ATM Iris Recognition Coming Soon

Anonymous Cow writes "In Australia, iris technology is already being used by Qantas Airlines, Sydney Airport, foreign embassies, some banks and TAFE colleges, the Australian Protective Services, the Defence Department and the Police Integrity Commission. It is predicted that within five years every ATM in Australia will have iris recognition technology."

Iris DB

[CowboyNick]

But who keeps the database of the eyes?

Re:Iris DB

[uk_greg]

The financial institution, just like they do with your PIN these days.

This isn't very different from fingerprint recognition. Chances of the iris changing are pretty slim.

And if your recognition suddenly stops working for some reason, go to the bank and get rescanned for the master copy.

Here's a (somewhat dated) story on CNN with more detail.

CNN Story on iris recognition [cnn.com]

Re:Iris DB

[rmadmin]

What about eye injury? Yeah, I know we have redundant eyes and all. I don't know a whole lot about this technology, but what about the laser eye surgery that inproves your vision? Would something like this make enough of a change to mess up the scanner? But then again, like you said, just go and have the master updated. So I guess its not that big of a problem.

Oh, except for the fact that (atleast around here) most of the banks are very vulnerable to social engineering. :-)

Btw: The first thing that came to mind when I saw this was Minority Report. *gets fake eyeballs and steals a bunch of money* :-d

Re:Laser Eye Answer

[Anonymous Coward]

Laser eye surgery scratches the cornea. Not the iris, which, although the colors may change during your life, or even during the day, the patter of light vs. dark remains constant.

I seem to recall reading somewhere that babies seem to have large eyes because they do. Their eyes are the same size as adults' eyes, just in their smaller cranium.

-Xoder

I'll keep my PIN thanks.

[cosmosis]

Maybe I'm just paranoid, but I'll be damned if I submit to biometric identifiers to bank. It is afterall MY bank account that is insecure, not anyone elses, if I decide to remaim with using a so-called less secure PIN method. And only I to blame if someone steals it, which by the way has not happened once in all the years there has been a PIN number. I've been using ATM's since they were first introduced, and not once, have I had any security breach on my accont. Your crazy, if I'm going to let some corporation get their hands on my unique biometric identifiers which they will most likely sell to other companies. Before you know it, my biometric date will be on hundreds of databases outside of my control. My identity, both analog and digital is my own. Period.

Planet P Blog [planetp.cc]

Re:I'll keep my PIN thanks.

[cosmosis]

No, the entire point of my argument, is I, and I alone am responsible for my security. When security is mandated on myself then it is Tyranny. If I don't want to wear a seatbelt then it is MY LIFE that is at risk, no one elses. Now, if my insurance company wants to charge me more for the increased medical cost resulting from my accident from not wearing a seatbelt - they have that right. But to force me to wear seatbelts - bullshit. Same goes for my bank. Except in this case, if my money is stolen, there is no insurance company thats going to foot the bill. Only I will loose. Therefore, please tell me why I should be FORCED to use Iris scans??

Planet P Blog [planetp.cc] - Liberty with Technolgy.

Demolition Man

[altek]

Oh great, now when someone wants to rob me they dont just stick a pistol in my back they rip my eye out like Wesley Snipes did.

Excuse me sir, can EYE talk to you???

And I predict longer lines

[Anonymous Coward]

I already have a problem with people who don't know how to operate the ATM as it is, now I have to wait even longer as they try to figure out how to hold their head just right for the machine to make a good reading. This will frustrate customers rather than unhinder them.

Re:And I predict longer lines

[Qzukk]

Not to mention people who use drive through ATMs... how far away can the iris be to get a good picture of it to compare? Maybe they'll have goggles or something on a cord that you can pull into your car and put on your eyes for the verification (and hope nobody drives off with them)

Re:And I predict neck injuries

[mariox19]

I'm just thinking of the cashier at the supermarket checkout counter, rolling items over and over the scanner until the machine reads the UPC.

I predict neck injuries!

already experienced the long lines...

[Art Popp]

The serverlocker my servers are in is retina-scan protected. The device that does the trick requires precise alignment to get a good scan, and every other time I have to do it twice. If there are three people in front of me I can just sit down on the edge of my briefcase because at least one of them is going to have a problem. Most of the delay after getting successive good scans is in the scanning device looking up the eye in the database 30-50 seconds, then it reject you you align your head again, scan, and wait another 30-50 seconds.....

Ugh.

Why is this bad?

[Ars-Fartsica]

ATM transactions already create a full audit trail of your banking habits. At least this way, someone has to steal your eyeball and not just your card and PIN. The audit trail and data mining on your account takes place either way.

f we're going to live in a database society at least I want some assurance that my identity is proven with more than a plastic card and a four digit password.

Re:Why is this bad?

[shaper]

If your identity is tied to your iris and someone steals that identity (iris image), you have to get a new eye. Bummer.

Re:Why is this bad?

[ackthpt]

At least this way, someone has to steal your eyeball and not just your card and PIN.

My eyeball? Man, I like to think my eyeball is one heck of a lot more important that whatever is in my checking or savings account. Someone carves out my eye and I'm sure I'll not be worrying about mere money.

(Many years ago I bought a new car. Really sharp and very classy. I was pretty proud and happy to drive it around and show it off. 45 days later I was diagnosed with cancer. The car went from pride and joy to just some object.)

There's also this thing about totally ruthless people. If they need your fingerprint, they don't think much of cutting off your finger to take it with them. So, what's to stop them from taking your eye? Advances in security are met with advances in criminal technique. Best to keey your eyes in a safe deposit box.

Re:Why is this bad?

[gbjbaanb]

Iris biometric devices also require some blood pulsing to be detected as well (as do fingerprint devices) so you cannot use a fancy glass eye, or an amputated eyeball.

Sorry guys, best go back to the privacy debate on this one.

Re:Why is this bad?

[Boatman]

Clearly, you have not heard about the gummy fingers [counterpane.com].

Time for some education...

[danro]

so you cannot use a fancy glass eye, or an amputated eyeball.

Better start informing potential robbers of this important fact I guess.
I sure hope the local hoodlums down under are are tech savvy enough to not have to discover this by trial and error...

Re:Why is this bad?

[deblau]

Oh great, now not only do I have to worry about some crook stealing my eyeball, but my circulatory system too. I might as well go live in a safety deposit box.

Please provide sources if this is the case

[Palshife]

Iris biometric devices also require some blood pulsing to be detected as well (as do fingerprint devices) so you cannot use a fancy glass eye, or an amputated eyeball.

Can you back this up with anything? According to this article [cnn.com] the iris is recognized by a single snapshot, not a "scan". How then could you determine if blood were flowing or not?

Every fingerprint ID device I've ever seen is comprised of a clear plate and a scanner. You could press a ham against it and it would take its picture.

Links? Support? Shooting things down arbitrarily doesnt fly with me.

Re:Why is this bad?

[mattorb]

Any reasonable biometric -- which is to say, any biometric with a rat's chance in hell of actually being deployed to every ATM in Australia -- would employ so-called "liveness testing" to prevent the sort of attack you describe. The military is very, very interested in biometric technology -- do you honestly think it would never have occurred to them that someone might cut off your finger to fool a fingerprint detector?

In the context of a fingerprint scanner, you can check for a pulse; some properties of your skin are also different if blood flow has been cut off. With an iris scanner, you could at least check to make sure the pupil dilates when exposed to a flash of light, etc. I suspect -- though you're free to disagree, since I offer no proof -- that there are many, many other ways to do liveness testing, some of which are probably secret (since if they weren't, you could more easily figure out how to circumvent them).

It's maybe also worth noting that biometrics will probably not, in many cases, replace current methods of authentication -- rather, they can add an additional layer of security to a system, making it that much more difficult to compromise. There's a slogan about authentication methods that is much in fashion these days, which says they should be "something you have, something you know, and something you are." E.g., a card-swipe combined with a PIN, combined with a biometric. Not necessarily more convenient, but potentially more secure.

Re:Why is this bad?

[moncyb]

Good points, but I'm sure it's possible to make a machine which fools the device into thinking a thief is really you. From how I understand iris recognition, it just looks at your eyes visually. If someone had your iris scan, what's to stop them from using a LCD display (or other device) in front of the scanner? Would contacts with your iris pattern printed on them work?

Once a thief has your iris data, how could you change it so the thief can't get to your bank account? You'd be screwed.

how they work

[Hubert_Shrump]

FWIW --

Iris scanners check to make sure the pupil moves and the eye is made of liquid BEFORE doing other checks, so a screenshot isn't going to help.

They do a neat little radar-screen-like scan, transforming a circle into a 2D map. That 2D map is what's compared. I would make a stab and say it's difficult to reconstruct the iris from the map.

Iris scans (as of right now) have the lowest failure rate of any biometric. They're better than fingerprints because the iris is behind the cornea, so it's less likely to be damaged or changed than the fingers - which are always going places they probably shouldn't.

HAND

Re:how they work

[Znork]

That's why you cut out a hole for the pupil where you can put your own pupil behind the snapshot.

Problem solved.

Biometrics, as the tech is today, are a joke. As an added measure they're useful (ie, biometric _and_ PIN _and_ card), but alone I'd trust them less than I'd trust my CC number and expiration date as identity verification.

Re:Why is this bad?

[sporty]

ATM transactions already create a full audit trail of your banking habits. At least this way, someone has to steal your eyeball and not just your card and PIN. The audit trail and data mining on your account takes place either way.

'careful there. I think you just violated the DMCA there

Re:Why is this bad?

[Greyfox]

Because they have to STEAL your EYEBALL! Christ man, didn't you even think about what you were saying?

On a more serious note (As if eyeball stealing wasn't serious enough) no security system is perfect. Someone WILL crack that security. Some loophole will be found because some loophole always is. Nothing a human being can make can be perfect. Now imagine the poor guy who has to prove that a string of ATM transactions into his checking account didn't come from him. Everyone will assume that biometrics can't be beat and that guy will have no recourse except to eat his losses.

Likewise, biometrics can change. How will that guy get his money from ATMs once criminals steal his eyeballs? Lets say for the sake of argument that great advances in eyeball stealing technology are made, to the point where a criminal can just pop them out while you're standing in line at the grocery. One minute you're counting your sausages, the next minute you have no eyeballs. You might not even notice for a couple of minutes. You'd be all like... "Hey... didn't I have eyeballs a minute ago?" Then you go up to the cash register to pay and you can't prove your identity because someone just made off with your eyeballs. Very embarassing.

From time to time I get into something that causes an allergic reaction that in turn causes some nasty skin peeling on my hands. During that time my fingerprints are completely obscured (You have no idea how much grip fingerprints give you until you don't have them, let me tell you...) If my bank were relying competely on fingerprints for me to prove who I was, I'd be up the creek with no food to by groceries or eyeball stealing equipment until my fingerprints grew back.

In a nutshell, I don't trust any identifying feature (including social security number) that can't be easily paired with a secret and changed at a moment's notice.

Uhm. I'd rather lose some cash than an eye.

[Moderation abuser]

I mean, you go ahead and feel free to argue with the mugger carrying the scalpel. I'll just hand over the card.

Re:Why is this bad?

[egoff]

I've been doing that for awhile, I've signed with Queen Victoria, Napoleon Bonaparte, Margret Thatcher, and Elvis Presley. In over two years, only one cashier has ever noticed. He stopped me on the way out the door and said "Napoleon Bonaparte?"

I said "yeah, its a nickname," and the man actually believed me.

And accepted the payment.

Re:Why is this bad?

[glesga_kiss]

My handwritting is abysmal, and I get asked occasionally to redo the signature. Some do actually check.

I wonder if; say you lost some money when someone steals your card and uses it like that. Could you sue the shop for not checking? It's pretty negligent really.

Re:Why is this bad?

[Ctrl-Z]

Hmm, let's see. If your credit card is stolen, you're obligated to call the credit card company as soon as possible to inform them that your (erm, I mean, their) card has been lost or stolen. If you don't, then you're going to have a hard time explaining to them that someone stole your card and used it inappropriately.

Suppose that a thief uses your card before you get a chance to call the credit card company. Then when you get the charge on your card, you call them and tell them that you didn't make that purchase. They would reimburse the money to you. At this point it's not really your concern any more. It's the credit card company's issue. And if the receipt they have has a signature for "Donald Duck" on it, then they may have an issue to take up with the store. But you don't really.

Of course, I don't work for a credit card company, nor have I ever had my card stolen. But, as far as I know, if you follow the card company's rules you should be pretty safe.

Re:Why is this bad?

[glesga_kiss]

Yup, you are correct for credit cards, but I don't think debit cards are the same. I'm not sure is you guys have these in the States, examples are Switch, Solo and Electron.

Also, your card may be stolen without your knowledge, e.g. from a hotel room safe, or a pickpocket. I only use my credit card online, so someone could steal it from my wallet and it would take me a while to notice!

Major problem

[phaze3000]

I have a father who is blind. His 'eyes' are made of glass and removeable.

How exactly is this system supposed to detect him?

Re:Major problem

[Badgerman]

Likely there will be an alternative - probably with disclaimers on how insecure it is.

Good point though. How good is Voice Recognition for someone who is mute, for instance? Technological advances can also mean you have a really cool, high-tech, extremely narrow range of options.

Re:Major problem

[Schwartzboy]

My concern exactly. Also, what about black eyes, pinkeye, or some sort of serious facial injury or issues with contact lenses possibly inhibiting a correct scan or one of about a billion other variables? I'm not familiar enough with the tech involved to comment intelligently on the things that could mess up an otherwise good iris, but someone with two glass eyes would certainly throw things off for any system I can imagine. Possibly a blood/DNA scan for those people who don't have "valid" irises to scan? Is anyone else thinking that TV commercial with the password/blood sample/hair sample security system on all the office PCs where the entire staff was bald? I have seen the future, and it makes me queasy.

Re:Major problem

[curtisk]

There are a number of biometric id types:

• Heat patterns
• Artery / Capillary / Vein patterns
• Facial Recognition

And so on..... so I'm sure there will be alternatives...but that doesn't help the ATM hardware manufacturers, thats alot MORE work adding more biometric ID types to a single ATM machine...

Re:Major problem

[scotay]

Sounds like the perfect use for some RF-EYED tags.

You can put that plastic bag over my head now.

Re:Major problem

[agallagh42]

There are braille bumps on the buttons for a reason. He would just have to learn the order of commands to get money out (ie. first enter pin, then press withdrawl, choose account, choose amount, press ok, etc.)

I just hope he's not using the drive-up atm :)

Re:Major problem

[GiMP]

You laugh, but I've seen braille on drive-up ATMs.

Re:Major problem

[Triv]

You laugh, but I've seen braille on drive-up ATMs.

Yeah, and it's there for three reasons, one silly, two practical.

The practical reason is that it's cheaper (and/or less complicated) for the companies who make the ATM to only buy one set of buttons. Why bother discriminating between the two?

Also, how can you be sure the person who's driving the car is the same person who's using the ATM?

The silly reason is one of standards - certain things must be handicap-accessable regardless of where they are, like there being wheelchair access to government buildings, social security offices and the like. There are no exceptions to the rule, even if the rule makes no sense under some circumstances.

It reminds me something I read about a town in Jersey that has to employ an elevator inspector even though the town has no elevators.

Triv

Re:Major problem

[fastdecade]

Another reason for braille on all ATMs: interface consistency. Even 20/20 users will become accustomed to using the braille for additional feedback. It's not difficult for them to type in on a numeric keypad, but every bit of feedback helps (and every lack hinders), especially when they can't see the PIN they enter.

You probably don't notice how much you use bubbles on the keyboad. Even though they were initially intended for blind users, you'd certainly notice if they were taken away.

Which means

[Apreche]

That there is a database somewhere that matches their eyeballs with their personal information. Sorry, but I'd rather not have another database with my info in it.

But what is the "key" now?

[Ars-Fartsica]

In most identity databases there is absolutely nothing to assure that the entry actually represents you. The trust is inherent...we just assume that the phone company or credit agency has correctly assmebled a profile of you. Result - rampant identity theft. We live in a database society and nothing is going to change that. At least let me provide a reasonably secure means of verifying myself.

Re:But what is the "key" now?

[glesga_kiss]

Yup, and retinal scans have to be taken up close. They can't be used to track you. All you need to foil them is a pair of sunglasses.

I've no problem with it being used in this way. It's the technologies that can track you without your consent I'm not happy with, e.g. RFID, OCR on license plates etc.

One question

[Lord Sauron]

Does anyone who already worked with this system know how it deals with color contact lenses ? I assume it doesn't.

And is there any problem with regular contact lenses ?

Re:One question

[joebagodonuts]

BUZZZZZZZZZZZZZZZZ!

That's 2 quesions.

Sorry. couldn't resist

Re:One question

[cabraverde]

I beleive they work based on patterns in the relative luminance of different parts of the iris (ie disregarding colour).

Re:One question

[Galvatron]

And given that my girlfriend is 5' (or so she claims; measuring tape pegs it at 4'11"), if they raised the ATMs, she wouldn't be able to reach it at all. Hell, even an average man is 5-6" taller than an average woman, and especially in Australia, you're going to have a sizable Asian population, which will tend to be shorter than those of African, Aborigine, or European descent. Clearly, this is not a good idea.

Usually these systems can distinguish from dead eyeballs because they look at blood vessels on the retinas, which look different on a dead eye. Where is the insecurity that they're trying to fix here anyway? To use an ATM as is, you need a card and a PIN. You may have your card stolen, but how does someone steal your PIN? Even if someone threatens you, and you're too scared to make something up, you can just call the bank and deactivate the card.

Not just protecting clients

[Badgerman]

Though I'm all behind this (and the additional technologies it'll bring), this is more than just protecting clients - it's protecting the bank.

Take a look at the Citibank issue. Having advanced security technology like this is a great way to protect your customers - which in turn protects your reputation and protects you from lawsuits.

I also wonder if this will raise the bar for other institutions.

Re:Not just protecting clients

[Col. Klink (retired)]

Yeah, Citibank does a lot to protect their customers [slashdot.org].

The end result will be that the system will be circumvented, but Citibank will claim that it's impossible and leave you liable for their mistakes.

Not quite

[tomzyk]

Mr Grimes predicted that Australia's financial institutions would

begin adopting iris technology at automatic teller machines within five years.

BEGINING to use them does not mean that EVERY SINGLE ONE WILL contain it immediately. It could mean that just every time a new machine is created, it will contain this functionality.

Bigbrother is becoming BigDaddy

[the_mutha]

Its hard to believe that even after books like 1986 and A Brave New World, people accept this kind of control.

Its because people accept this kind of control, and think its ok that we will face BigDaddydom in the future.

I believe in PREVENTATIVE medicine more than in CORRECTIVE medicine... and in the same way, belive that problems should be fought at their source, and not at the consequences.

E.g. Better educate people better, stimulate production to increase jobs, give away free tecnical education for the poor, than to build more jails, put more cops on the streets, etc.

Re:Bigbrother is becoming BigDaddy

[DonFinch]

OK, slow down for just a second. When it comes to banking this is a great idea. The bank already has your name, social, phone, and a miryad of other peices of personal information. This is all protected by a card and one or two pass-nums, or a checkbook. Both of which are very easily stolen, with lower-teir punishments. I'm sorry but since have only the choice of give the bank this data, or use nothing but cash all the time (plus never being able to use an interest-bearing savings account, invest, get a loan etc) I would much rather have it protected by my eye, which is attached to me, and to use illegially would involve either A. Armed Kiddnapping B. Serious assult (de-eyeing) C. Murder, all of which carry SUBSTANTIALLY stiffer penalties than pick-pocketing. There is no need for a tinfoil hat. This is not big brother spying on you. This is them giveing you a better lock and key to protect your data with.

Re:Bigbrother is becoming BigDaddy

[DonFinch]

True, however far more people have their pockets picked or ID stolen than are killed.

Re:Bigbrother is becoming BigDaddy

[thud2000]

I get your point but ... 1986?

Reminds me of Privium...

[Leon da Costa]

In Holland, it's now possible to join a system called privium [privium.nl]. You get a chip in your passport and have your eye scanned - and after that, you can pass certain passport-control-points with the blink of an eye.

I see a new wave of eye injuries coming...

[sawilson]

When the thugs figure out that you are pretty much
defenseless as you are getting your eye scanned,
and slam your head into the ATM machine from behind.
At that point, depending on how the scanner is
designed, you may have sustained considerable
damage to your eye. You've also probably been
knocked out cold and fallen on your back slamming
your head on the blacktop. The thug then cleans out
your account, and hops on eBay to buy this. [ebay.com]

Re:I see a new wave of eye injuries coming...

[nomadic]

Why do you format that so it looks like a prose poem?

:) OFFTOPIC!

[sawilson]

nomadic asked: Why do you format that so it looks like a prose poem?

Short Answer: because I can!

Long Answer: I dunno. To my eye, it's more pleasing
to have a long narrow column. I like hitting return
at the end of the box. I've always done it that way.
I really don't see the harm. You'll have a lot of
pathetic asshole AC's say dumb shit like, THAT
LOOKS GAY! or GET WITH THE YEAR 2000! and crap
like that comparing it to a vt100 terminal, and
the assorted lame comments about how things don't
have to be 40 columns wide anymore. I think a lot
of it has to do with the fact that I spent nearly
two decades on a console before I started playing
with X. Hope that answers your question.

Re::) OFFTOPIC!

[sawilson]

Yup. But it's more to do with making sure that the
finished product looks like this on purpose, as
apposed to satisfying some addiction to hitting
return at the end of every line. It also makes my
posts stand out so I can find them faster in a
sea of comments. There are a bunch of other stupid
reasons as well. Rest assured I'll have an answer
for probably any solution you can propose. I don't
really see the need to be flexible in the way I
post because it's one of the defining things about
my style of post. It's also not that big of a
deal. :)

Already been and gone in the UK

[Zog The Undeniable]

Nationwide Building Society (a bit like an S&L, for Americans) piloted it a couple of years ago. It worked perfectly but was uneconomic to roll out to all their sites.

Critically, there is no real anti-fraud advantage until every other bank does the same thing, so the ATMs were eventually replaced with conventional ones.

What happens when your eye is compromised?

[agallagh42]

If your PIN number is compromised or your atm card is stolen, you can call up the bank and have the PIN changed or the card cancelled and replaced.

If your eye is compromised (either by creating an artificial duplicate, or by removing your real eye from your head), it's not like you can call the helpdesk and have them mail you a new one. Once it's stolen, it's stolen FOREVER. The same problem exists for all biometric systems. Sure, they're tough to compromise, but if anyone is ever successful, there's no going back.

Re:What happens when your eye is compromised?

[binaryDigit]

Not trying to troll here, but if someone steals my eyeball, I don't think I would be too worried about my bank account, you know?

You would be when you realized that you couldn't afford to get it put back in ;)

Re:What happens when your eye is compromised?

[cdrudge]

I was just going to post the same comment somewere else, but then I thought about it for a moment. I would agree that someone probably wouldn't do this at an ATM. But the original summary mentions other situations where someone could/would (government facilities, embassies, defense department, etc).

Re:What happens when your eye is compromised?

[stubear]

The MPs standing outside the retinal scanning facilities would notice someone holding a person holding an eyeball up to a scanner. Even ATM cameras could record someone holding an eyeball up to the screen.

extension cords?

[tomzyk]

I'm wondering how the iris scanner will be implemented. Are they just going to install it into the machine so the user must be staring directly at it to recodnize you? Or will it have an extension that you can grab and pull into your car and have it scan you?
I think it'd be a pain in the arse if I had to stick my head out the window and stare at a button hole for a few seconds. (Especially if I'm wearing clothes which might get dirty while I'm leaning on my window. Or what if it's raining?)
What about passengers who want to make a withdrawal? This used to happen frequently at one of my previous jobs; a few of us would drive somewhere for lunch and we'd all need to make a stop at the ATM. If the scanner is built into the machine, then the passengers would have to get out of the car to use the machine. (or just climb over the driver... but that wouldn't be very comfy.)

Bank United, Texas

[egoff]

Before it was bought out, Bank United had these in Houston, Dallas, and Ft. Worth that they installed in 1999. Heres a link. [bluejag.com] They were pretty damn spiffy, and I opened an $100 account just so I could use the pretty machine. The way they kept the iris data was proprietary of course, I expect that each bank would have their own set of data. Eventually, once the technology became more widespread, it could be passed on the way your PIN is across various ATM platforms now.

Pins are good enough

[Joe the Lesser]

I think ATMs are secure enough, without adding more scary cyberpunk controls to our life.

I have an ATM card. It's unique. If someone steals it, they must know my pin to access the account.

Only the bank and I know my pin.

I'm sure there are cases where this has not been enough security, but for 99% of the population it seems to be working.

Lasik surgery

[sglafata]

And let's say I get scanned at an ATM or bank or airport - wherever! And then let's say that I decide I want to get Lasik surgery to "improve" my vision.

How will the Lasik surgery effect my retina scans? Is the ATM going to think, I am another person?

Re:Lasik surgery

[mstockman]

How will the Lasik surgery effect my retina scans? Is the ATM going to think, I am another person?

LASIK surgery modifies your cornea, not your retina, so my guess it it just won't matter.

See Lasik Institute explanations [lasikinstitute.org] for details (perhaps more details than one would like).

Now, once law enforcement decides to use retinal scans to ID criminals, my guess is you'll probably see a black market in retinal modifications (as well as a lot of blind former criminals).

Fingerprint recognition

[ifreakshow]

While in College at Purdue my local bank used finger print recognition on some of their ATMs. I always found this convenient, as I didn't have to carry a card with me. Just stick your finger on the sensor and you have access to your bank account. The only thing that worried me about that was the fact that my fingerprints were then on file. And if I decided to become a criminal they could track my prints. This is why I feel Iris based recognition is so necessary. Who care if a bank knows what your eye looks like? Your certainly not going to leave a trace of that on any ransom notes you write.

No thank you

[ehiris]

I refuse to do business with any bank that would require my eyes being scanned. While there are many thieves out there, most of the people are honest. If the bank can't prosecute thieves and care about a 300$ robbery that at their turn rob from honest people, I don't and won't sacrifice my freedom. There is a line to be drawn between who you are and what you have. This invasion of privacy crosses it by far too much.

If Australian banks want to do it all the power to them but the reason is to dumb!

Secondly, the idea reminds me too much at Minority Report.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:And they'll still have braille on the buttons..

[binaryDigit]

Are blind people required to have their eyes removed? As for "drive through atms", don't you think that it's just a lot cheaper for ATM manufacturers to have one model of ATM vs having specific ones for drive through vs walkup vs embedded (I'm talking mechanisms, not the "body" of the atm). Why would they want the hassle of keeping track of two seperate button styles for every atm they manufacture?

Re:

[account_deleted]

Comment removed based on user account deletion

Re:And they'll still have braille on the buttons..

[jmb-d]

braille on the buttons -- just like there is at every drive-through ATM in the U.S.?

Back in 1990, my wife had an account at a bank where the drive-thru ATM had braille instructions (here's the fun part) for the TOUCH SCREEN interface! Think of the implications...

I'd hate to see what happens

[IWantMoreSpamPlease]

I once inserted my ATM card and just after, the machine experienced a malfunction and kept my card (apparently for security reasons)... ...I'd hate to see when happens if the ATM malfunctioned as you were putting your eye to the device...

Easily defeated

[petgiraffe]

Here [extremetech.com] is how criminals, the paranoid, and people who want to use their wife/boss/mother's account will do so.

I'm in the money!

[grub]

All I have to to is aquire one of Bill Gates' eyeballs and I'll be able to quit my job!

What if you're blind?

[GamezCore.com]

How bout the blind, and or people with damaged/missing eyes? As it stands now, ATM's do have braille support.

I'd give $20 dollars to...

[QwkHyenA]

The first person at the front of a long line of folks to walk up to the ATM, do the retina scan, then cup their eye and scream out in pain until the ambulance actually appears...

ROFLMAO

god knows, if that were to happen in our little town, no one would ever use that ATM again. FOREVER! Heck, folks here are just beginning to USE an ATM

The vendor

[fbrehm]

If you want to know more about who supplies this technology, go to http://www.iridiantech.com/

The site has some brief background on the technology and how it works.

If you want more technical information, go to http://www.cl.cam.ac.uk/users/jgd1000/

They can't all be right!

[Andy_R]

From the article...

"In Australia, iris technology is already being used by Qantas Airlines, Sydney Airport, foreign embassies, some banks"

"Mr Grimes predicted that Australia's financial institutions would begin adopting iris technology at automatic teller machines within five years."

""It is predicted that within five years every ATM in Australia will have iris recognition technology," Mr Moss said."

What about the wife/hubby/sig other?

[beacher]

Maybe I'm kicking a gift horse in the teeth here, but my wife loots my checking account on a fairly regular basis (Share and share alike when it's my wallet but not her purse.. I still haven't figured that out) I'd like to have the extra control on my card to lock out people that do have regular access to my wallet.

On the other hand, if I get thrown in jail or put in the hospital, she isn't going to be able to get to the funds to get me out.

A joint checking account is not a viable option unless I want to live in a cardbaord box.

Interesting quandry.
-beacher

How often is your info even compromised?

[antinous57]

With all the times you use your atm card, in all the different locations, how often do you find yourself calling up the bank and having to report fraud on your account because of someone stealing your card and pin number? If these things happened often ATMs would not have become such a necessary convenience. I know in the past 10 years when ATMs have really been readily available my account has never been compromised due to me losing my card and someone finding my pin, and I'd say that is the same for most people. Isn't that why most banks offer fraud protection anyways??

Cost benefits, people

[Anonymous Coward]

While it would seem that iris would be a great biometric secutity device for ATM machines, it turns out that there is absolutely no way to make it pay off. If you look up the statistics it turns out that the average ATM fraud in the US per ATM machine per year is something like $50. As a result, even a really cheap iris scanner becomes hard to justify putting in EVERY single ATM out there. I doubt the fraud cost is much higher in Australia....

This is not meant to knock iris biometrics. I think they are probably the only real sensible one out there. The false pos/neg of stuff like face recognition is truly a joke...

The primary manufacturer of iris scan devices is:
http://www.iridiantech.com

Low-down ATMs!

[MaestroSartori]

Dunno how many of you have this problem, but I find that many ATMs are far too low to use comfortably. I'm 6' 2" tall, which isn't too huge for where I live (the UK), but I still find that most ATMs require me to bend fairly low in order to read the screen. There's one near my house that needs me to bend over like I'm about to take it up the ass. Hopefully when this takes off round here, the scanner will be placed in a nice and easy-to-use position for everyone (ha!)

I already see a problem for lazy parents with this

[Phelan]

So what about lazy parents that need money and have Junior go grab his car and take Dads ATM card to the Bank and get him some money from the machine, used to have to run that errand frequently for my parents. This new system while creating better secuirty is also going to cause quite the hazzel.

"Nimis exalatus rex sedet in vertice - caveat ruinam!"

Three Pillars of Security

[Sgs-Cruz]

I read somewhere (and I think it's a great idea) that all good security should have three things: something you have (in this case, your ATM card), something you know (in this case, your password), and something you are. This iris recognition completes the triangle. With all three of those systems in place (you need a card, password, and you have to be the right person) it gets quite hard to get at someone's money unlawfully through an ATM. Assuming (and yes, this is a HUGE assumption) that the database is kept securely, then this is good news.

It's all fun and games...

[FFFish]

...until somebody loses an eye!

Rain Man would agree....

[Lord_Slepnir]

technology is already being used by Qantas Airlines,

Qantas airline...definatly safe airline.

Flowers

[psyconaut]

I don't get it...we have to hold a member of the iridaceae family infront of a cash machine to get our money?

How are we expected to carry these flowers around without wilting and dying?

-psy

Hygene?

[Zepalesque]

Does this mean I need to stick my eye up to a cup-thingy like at the optomatrist? ATM's get handled all the time, all day long. Seems like if not built properly, such a device could promote the spread of the common cold :(

*cough*

I hope it does recognize for LIVE iris

[aepervius]

Because now instead of being beaten a bit and forced to give a 4 digit pin, I will get my eye cut from me and left bleeding and shocked. Thank you technology advance.

Re:What if i do

[Organic_Info]

If I use my card and get my pin number wrong three times the ATM shreds my card.

If my eyes are wrong will the ATM shred my eyes with a laser. What if some one steals my eyes in a "Demolition Man - Simon Phoenix" stylee and robs my bank account. That could make for a messy robbery.

I tired and talking crap...nuff said.
.

Re:What if i do

[Znork]

Dont worry, as with most biometrics tech you dont actually need the 'bio' part. Iris scanners you can easily fool by taking a photo of someones iris. Print it out on nice paper, make a hole for the pupil, and hold it up over your own eye. Instant identity.

And for fingerprint scanners even breathing on them can often fool them. The temperature sensor goes off and you have an instant replay of the last guys fingerprint.

Todays biometrics are a congame, full of poor implementations and driven by fear and sci-fi commercials.

Biometrics are not secure. In many cases they're worse than PIN numbers.

Re:Injury/Astigmatism?

[Qzukk]

I believe that the pattern scanned is the pattern of blood vessels in the eyes, which is more random than genetically determined except possibly in cases where the eye is malformed.

Probably to maintain a reasonable sized database they would stick to right eye or left eye, and assume that the person knows which eye to scan.

I would suppose that they would have a backup ID system in place for people with eye injuries or fake eyes, or whatever other problems.

That is a lot I suppose.

[aepervius]

Look at the link above from extremtech from another poster. Apparently they got beat the system with a high res scanned photo and a hole in the middle. So apparently for some of the system, a live eye isn't that much necessary.

Re:That will be cool.

[Prizm]

No doubt about it. I'd be a bit weary of sticking my eye up to some grungy, downtown ATM and "hoping for the best." I can already see the future of pranks, like catapulting acid into my retina. Ouch.

No. really. they *won't* scan me.

[Frymaster]

the problem with this is that carrying your id is now mandatory. i have a driver's license. it demonstrates to the authorities that i am qualified to drive. when i am not driving i do not carry my driver's license with me and i do not show it the police when i am not accused of a driving violation. i have a social insurance number. it is only to be used for taxation purposes. i give the number to no one else for no other reason. they have no need nor right to ask for it.

with iris recognition these two pieces of id are always on me.

Re:No. really. they *won't* scan me.

[da]

The problem with id is not what problems it causes now, but the potential for it's abuse. Sure, our current governments would never dream of misusing the data that are held about us, but what about when a democratically elected government, e.g. the Nazis in pre-war Germany turns out to be a bunch of loonies who want to persecute those who disagree with them, and those who just happen to offend their arbitary prejudices. Then, you are in BIG trouble, unless you are a Nazi... So it is very important that these issues are taken serious, and not treated with the "well I've got nothing to hide, you must have" mentality...

Re:More to worry about then eyeball theft

[srmalloy]

And to the people who asked about lasik and retina scans ... RTFP it says IRIS not Retina. Iris is the color part in the front, retina is the light sensitive part in the back.

And just what does this iris scan look for, and how? The part of the eye between the iris and the cornea is a lenticular bag of fluid, and this fluid does not have a refractive index of zero. The whole point of refractive surgery like RK, PRK, and LASIK is that it changes the shape of your cornea -- and therefore the shape of the bag of fluid -- so that the light entering your eye is refracted differently by this fluid, and will now focus correctly on your retina. If the light passing through the fluid is refracted differently, it will change the way that your iris looks from outside the eye. The question is whether the refractive changes from this kind of surgery causes enough of a change to throw off the iris reader.