So, what should we do when we see a correct user falsely rejected?

Today’s topic is this report “Thales launches payment card with onboard fingerprint scanner”

Is the user expected to give up the payment opportunity altogether or is expected to feed the default password as a fallback measure?

Alleging ‘improved usability’ would be misleading in the former case, whereas alleging ‘improved security’ would be misleading in the latter case.

As such, what they claim is false.

More of our reasoning is offered here — “Negative Security Effect of Biometrics Deployed in Cyberspace”

Incidentally, a nice figure is quoted as False Acceptance Rate, but such a figure makes no sense unless it comes with the empirical False Rejection Rate that corresponds to the said False Acceptance Rate; these two rates are in the trade-off.

Key References

“What we need to do for NOT achieving Solid Digital Identity”

Removal of Passwords and Its Security Effect

Negative Security Effect of Biometrics Deployed in Cyberspace

External Body Features Viewed as ‘What We Are’

Additional References

For Achieving Solid Digital Identity on Information Security Buzz (Mar/2021)

What We Know for Certain about Authentication Factors

Digital Identity for Global Citizens
Image-to-Code Conversion by Expanded Password System

Summary and Brief History — Expanded Password System

Proposition on How to Build Sustainable Digital Identity Platform

Account Recovery with Expanded Password System

History, Current Status and Future Scenarios of Expanded Password System

Availability-First Approach

Update: Questions and Answers — Expanded Password System and Related Issues

< Videos on YouTube>

Slide: Outline of Expanded Password System (3minutes 2seconds)

Digital Identity for Global Citizens (10minutes — narrated)

Demo: Simplified Operation on Smartphone for consumers (1m41s)

Demo: High-Security Operation on PC for managers (4m28s)

Demo: Simple capture and registration of pictures by users (1m26s)

Slide: Biometrics in Cyber Space — “below-one” factor authentication



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Hitoshi Kokumai

Advocate of ‘Identity Assurance by Our Own Volition and Memory’, Inventor of Expanded Password System and Founder of Mnemonic Identity Solutions Limited in UK.