One of the the key issue with pin code is that because user tend to find them hard to remember they use well known sequence such as their birthdate. They may also use the same pin everywhere. This kind of behavior undermine the security of the system. For example using the same pin code for a credit card and a loyalty card is clearly not a good idea. However with the increasing number of application that requiers to learn a pin code, keeping a separate and unpredicable pin for each is far from being easy.
Beside using biometric authentification another interessting replacement for standard pin code is to use graphical pin code: Instead of remembering a sequence of letter/number, the user has to remember symbole/photos.
A very nice application of this idea is Passfaces where you use a set of human face as PIN code. It allow you to supply your friend/ familly face as pin code. Even more nicely it can be used in conjunction with facebook so you can use your social network data to generate the pool of photos.
European Union member states are expected to include digital biometric information in the form of two fingerprints on all ePassports. The deadline for compliance and migration to next-generation ePassports is set by the European Union for June 28, 2009. Germany is the first country in Europe to move over to the new system, starting this november. The addition of two fingerprint images in the ePassports requires an enhanced security procedure called Extended Access Control (EAC) . If you are interested in this technology read the nice slide presentation by Dennis Kügler about it. EAC aim at providing the necessary stronger cryptography to protect privacy sensitive data and to safeguard against cloning. The chip manufacturer for Germany is NXP Semiconductors a company founded by Phillips.
I wonder when we will have the same in France and who will be the chips manufacterer. I am still against biometric passport because biometric data are irrevocable. Which means that we can cancel them. If you lost your password, you can reset it, but if you loose your fingerprint data ? What can you do ? cut your finger ?
More details about the announcement for German passport can be found on the site MoreRFID
Latest Comments