(keitai-l) Re: Biometric Chip Costs

From: Dirk Rösler <dirk_at_unicircuits.com>
Date: 12/04/02
Message-Id: <9021BCB9-0729-11D7-97F5-0030654492C6@unicircuits.com>
For starters you would never be able to authenticate "the purchase" 
with biometrics, unless "the purchase" has a fingerprint or other 
measurable biological feature. Thus you are authenticating the user, 
not the transaction. You can identify users using biometrics, however 
this is even harder than authenticating users using the technology.

My main issues with your proposed scheme are, as far as I can imagine 
it given your vague description, that if you use it for low value 
transactions it's overkill, if you use it for high value it's 
insufficiently secure for a variety of reasons. Result is that there is 
no real need for it. So possibly you are just working on a marketing 
exercise...

The truth is that physical possession of an object (phone, credit 
card...) combined with proven knowledge of a secret value (like a PIN) 
solves most problems today. But that may not be glamorous enough for 
some.

Dirk

PS: Please quote properly

On Tuesday, Dec 3, 2002, at 12:00 Asia/Tokyo, Kenneth G. Mages wrote:

> I said what I meant.  We are using biometrics to help identify users to
> cross reference other security measures for authenticating a purchase.
> Call it belts with suspenders.
Received on Wed Dec 4 03:52:36 2002