Cape Town - The use of biometric systems in banking will not empower criminal to cut off fingers because the technology has built-in fail safes, the developer has said.
South Africa may soon get ATMs (Automatic Teller Machines) that will authenticate bank customers with a fingerprint reader instead of the traditional PIN (Personal Identification Number) card.
However, News24 has been flooded with concerns that criminals will begin cutting off victim's digits in order to access their bank accounts.
"Before we know it, robbers will be cutting off our fingers to use at the ATMs," wrote News24 user Ian Van Zyl.
"Now they are going to steal your PIN and your thumb....wonder which thimb I should give up?" (sic) echoed Oldman Vic.
Fears
But the developer of the technology says that such fears are unfounded because the technology can check to see whether a finger is "alive".
"Lumidigm employs sophisticated algorithms for fake-finger detection, also called liveness detection or spoof detection, with our sensors to prevent the fraudulent use of a biometric. And this protection (algorithms) can be updated as new threats emerge," Mark Shermetaro, Lumidigm CEO told News24.
The company plans to introduce biometric ATMs to the South African market, and the technology has seen some success in Brazil. In Kenya, the technology is used in parallel with PIN cards to cut down on bank fraud.
In SA biometrics could follow a similar model where it is used in conjunction with a card to ensure that bank transactions are not fraudulent.
"Further, important or high-value transactions usually require multi-factor authentication, such as a fingerprint and a credential. In such a scenario, a hacker might have the credential but not the fingerprint," Shermetaro added.
In practice, a fully biometric system may also be limiting to people who usually send relatives to conduct ATM transactions on their behalf because the system requires that you have to present yourself to be scanned in order to access your account.
Soon after Apple introduced its iPhone 5s which featured a fingerprint reader, German group Chaos Computer Club showed that it could compromise the security, though the methodology was complex.
Complex PINs
This sparked fears that criminals would immediately exploit biometrics hardware to conduct sophisticated crimes.
However, even with PINs, criminals are often easily able trick people into revealing their pass codes or swop cards. Also, many people do not use complex number combinations for a PIN which makes it easier to spot their code from a distance.
"There's absolutely no comparison in security between a PIN - something you know - and a biometric - something you are. A PIN can be compromised, forgotten, or dumbed down so far that it is easily guessable," said Shermetaro.
What do you think of fingerprint equipped ATMs? Send us your comments
- Follow Duncan on Twitter
South Africa may soon get ATMs (Automatic Teller Machines) that will authenticate bank customers with a fingerprint reader instead of the traditional PIN (Personal Identification Number) card.
However, News24 has been flooded with concerns that criminals will begin cutting off victim's digits in order to access their bank accounts.
"Before we know it, robbers will be cutting off our fingers to use at the ATMs," wrote News24 user Ian Van Zyl.
"Now they are going to steal your PIN and your thumb....wonder which thimb I should give up?" (sic) echoed Oldman Vic.
Fears
But the developer of the technology says that such fears are unfounded because the technology can check to see whether a finger is "alive".
"Lumidigm employs sophisticated algorithms for fake-finger detection, also called liveness detection or spoof detection, with our sensors to prevent the fraudulent use of a biometric. And this protection (algorithms) can be updated as new threats emerge," Mark Shermetaro, Lumidigm CEO told News24.
The company plans to introduce biometric ATMs to the South African market, and the technology has seen some success in Brazil. In Kenya, the technology is used in parallel with PIN cards to cut down on bank fraud.
In SA biometrics could follow a similar model where it is used in conjunction with a card to ensure that bank transactions are not fraudulent.
"Further, important or high-value transactions usually require multi-factor authentication, such as a fingerprint and a credential. In such a scenario, a hacker might have the credential but not the fingerprint," Shermetaro added.
In practice, a fully biometric system may also be limiting to people who usually send relatives to conduct ATM transactions on their behalf because the system requires that you have to present yourself to be scanned in order to access your account.
Soon after Apple introduced its iPhone 5s which featured a fingerprint reader, German group Chaos Computer Club showed that it could compromise the security, though the methodology was complex.
Complex PINs
This sparked fears that criminals would immediately exploit biometrics hardware to conduct sophisticated crimes.
However, even with PINs, criminals are often easily able trick people into revealing their pass codes or swop cards. Also, many people do not use complex number combinations for a PIN which makes it easier to spot their code from a distance.
"There's absolutely no comparison in security between a PIN - something you know - and a biometric - something you are. A PIN can be compromised, forgotten, or dumbed down so far that it is easily guessable," said Shermetaro.
What do you think of fingerprint equipped ATMs? Send us your comments
- Follow Duncan on Twitter