- Introducing the Tech Tatt – Chaotic Moon’s electronic tattoo
- MasterCard biometric security and identification – let me take a selfie!
- Making cybersecurity experts uncomfortable
- Is biometric technology as an authentication method here to stay?
We have always been fascinated by the idea of biometric technology. The basic premise of it being that each individual is unique and can be identified by his intrinsic behavioural and physical characteristics. Many sci-fi movies at the beginning of the 21st century bear testimony to our fascination with biometrics. Think iRobot, Minority Report and Skyfall, the movie in which James Bond’s Walter PPK pistol only fires when he holds it himself. These movies have all hinted of a future in which our DNA is intrinsically linked to our digital identity.
Today we use biometrics to unlock our smartphones and to gain access to buildings. Our fitness and health trackers collect biometric data to monitor our vital stats and tell us how well we’ve slept. They know where we are and what we do. In our quest to improve biometric technology and its application, we are continuously exploring new areas. Fingerprints, DNA, retina, hand and face are among biometric identification methods already used. But did you know that methods using ears, odour, gait, key strokes, brainwave signals, password pills and even selfies are also being developed and tested? One of the most interesting ones is the electronic tattoo. Let’s start with that.
Introducing the Tech Tatt – Chaotic Moon’s electronic tattoo
Chaotic Moon, a Texas based mobile design and development company, is best known for bitcoin earning fitness trackers and drones that breathe fire. But according to its CEO, Ben Lamm, the Tech Tatt project is one of the most exciting his company has ever had the pleasure working on. The project consists of combining conductive paint and various electronic components to create tattoos with circuitry that enable you to send, receive, collect and store data. These temporary, electronic tattoos are also called biowearables – technology that directly interacts with your wrist or any other part of your body, instead of being strapped onto it. Tech Tatts offer total integration and a cost effective and low-interference alternative to expensive, chunky devices such as today’s fitness trackers. Because the Tech Tatts are in direct contact with the skin, the biometric data they collect and upload via Bluetooth is also much more accurate. Users can just stick the tattoos on and go about their day without having to remember whether they charged the device.
What about fitness and medical applications?
Tech Tatts are the next step in fitness and health tracking devices. The current wearables take up a lot of space and can become uncomfortable after a while. Instead of your annual health checkup at the GP, you could simply stick a Tech Tatt on your skin to capture your vital statistics such as heart rate, blood pressure or any other health indicators. The Tech Tatt would then relay this data automatically to your physician, who would call you in case of a medical problem.
Tech Tatts and their potential applications in the military
Applications of the Tech Tatt in the military could include tracking soldiers on the battlefield. They could also potentially detect airborne poisons and pathogens in a soldier’s body and identify whether he is injured or stressed by analysing his heart rate and perspiration and hydration levels. The location tracking options are also great for monitoring children in crowded areas, for instance. The possibilities are virtually endless.
Can we carry out financial transactions with Tech Tatts?
Carrying out financial transactions could be realised by storing data on a controller mounted on the skin and then transferring that data via a gesture or fingerprint on a tap-to-pay type device. Instead of tapping your smartphone on a paying terminal, you would make a gesture, sending payment information to the terminal. Storing sensitive data in Tech Tatts could potentially also be much safer than storing it in a wallet as you would be carrying all this information on your skin, easily and safely accessible by only you.
MasterCard biometric security and identification – let me take a selfie!
The topic of financial transactions now takes us to the next part of the article. Up until now, customers have required passwords for online shopping and other financial transactions. But passwords get stolen, forgotten or intercepted. According to a recent survey, more than half of online shoppers forget important passwords more than once a week.
The emergence of Apple Pay has proven that customers don’t mind using biometrics, such as the iPhone fingerprint scanner, to identify themselves. And banks and other financial institutions are now following Apple’s lead. One example is MasterCard. In an attempt to combat fraud, the global payments giant has launched a biometrics payment service pilot with 500 customers. The experiment involves the use of not only fingerprints, but facial scans and voice recognition as well. The newly developed service is called MasterCard Identity Check. It enables users to make online purchases by ‘taking a selfie’ by blinking or by using their fingerprints or voice, instead of having to enter a password. However, MasterCard doesn’t literally take a picture of your face or finger. Rather, the scans map out the user’s face or finger, convert it into code of 1s and 0s, after which it is relayed to MasterCard. Since the entire world is selfie-crazy, MasterCard thinks that this particular identification method will be most popular. But because the global payment provider is represented in over two hundred countries and needs to cater to different preferences, they are adding fingerprint and voice options as well.
Once the pilot proves successful and all the kinks are ironed out, MasterCard will launch the innovative security solution publicly. In order to pull this off, they have partnered with companies such as Samsung, Google, Apple, Microsoft and BlackBerry. MasterCard have indicated that their biometric payment service Identity Check will ‘kill’ passwords within five years.
Making cybersecurity experts uncomfortable
There are a few concerns around the use of biometrics for identification purposes, instead of passwords or passkeys, PIN numbers or other identity verification. One is the possible blurring of physical crime and cybercrime or information crime, which would open biometrics up to horrible, targeted attacks. Fingerprint security systems have been fooled in the past. Cryptographer Tsutomu Matsumoto used a digital camera and cheap household supplies such as gelatine to create a ‘gummy finger’ copy of the finger of an actual person, a couple of years ago. Fake prints can also be made from residual fingerprints on objects such as a glass. Some users of fingerprint security systems have also indicated high false acceptance rates. Combining these concerns with the possibility of biometric data theft and resultant identity theft, we can see that it’s probably still a while before biometric payment systems will be implemented on a large scale.
Coming back to the selfie identity check system – MasterCard has indicated that they won't be able to reconstruct the user’s face as they store an algorithm, not a picture. They further confirmed that the customers’ private information would transmit securely and remain safe on the company's servers. But cybersecurity experts say that it’s far more preferable if the data stays on the user’s phone. Keeping sensitive information like this in one central location makes hacking much more tempting and much more likely to happen. The MasterCard Identity Check system is still only at the testing phase and they might actually decide to keep facial scans on the client’s devices after all. Time will tell.
Is biometric technology as an authentication method here to stay?
It seems as if biometric technology is already a truly international phenomenon and can be found on millions of mobile phones, at most big airports and at some of the largest banks. It is increasingly being accepted by the public as an identification method. Multiple studies and surveys by companies such as Visa have revealed that most European people between the ages of 17 and 25 have no problems using biometric authentication methods instead of passwords. A study by WorldPay showed that almost half of European consumers would welcome biometric payment technology as an alternative method. A more specific example of how biometric technology is already used is Barclays Bank in the United Kingdom who offers their customers identification options such as voice recognition. In Sweden and Poland, various ATMs have been equipped with vein recognition technology. This allows people to scan their veins in order to withdraw money, eliminating the need for a card or a PIN code.