Shattering myths and misperceptions about biometric debit and credit cards


Biometric cards could make a strong dent against credit card fraud, but several myths surround the technology.

Biometric payment cards offer the potential to slash credit and debit card fraud. By registering and using your fingerprint with your payment card, you provide a much more secure means of authentication than is currently found on traditional bank cards. In many ways, biometric payment cards are similar to the payment methods we use with our mobile phones. Just as many of us use fingerprint recognition to unlock our phones and authenticate a payment, we would do the same with a biometric payment card. 

But several myths and misperceptions have arisen about biometric cards centered around security, compatibility, and cost. A recent post in Fintech Finance by David Orme, senior vice president at IDEX Biometrics ASA, attempts to shatter some of those myths.

SEE: Mastermind con man behind Catch Me If You Can talks cybersecurity (TechRepublic download)

Security

One misconception described by Orme concerns how and where your fingerprint would be stored. Your fingerprint data would not be saved in some central external database by the bank. Rather, the data would be stored locally on the card in an encrypted format. Using this method, people would be able to register their fingerprints at home via a remote process.

“Upon registration, the owner’s fingerprint image is immediately transformed into an abstract biometric certificate via encryption technology,” Orme explained. “This is then stored in the secure element of the card’s EMV chip, and the owner’s data never leaves the card. In this case, even if the fingerprint data was somehow extracted from the payment card, it cannot be used without the encryption key to unlock the biometric certificate.”

The local storage used by a biometric card would be similar to the method used by mobile devices. iPhones, and Android phones that use fingerprint recognition as authentication and…



www.techrepublic.com