1

I'm looking for some informed perspectives on the growing 'casual' use of finger/thumb print scanners in for instance schools, for library use, cashless cafeteria payments, registration.

The security around such use is much, much lower than for e.g. holding credit card data where PCI-DSS gives a defined standard, process and QA program. Indeed, the security process appears to me to amount to, "The sales pitch says it is secure". Yet the actual value of the biometric data is unknown; and may in future decades be very high. You can cancel a credit card account but you keep your fingerprints for life.

So it looks to me that the risk involved in owning or being enrolled on such a database is unknown-but-we-should-accept-it-might-be-high.

Is there some convincing evidence that fingerprint data will not have any value during the rest of our lifetimes? or that these systems, when managed in schools (that is, by non-professionals) are so secure that the risk of data loss is negligible?

Chris F Carroll
  • 131
  • 5
  • Although security standards may be lower for "casual" biometrics, most still encrypt data using 128 or 256 bit encryption. This would take your average hacker a while to crack (although it is by no means impossible), and there are SO many other (easier) ways to get your fingerprint (the first that comes to mind in a school setting is asking to borrow a sheet of paper). – KnightOfNi Sep 04 '14 at 23:09
  • This is an interesting question with many possible facets. It's not just about the fingerprint, but the digital representation of it attributed to a person (i.e. a digital record). – schroeder Sep 04 '14 at 23:21
  • Rest assured that three-letter agencies will have access to the data. 1984 all over again. – Deer Hunter Sep 05 '14 at 07:20

0 Answers0