Jewel-Osco, a Midwest supermarket, introduced a biometric payment system. After signing up and associating your fingerprint with your credit card, you can buy groceries just by pushing your finger on a reader at checkout and entering your “search number.”
According to their FAQ, this information is secure, they don’t actually take your fingerprints (just “data points…which cannot be turned into a fingerprint), and all the information is stored off-site at a Pay-By-Touch facility, a privately held company.
What do you think? Is this more, or less, secure than current systems of payment and authentication?
More From Consumerist
-
Grocery Shrink Ray Scoops Two Ounces Out Of Kellogg’s Raisin Bran
-
Maybe You’re Better Off With 2 Fewer Ounces Of Nesquik Chocolate Milk, But It’s Still Sad
-
Grocery Shrink Ray Hits Feta Cheese, Shrinks Product And Packaging (Updated: Not So Fast!)
-
Not Only Are Mike & Ike Splitting Up, But The Grocery Shrink Ray Has Them In Its Sights
-
4 Things That Make You Spend Too Much Money At The Grocery Store
It makes me think of “Minority Report”:
“Good afternoon, Mr. Yamamoto… would you like more of those tank tops you bought during your last visit at the Gap?”
Are you kidding me? Groceries with a fingerprint?
Why limit it?! I’m ready to buy everything with a fingerprint scanner.
They have this at the Pick ‘n Save where I used to shop back when I lived in the dorms in college in Milwaukee. I hadn’t been there in a few years until a couple weeks ago when I attempted to buy some booze with my finger. I still remembered the code I used but it didn’t take. I think they must deactivate (and hopefully delete) after some period of disuse.
@Rusted: Not sure I’m comfortable with shooting lasers into my eye every time I want to buy something.
@cynon: “I’m just astonished at how blase’ people are about this stuff. How often do we need to see abuses of these systems in the hands (or fingers) of corporations (and the government — no fly database anyone??) before we learn to STOP GIVING THEM MORE INFORMATION ABOUT OURSELVES!”
QFT
no way man. like other people said, you can get a new credit card if it’s stolen… can’t get a new finger. I’m not that trusting of their “secure” database.
YES I would use Biometric-integrated system, NO I would not use this one. If this were tied into my debit account I would, but I don’t use credit cards for casual purchases. The only two places I tie in my credit card are my cellphone in case of emergencies I may need to add more minutes (and it requires me choosing to add them, no auto top-up), and World of Warcraft was tied in until I canceled.
Also, be preferred if the service was held by a Bank, not a private company.
@ cynon – isn’t the information on the no-fly list primarily just names? Isn’t that how there have been idiot complications with people, including infants, who merely have names similar to those of terror suspects unable to fly? I find the no-fly list unnerving – the fact that it isn’t clear how you get off of it if you’re one of the people with a similar name, but no terrorist ties, and the fact that it’s pretty much as totally fucking useless as many of the airport security measures at this point – but I don’t think there’s a lot of extra information.
This isn’t to say I’d use the fingerprint reader, but while I have a number of speculative reasons (e.g., can’t replace a fingerprint if it’s somehow stolen), my main reason is just imagining how disgusting and slimy and covered in human waste those machines would get. I’d throw up once the local news did a “we found fecal matter and ear wax!” expose.
On the other hand, to the cash-touters – I’m not carrying that much cash in New York. I break out in sweats every time I carry more than $100.
This is extremely old news. Back when they first started pushing this, I overheard one woman’s reaction: I ain’t givin you my fingerprint, I ain’t a criminal! Personally, I can’t believe people are willing to let some grocery store chain fingerprint them just to save a few seconds at the checkout. It’s both amazing and sad how much people will sacrifice for a smidgen of convenience.
OK, how about a little reality on this? I’m an IT professional who supports a major corporate engineering database, and my primary responsibility is maintaining user accounts and access permissions.
Rest assured, if it’s created by humans, it can be ****ed up by humans. Servers can go down or become corrupted, hacked, or copied. Data is stored in a numerical code format. Numbers can be changed. Codes can be broken. The code associated with the fingerprint is linked to its “password” in a file somewhere that is accessible to anyone from programmers to help desk technicians.
What kind of program is being used to encode your fingerprint? Wanna bet it’s an industry standard? Anyone who has your code can potentially hack any system that uses the same encoding method, which will probably be most to all of the systems in use now. They don’t need your fingerprint to do the real, meaningful damage. Why play nickel and dime games at the grocery store when they can use your biometrics to clean out your personal and/or business information?
Re. The use of biometric info. to get groceries!
People: Be careful!
1. This biometric system give out an *incredible* amount of information about you;
2. Provides almost no additional security against hackers (they can just photocopy fingerprints or hack they system in other ways);
3. Hands over your most intimate info. to a database;
Is all your privacy worth saving 5-6 seconds at a grocery checkout line?
This time is rapidly approaching:
“He also forced everyone, small and great, rich and poor, free and slave, to receive a mark on his right hand or on his forehead, so that no one could buy or sell unless he had the mark, which is the name of the beast or the number of his name”
Rev 13:16-17
It wasn’t that long ago that people said things like this could never happen.
I used to work for a grocery store about 3 years ago that used this kind of system for a while for check verification. The problem is…well…it didn’t work. My fellow employees and I found in our down time that you could punch in a random number and when you scanned your finger upside down, about half the time you could get verified. Yeah…we stopped using them. Maybe they have gotten better…?
@TheSeeker: oh, please.
@FORMERGR Yes it’s been in Chicago for years, but I hardly ever see anyone use it. Even less popular than self checkout.
@ULRIKE007 When I have seen it used it’s invariably been slower then a debit card. No time saving at all.
Of course most people don’t realize you can start the payment process before all the items have been scanned. This includes the checkout staff who stand and wait for you to swipe a card or finger although in fact the register is waiting for their input.
For the fatty on the go.
Hmm we use Biometric scanners at work to clock in and out. We use the whole hand though so I am sure its a palm print and not just the fingers. But we also have a PIN we have to enter…half the time it doesent work right and I have to fill out a manual form…no way am I going to use the same f’d up system to buy stuff.
I love high tech stuff so I would definitely be on board to try a scanner instead of credit cards and checks.
I have not seen this in my area but we don’t have the Farmers stores here.
Guys, my brother is in charge of business development for a prominent biometrics consulting firm in NY. I sent this article over to him and we discussed it, this is what i’ve found out…
Though I have no idea what type of scanner the grocery stores are using, most modern fingerpring devices process much more than the fingerprint itself; they take into account the depth of the grooves on the finger, some measure pulses or blood vessels locations, they take into account many many factors, so a simple photocopy of a finger will not sneak through. Fingerprint scanners are almost never used without a second form of identification, hence the pin number, so even if someone “stole” your fingerprint you can change your pin and your print becomes useless (not to mention the fact that you have five chances per hand to have your prints compromised.)
And to all of you scared to adopt this technology, talk to someone who was around when atm/credit cards became popular, you think that was welcomed with open arms? Think again. My brother participates in biometrics conferences all over the world, and guess who else does? That’s right, almost everyone. Microsoft, Apple (gasp), Motorola, Siemens, Lockheed-Martin, just to name a very very small few. Most of these companies actually have a biometrics department. And guess who else? Nearly every industrialized government, with multiple departments attending. All I’m saying is this technology is coming, whether you don’t want it or not. Facial recognition software is being used very discretely in many more airports, governemnt offices, etc. than many people realize.
And on a side note, no one uses retinal scans like in Minority Report,(a common joke in the biometrics industry apparently) it’s actually an iris scan .
My fingerprint and my ticket worked just fine at Disney World. It seemed to be reliable as we entered and exited the various parks seveal times over a few days. Any thing that makes paying for something easier is a good thing to me.
@DocRaf: Let’s cut off his fingers anyway.
It slays me that people here are posting about not giving out personal information, by posting ON THE INTERNET!
“It’s cool man, I’m wearing gloves and posting from the library through an alias I saw on an episode of ‘CSI’ and wearing a disguise so they can’t see my face.”
I wish they did this everywhere. I’d like to register with my bank and then have it automatically work anywhere I bought something. That would be sweet.
Anyone had any trouble with fraud from this yet? Raise your hook hand.
The resistive type fingerprint readers won’t work on me, to the point that one of my clients just ended up giving me an old-fashioned key card & set of keys.
Speedwell‘s quite on target. They’re using a 3rd party solution, so the data must go from the store to the 3rd party, presumably through the internet. At the same time, your bank account info must be retained by the 3rd party and also must be relayed to the store. No thanks. I routinely exploit holes in 3rd party software to perform my job. I like it when programmers are lazy and use 3rd party solutions (and those people use 3rd party solutions as well). Makes my job very easy.
So, you won’t see me using this technology. The FBI has my fingerprints on file for security clearances, and that’s even more than I feel comfortable with.
Being that I used to work for a biometrics firm, I have some experience with this technology. Most likely, these fingerprint readers use “live-finger” detection. That is, the reader will not recognize anything that isn’t a live finger. The old live-finger detection readers used to just recognize body heat, which could be easily spoofed, but nowadays they are much more high-tech and recognize heat, pulse, etc. I am not worried that someone will chop off my finger (unless they just really liked it) – a dead finger would never work. Plus, I am not sure the cashiers would be okay with anyone pulling a chopped off finger out of their pocket to pay for their milk.
Also, to the people that are saying “oh, but I can’t ever change my data points!!”. Well, trust me, biometrics firms are not all using the same software and databases. They are trying to make money, not to create a big fingerprint database to share with their competitors. There is no industry-wide algorithm that is employed to convert data points into the binary numbers that will represent your identity. Odds are, each grocery store mentioned is using software from a different firm, and that firm alone would have any information about your data points. Even if someone got a hold of your data points (impossible, by the way) you could just be deleted from the system and re-enrolled. The data points wouldn’t be exactly the same the second time, or you could use a different finger. It actually is a very secure method of identification, especially with the “search number”. Even though it is more secure, it is still just a way for more corporations to make more money. We ought to be used to that by now, though.
Even if someone got a hold of your data points (impossible, by the way)
Tell us another one, but wait until I stop laughing from this one.
OK, go.
Well, nearly impossible. I suppose everything is possible.
I’m sure it’ll be as secure as the company who owns TJ Maxx.
God, I would love to have that feature. It would make credit cards more secure.