Published 18 years 6 months ago • Last updated March 22, 2025 • ⏱️ 2 min read
[Blocked Image]
I've just seen on the news today about German supermarkets using biometric data like fingerprints to purchase goods. The claims of increased convenience and the ability to earn points by just using your finger. All sounds good to the average consumer but what would happen if this method was used instead of debit/credit cards?
In the example I saw a women purchase goods by simply placing her finger on the fingerprint scanner, there was no form of identity confirmation and no second factor of authentication. Obtaining a fingerprint isn't difficult and all it takes is for a bad guy to wait in a cafe until you've finished with your glass. Once biometric data has been obtained it's game over, you can't alter your fingerprints, unless you want to burn them off.
People could even start to collect fingerprint data and post it on the internet, committing theft could be as simple as downloading a graphic and walking into a shop with your finger and a bit of putty.
There's also the problem of privacy and you may earn points from using your finger but the supermarkets can then collect your purchases and match them to your biometric data. So you've got a unique form of customer identification that cannot be modified and is stored for a lifetime, sounds like a marketeers dream and the worse nightmare for anyone concerned with privacy.
Storing this data is also a huge security risk, millions of people's biometric data is at risk and you can only lose it once. The UK has recently experienced a huge data loss of public data, I think we should get the basics right first before we consider biometrics.