Monday, May 13, 2013

PayPal would prefer prints to passwords, PIN's. But... the article concludes, it's not necessarily an either/or proposition.

Online financial services providers are looking forward to a future where they are less reliant on password technology for authenticating their customers' identities on line and they seem to have very open minds re biometrics. But can biometrics supplant the password altogether?

PayPal wants to get rid of passwords in favor of biometric security (SlashGear)
However, he [ed. PayPal chief information security officer Michael Barrett] noted that passwords simply won’t go away after biometrics are introduced. It’ll certainly take a while before a new standard can completely take over, especially considering that passwords have been the standard for so many years. So while we could see smartphones with integrated fingerprint scanners, it could be a few years before a new security standard takes over full-time.
Biometrics can be used to overcome some of the limitations of passwords in use cases important to PayPal.

A biometric template is like a really long password your body makes — the example below uses 800 hexadecimal characters — in that sense biometrics allow for more complex passwords the user doesn't have to remember or write down.

Nevertheless (and in agreement with the quoted article's concluding paragraphs), rather than making passwords obsolete, biometrics will most probably be used to return the the password to the simplicity of the PIN era, ending the arms race that has required the use of longer, more complex, and more frequently changing passwords.

Real fingerprint template: