Biometrics is a convenient way to authenticate ourselves.
Payment companies like biometrics because biometrics are individual enough to be functionally unique, and hard to forge.
We like them because its way easier to pay with a finger than digging out a card.
LeoPatrizi / Getty Images
But biometrics have such disastrous downsides that we shouldnt be using them like this at all.
“One more problem with biometrics: they dont fail well.
You may also rememberAmazons experimental palm payment system.
Brands&People / Unsplash
So far, we can pay by smiling or waving.
I cant be long before the fist bump, and the weak-corporate-high-five, are added to that list.
And the worst part of this is that once your fingerprint is compromised, thats it.
As Schneier points out, you cannot replace your thumb, eye, or face.
In fact, you might be doing it already with Apple Pay, or a similar smartphone payment method.
Apple Pay, and similar methods, keep the biometric verification private.
Authentication is between you and your phone.
Whats more, your face or fingerprint is never stored anywhere.
A single password or a biometric is not the wall of protection needed to survive.
Turning on multi-factor authentication provides multiple walls of protection and reduces the chances of hacks.
Biometrics must be added as an additional layer of protection and not just a proxy for passing a password.
The solution is to use something like Apple Pay as a proxy for your biometric data.
But even that is covered.
Apple Watch users can pay with the wave of a wrist while enjoying the biometric security of their iPhone.
It seems like the perfect solution.
Correction 05/27/2022: Updated source attribution in paragraph 12 at the source’s request.
