I apologize for the improper formatting and appearance of misquoting.
We CAN "authenticate the purchase" with biometrics to reduce and avoid
chargebacks to merchants if we can reasonably identify the user with
biometrics, tokens, and PINs. =20
I wasn't looking for analysis or critics of my idea, but PRICES on these
spoofable, glamorous, marketable chips... Anybody??
kgm
-----Original Message-----
From: keitai-l-bounce@appelsiini.net
[mailto:keitai-l-bounce@appelsiini.net] On Behalf Of Dirk R=F6sler
Sent: Tuesday, December 03, 2002 7:42 PM
To: keitai-l@appelsiini.net
Subject: (keitai-l) Re: Biometric Chip Costs
For starters you would never be able to authenticate "the purchase"=20
with biometrics, unless "the purchase" has a fingerprint or other=20
measurable biological feature. Thus you are authenticating the user,=20
not the transaction. You can identify users using biometrics, however=20
this is even harder than authenticating users using the technology.
My main issues with your proposed scheme are, as far as I can imagine=20
it given your vague description, that if you use it for low value=20
transactions it's overkill, if you use it for high value it's=20
insufficiently secure for a variety of reasons. Result is that there is=20
no real need for it. So possibly you are just working on a marketing=20
exercise...
The truth is that physical possession of an object (phone, credit=20
card...) combined with proven knowledge of a secret value (like a PIN)=20
solves most problems today. But that may not be glamorous enough for=20
some.
Dirk
PS: Please quote properly
On Tuesday, Dec 3, 2002, at 12:00 Asia/Tokyo, Kenneth G. Mages wrote:
> I said what I meant. We are using biometrics to help identify users=20
> to cross reference other security measures for authenticating a=20
> purchase. Call it belts with suspenders.
Received on Wed Dec 4 15:43:15 2002