Interesting People mailing list archives
more on Not a requirement - Disney World requiring fingerprint biometrics of all visitors (fwd)
From: "David J. Farber" <dave () farber net>
Date: Mon, 18 Jul 2005 09:22:59 GMT
===== Forwarded message from Lee Tien <tien () well com> ===== \From: Lee Tien <tien () well com> To: David Farber <dave () farber net> Subject: Re: [IP] more on Not a requirement - Disney World requiring fingerprint biometrics of all visitors Date: Sun, 17 Jul 2005 21:07:19 -0700 Is it clear that Disney World is actually taking fingerprints? It's my understanding that Disney World has been using finger geometry scanners for 6 or 7 years. If I recall correctly, finger geometry is much less distinctive than fingerprints (my recollection is that something like 1 in 1000 people have the same hand geometry; I don't know the ratio for finger geometry). So it would seem less dangerous to privacy than fingerprinting. E.g., the National Academies study "Who Goes There" noted: * Disney World also uses a system that is designed to prevent a single-entry pass from being used by multiple users. Disney World issues each passholder a card at the time the pass is purchased. The name of the passholder is not recorded on the card, and, in fact, the card can be transferred freely from user to user until the first time it is used. At the time of first use, information about the passholder's finger geometry (not related to the passholder's fingerprint) is linked to the card. Any time after the first use of the pass, the person presenting the pass must authenticate ownership of the pass using a finger geometry verification check (by holding his or her hand up to a measuring device). If the check fails, the person presenting the pass is denied access to the park. Finger geometry is not distinctive enough to identify the passholder uniquely; therefore, verifying finger geometry does not provide sufficient certainty for accountability (see below). However, finger geometry varies sufficiently from person to person so that a randomly selected individual who is not the passholder is not likely to match the finger geometry linked to the card. Therefore, this system works well enough to prevent multiple users from using the same pass in most cases-an acceptable level of risk, given what the system is protecting. This system uses a loose form of biometric authentication to protect against fraud (here defined as multiple users) without collecting information that identifies the legitimate owner of the pass. "One unique application is at Walt Disney World® in Florida, where 200,000 annual pass holders are enrolled in a finger geometry recognition system." http://financialservices.house.gov/banking/52098jd.htm (Statement of Jeffrey Dunn, Chairman, Biometric Consortium) [both as of May 1998] I'd like to point out, however, that whether any such decision is a "good business decision" includes more factors than Bill Rogers mentions: at the very least, it's important to ask whether there are less intrusive ways of fighting fraud. It would also be interesting to know how Disney World assesses finger geometry as a fraud prevention measure, if I'm correct that this is not new. Lee ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on Not a requirement - Disney World requiring fingerprint biometrics of all visitors (fwd) David J. Farber (Jul 18)
- <Possible follow-ups>
- more on Not a requirement - Disney World requiring fingerprint biometrics of all visitors (fwd) David J. Farber (Jul 18)