Interesting credit card

Fingerprint authorization is not secure at all.

Like I said, with biometrics, itā€™s hard to change your password. Someone got a sufficiently-high-quality photo of your finger? Oh, well, now there can be no security for you.

Thatā€™s why I was showing you vein pattern idea. It is very secure.
Why would you need to change your password (biometric ID)?

Currently all biometric scanners are insecure, not because of the person but because of the equipment. I wonder if a wearable NFC device (such as a ring) wouldnā€™t do a better job.
So long as the ring is on your finger itā€™s unlocked. If removed it turns of and is ā€œlockedā€ until your phone unlocks it again via your pin.

EDIT: I guess you can call that persistent RFID authentication

Any links to scientific research that proves this statement?

Edit: it seems that currently all biometric authentication is insecure.

Ahh, so thatā€™s just your opinion/belief.

I have read that this is a very good and secure technology. For example, well known Bruce Schneier has said that ā€œthere is no known method to forge vein patternsā€.
What is important here, that almost all the time there are different layers of security that come along. You are not using just fingerprint, or just retina scan, or just vein pattern scan to authenticate yourself.

Because if someone manages to come up with a way to forge your biometric ID (for example, creates a working replica of your fingerprint), then that method is forever insecure for you, because you canā€™t change your fingerprint.

You could use a different finger, or another hand :wink: .

But if we assume that you cannot duplicate your hand and hence your vein pattern at least any time soon, then you donā€™t need to worry about this issue at all. And when we will be able to clone people or their parts, I guess we will have much more serious issues than just authentication.

Or if you are flexible enough your foot.

:smiley:

Should we also assume MD5 is unbreakable? How about 3DES?

You should NEVER assume.

It is a thin line between being concerned and being paranoid. Yeah, most security stuff can be broken/hacked - it all depends on the determination, time and resources.

But if you are so concerned about security, then you should stop using mobile phones, internet and all other similar 21st century stuff and go live in the wild. On the other hand, you are already on multiple government databases. And those are not secure and are being hacked constantly. But as far as I know, governments are keen on creating more and more databases where they include all the personal information about their citizens. What can you do about that? Revoke your citizenship?

I guess there is no such a thing as complete/unbreakable security. There are different levels of security.

And about assumptions. You cannot live without making assumptions, because you simply cannot know everything and be sure that what you know is correct. So as a human being you are making assumptions all the time. Another thing is - should you rely on your assumptions?

Of course you canā€™t live without making assumptions, but thatā€™s no excuse to make blind assumptions willy-nilly without thought.

I would suggest that any proposed solution should be examined carefully, with all the implications explored, before we commit our security to it, and doubly so when you canā€™t change it.