From: Kent Crispin <kent@songbird.com>
To: cypherpunks@Algebra.COM
Message Hash: 654df2994b8d7f13f3648e425153026c7da0c3e17ca3752229bf07bf53b35c9a
Message ID: <19971201164447.17774@songbird.com>
Reply To: <2367.881005036@zelkova.qualcomm.com>
UTC Datetime: 1997-12-02 00:56:52 UTC
Raw Date: Tue, 2 Dec 1997 08:56:52 +0800
From: Kent Crispin <kent@songbird.com>
Date: Tue, 2 Dec 1997 08:56:52 +0800
To: cypherpunks@Algebra.COM
Subject: Re: Big Brother Is Watching ATMs
In-Reply-To: <2367.881005036@zelkova.qualcomm.com>
Message-ID: <19971201164447.17774@songbird.com>
MIME-Version: 1.0
Content-Type: text/plain
On Mon, Dec 01, 1997 at 05:07:11PM -0500, Robert A. Costner wrote:
[...]
>
> As wonderful as eye scanning technology may sound, it promises to offer
> very weak identification and only be reliable in the short run. This is
> based on the premise that a reproduction of an eye will work as well. Just
> as a reproduction of a driver's license seems to work for check forgery.
>
> PINs offer security based on the fact that they are a secret. Not a shared
> secret. For comparison, take a look at the authentication procedure of the
> SSA and Wells Fargo bank. Over the internet, both want
>
> Social Security Number
> Date of Birth
> Mother's Maiden Name
>
> Imagine a bank machine requesting the same info as the only prerequisite
> for dispensing cash! This info might have been a method of secure
> authentication about the time I was born, but today, such info is almost
> common knowledge. This no longer is a secret, too many people have the
> info. Widespread use of eye scanners will provide the same results. As
> databases are built, and sold, the raw info becomes available and automated
> tellers become excellent targets for fake authentications. If you get it
> wrong, you just walk away.
>
> Eye scans may help aid authentication, but they should not take the place
> of PINs.
>From "Government Computer News", 1997-11-24
Optical character recognition converts an image into usable text.
But what if the character you want to recognize is a human being?
Try Visionics Corp's FaceIt PC 3.0, which works with a digital
video camera to secure a desktop computer against intruders.
The GCN Lab staff members were skeptical at first. After all, OCR
and voice recognition are still not mature technologies, and face
recognition applications are greener still.
FaceIt surprised us -- pleasantly.
[description of test environment, and test]
The software can be set to require a smile or blink from any person
attempting access...[I suppose you could stick out your tongue...]
...During testing, the software never misidentified anyone, nor was
it fooled if a user wore or removed glasses. Visionics claims that
changes in facial hair will not cause misidentification, but we
didn't test that claim.
http://www.FaceIt.com
--
Kent Crispin "No reason to get excited",
kent@songbird.com the thief he kindly spoke...
PGP fingerprint: B1 8B 72 ED 55 21 5E 44 61 F4 58 0F 72 10 65 55
http://songbird.com/kent/pgp_key.html
Return to December 1997
Return to “Vin McLellan <vin@shore.net>”