Bank of America is trialling a biometric security system in some of its branches.
The bank, the second largest in the US, says its “Touch ID” fingerprint reader is “designed to significantly reduce personal identity theft and financial fraud”. To authorise transactions, customers just put their finger to the device, which is then checked against a fingerprint stored in the bank’s systems.
But concerns have already been raised because of the use of Bluetooth, a short-range wireless technology, to transmit information from the identification system to the bank employee. Bluetooth has been the subject of a minor security scare recently as it could allow criminals to steal information from devices using the radio technology, such as mobile phones and laptops.
A bank spokesperson has insisted that transmissions by the Touch ID system are properly encrypted and do not send any information about the transaction itself.
Bank of America currently uses a PIN keypad to validate a customer’s identity when meeting staff. Biometrics vendors cite their products’ advantage over this method in that individuals do not have to remember a number or password.
The bank’s fingerprint-reading system is still at the testing stage and it is yet to decide whether to roll out the technology to all its branches across the US.
As the recent UK ID cards trial has highlighted, fingerprints are one of the simpler forms of biometrics to use, although unusually greasy or dry fingers can result in incorrect readings. It emerged last week that the iris scanning systems used in the UK Government’s trial of 10,000 volunteers were confused by moist eyes and long eyelashes.