The uniqueness of a fingerprint has helped keep thumb drive files, computer systems and wallet contents safe from intruders for a good while now. Now, a team from Carnegie Mellon is breaking fingerprint recognition technology into new ground with the development of a secure payment system named PayTango, that uses a fingerprint scanner to identify shoppers and pay for items.
Developed during the first Tech Startup Lab course at Carnegie's School of Computer Science in the latter half of 2012, with assistant professor Luis von Ahn (who is also responsible for reCAPTCHA and Duolingo) at the helm, PayTango was designed to consolidate the various bank, credit, loyalty, student/business ID or gift cards into one easy payment method.
By February of this year, seniors Christian Reyes (Information Systems and Human-Computer Interaction major), Brian Groudan (Information Systems and Human-Computer Interaction alumnus), Kelly Lau-Kee (Industrial Design and Human-Computer Interaction major), and Umang Patel (Information Systems major) had assembled the first prototype and were ready for a live run.
That limited pilot test was undertaken in collaboration with the university's Dining Services on one campus, with the 100 slots snapped up in a matter of hours. After gathering user feedback, the fingerprint-based identification and payment system was tweaked and expanded to three campus dining locations.
Signing up to the system is said to take just 20 seconds and involves touching the biometric scanner with an index and middle finger, swiping a credit card through a reader to associate it with your fingerprint data, and then punching in your cellphone number to set up an account (the latter is used by system admin as a means of contact). Any card with a magnetic strip can be registered with PayTango, and the blurb in the terms states that PayTango employs "industry leading information security standards and safeguards, physical controls, and security procedures" to help keep your personal data safe.
Registered users need only place their fingers on the scanner to pay the bill at the vendor's point-of-sale terminal that's connected to the PayTango reader. The payment is then automatically taken from whatever service the user selected while signing up.
Enrollment has now been opened up to all Carnegie Mellon students who are signed up for a university meal plan or one of the flexible dollar programs and, at the moment, the service is free to use thanks to contracts with merchants.
Part of the university's Greenlighting Startups initiative, and backed by Mountain View's Y Combinator startup accelerator, the PayTango team has more Carnegie campuses in its sights for the near future. It's also hoped that the system will go on to launch on other college campuses, possibly replace membership cards in local gyms, and make its way into retail stores.
Watch Reyes provide an overview of the system and its development in the video below.
Source: PayTango via Tech Crunch
Without even really trying, they broke through these things. Yes, that was a few years ago, but do you think they couldn't do it again. And if Adam and Jamie were able to do it, you think others wouldn't be? Others who actually focus on hacking biometrics stuff?
From here, they will take the advancements in detection technologies for mood, "mental mental health", "risk factors", etc. and shortly move beyond faster , more secure transactions to controlling our purchasing behavior.
Imagine New York's Mayor Bloomberg or Michelle Obama with this technology at their disposal and move forward 5? 10? years.
No thanks.
Of course, the magnetic stripe part of the ID helps. But I am not happy with giving my fingerprints to just anybody.
A local bank (actually a large bank, local branch) asked me for a thumbprint to cash a check that was drawn on their own bank. I told them I would not be back.
To go there I need to apply for biometrical passport and give up my fingerprint to be saved into a database.
I'm sorry but I am not a criminal.
So your solution is reduce the freedom of the innocent rather than catch and prosecute the criminals. Besides finger print readers are not effective enough to be worth the bother.
To S. Michael: You do bring up a valuable point regarding the pros of this technology! Only the owner of the card would be able to make purchases, reducing the CC theft! (Unless they resort to my suggestion...!)
10 years ago I got work permit for UAE. My work involved frequent traveling out of the UAE which involved clearing the immigration, both on the way in and out. The immigration department created a smart card for me which basically only stored my ID code. To enter the UAE I had to place this card on a reader and place my thumb on the scanner. The system would simply looked up the database for the ID and compare the result to the scanned image. If it matched the turn style would release the lock and I would just walk in. This took no more than a few seconds. Loss of this card did not involve any security risk as there was NOTHING on it except the ID number to be looked up!
So how is this any different from what is being touted as new technology? What happens after authenticating the ID of the individual is just software code. No Big Deal !!!!