Mastercard is testing credit cards with embedded fingerprint sensors

By midian182 · 7 replies
Apr 20, 2017
Post New Reply
  1. Fingerprint sensors continue to make their way into everyday life, so it’s not too surprising to see the security feature being embedded into credit cards. Mastercard is currently testing the technology in South Africa and hopes to roll it out to the rest of the world by the end of 2017.

    The biometric cards are no thicker than standard credit cards, but there’s a built-in fingerprint sensor located in the corner that’ll let you authorize in-person transactions using just your thumb instead of a PIN number or by signing a paper receipt.

    "Whether unlocking a smartphone or shopping online, the fingerprint is helping to deliver additional convenience and security. It's not something that can be taken or replicated and will help our cardholders get on with their lives knowing their payments are protected," said Ajay Bhalla, Mastercard’s president of enterprise risk and security.

    Setting up one of these cards won’t be as simple as using an app. Assuming your financial institution decides to use the system, you’ll need to visit an enrollment center to have your fingerprints scanned. An encrypted digital template will then be stored on the card’s EMV chip. It’s possible to have two prints on the same card, though they must both belong to the owner – you can’t add other people’s fingerprints.

    Should the South African trials go well, the next step is to start testing in Europe and Asia. A worldwide rollout before the end of the year may sound ambitious, but the fact merchants won’t require new machines to accept the cards should speed things along.

    Permalink to story.

  2. Skidmarksdeluxe

    Skidmarksdeluxe TS Evangelist Posts: 8,647   +3,274

    Good old Pick n Pay supermarkets, they help themselves lot of my coin. Yeah, I received my biometric card from Standard Bank earlier today, I guess I'll be taking it for a spin tomorrow morning after tea at that supermarket... if my wife can wait that long. :D
    CrazyDave likes this.
  3. Kibaruk

    Kibaruk TechSpot Paladin Posts: 3,286   +902

    Good way to go. It would be best, in my mind at least, to have a "Mastercard" app, that will be linked to your credit card... "there is a transaction for $XX.XX pending, do you want to approve" YES NO.

    Yes, it will require that you have internet enabled, it is probable that at some point you don't have access to your phone or internet, could be followed by a keycode generator you can use instead of a pin. Now if you don't have your phone AND your keychain-code-generator... well it's not my fault you don't care about your security =P
  4. TheBigT42

    TheBigT42 TS Addict Posts: 155   +82

  5. lipe123

    lipe123 TS Evangelist Posts: 718   +236

    You watch too many spy movies, its everything but easy. Since when is it easy to take a perfectly focused high res picture of someones finger unless they are asleep or passed out ?
    It's possible but not easy and how are you going to explain some weird finger faking contraption on the card to the teller?

    Also just wear gloves 24/7 and your secret is safe :p
  6. Uncle Al

    Uncle Al TS Evangelist Posts: 3,334   +1,979

    Maybe they just need to upgrade their policy on thumbprints? After purchase, they snip off your thumb to guarantee authenticity. If it comes back approved you get your thumb back .... if not, it goes into the shredder. That should limit illegal purchase to ..... two!
  7. psycros

    psycros TS Evangelist Posts: 1,870   +1,290

    "It's not something that can be taken or replicated and will help our cardholders get on with their lives knowing their payments are protected," said Ajay Bhalla, Mastercard’s president of enterprise risk and security."

    This is a guy we're supposed to trust with our money? All you need is the DATA FILE that contains the digital fingerprint. Since that file is now going to be stored ON THE CARDS themselves it will be child's play (by hacker standards) to obtain them and make phony cards. There's also the chance of either the CC company itself or the government using your fingerprints for nefarious purposes.
    Last edited: Apr 20, 2017
  8. JW0914

    JW0914 TS Member Posts: 17   +9

    The security of fingerprint encryption is based upon how many points of reference is being used. Anything less than somewhere in the mid-20s wouldn't be secure, as there's a high probability points of reference less than that would match at least one other person. The failure of law enforcement forensic labs to require points of reference matching in the 20s have resulted in numerous misidentifications, with a well-publicized case occurring ~2010 with the misidentification of a gentleman based upon a reference match in the mid-teens.

    The problem with a broad adaptation of using fingerprints for security is the untested assumption that each human is born with unique fingerprints, something that has never been quantitatively proven, yet alone tested since less than half the human population has been fingerprinted. Fingerprint security is great when used in controlled situations based around a [relatively] small number of people (lab security, corporate security, etc.), but without employing reference matching in the mid-20s, it should not be viewed as foolproof security.
    Reehahs and Phr3d like this.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...