Re: OT: Smartcards and Physical Security
On Wed, 2003-12-03 at 15:32, Manoj Srivastava wrote:
> An even better security guideline is "something you are" -- so
> should we not spring for retinal scanners/fingerprint readers/other
> buiometrics? I mean, we _are_ talking about other peoples money. :P
This idea has recently been in the news in Britain, where the Home
Secretary wants to introduce ID cards for everyone, complete with
biometric data.
Someone has been able to produce fake fingerprints (good enough to fool
fingerprint readers) within 20 minutes using easily available technology
(digital camera, etc). I would place no reliance on such things unless
they were administered under strict supervision, so that a human checked
that it was a real finger or a real retina that was being examined.
That puts the whole idea out of court for authenticating remote access.
--
Oliver Elphick Oliver.Elphick@lfix.co.uk
Isle of Wight, UK http://www.lfix.co.uk/oliver
GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839 932A 614D 4C34 3E1D 0C1C
========================================
"What shall we then say to these things? If God be for
us, who can be against us?" Romans 8:31
Reply to: