So, what should we do when we see a correct user falsely rejected?
Today’s topic is this report “Thales launches payment card with onboard fingerprint scanner” https://www.theregister.com/2021/07/22/thales_fingerprint_payment/
Is the user expected to give up the payment opportunity altogether or is expected to feed the default password as a fallback measure?
Alleging ‘improved usability’ would be misleading in the former case, whereas alleging ‘improved security’ would be misleading in the latter case.
As such, what they claim is false.
More of our reasoning is offered here — “Negative Security Effect of Biometrics Deployed in Cyberspace”
Incidentally, a nice figure is quoted as False Acceptance Rate, but such a figure makes no sense unless it comes with the empirical False Rejection Rate that corresponds to the said False Acceptance Rate; these two rates are in the trade-off.
For Achieving Solid Digital Identity on Information Security Buzz (Mar/2021)
< Videos on YouTube>