate via the PC with his wife who also had an implant. A true cyborg!
So given that financial transactions require higher-than-average security requirements they should be controlled by asking customers for two things, selected from:
- Something they know (for example, a secret or password)
- Something they have (for example, a smart card)
- Something they are (a biometric)
With a credit/debit chip in your phone (something you have) and an RFID chip injected into your finger (something you are) you’re covered!
Why would you not want to use this since it'll be cheaper and easier than having to carry around (and possibly forget) a national ID card or a wallet full of credit, membership, and other cards. You may have to accept being trackable, and be scanned constantly, but if it makes everyday life easier and more affordable – why not?
Related Website: www.savantor.com
P Roberts, LondonEnjoyed the bio bots article - but I think quoting Captain Cyborg maybe subtracted enough credibility to blow the case. Technology alone is rarely the answer and I for one don't want to be tagged for life. It's bad enough having TFL know all my movements on the Tube. I'll settle for paying more and retaining my privacy.