from the are-you-sure-you've-thought-this-through? dept
As part of President Obama's BuySecure initiative, US merchants and the public are being encouraged to adopt the Chip and PIN technology for credit, debit, and other payment cards. As the announcement in October last year noted, these Chip and PIN cards have been used for some years in other parts of the world, notably Europe and Canada. For all the technology's vaunted security, there are inevitably still weaknesses that can be exploited, as with any system. That was true five years ago, and it's still true now, as shown by this story on the BBC Web site about one company's idea for reducing Chip and PIN fraud:
One of the biggest payments processing companies has revealed it is developing a chip-and-pin terminal that includes facial recognition technology.
The company admits that the system is unlikely to be perfect:
Worldpay's prototype automatically takes a photo of a shop customer's face the first time they use it and then references the image to verify their identity on subsequent transactions.
Worldpay is not suggesting that shoppers be blocked from making payments if its computer system failed to make a match.
It's only an experimental idea at present, but Worldpay says it could roll it out to the 400,000 retailers that use its system within five years if there's sufficient interest. That would obviously create rather a large collection of facial biometrics, which raises questions of how they would be stored. But don't worry, Worldpay has got that sorted:
Rather, it suggests that tills would display an "authorisation needed" alert, prompting shop staff to request an additional ID, such as a driving licence.
The firm says it would store the captured images in a "secure" central database.
Well, that shouldn't be a problem, then -- provided you remember to change your face when that database gets broken into….