[IP] more on Not a requirement - Disney World requiring fingerprint biometrics of all visitors (fwd)
===== Forwarded message from Lee Tien <tien@xxxxxxxx> =====
\From: Lee Tien <tien@xxxxxxxx>
To: David Farber <dave@xxxxxxxxxx>
Subject: Re: [IP] more on Not a requirement - Disney World requiring
fingerprint biometrics of all visitors
Date: Sun, 17 Jul 2005 21:07:19 -0700
Is it clear that Disney World is actually taking fingerprints? It's
my understanding that Disney World has been using finger geometry
scanners for 6 or 7 years. If I recall correctly, finger geometry is
much less distinctive than fingerprints (my recollection is that
something like 1 in 1000 people have the same hand geometry; I don't
know the ratio for finger geometry). So it would seem less dangerous
to privacy than fingerprinting.
E.g., the National Academies study "Who Goes There" noted:
* Disney World also uses a system that is designed to prevent a
single-entry pass from being used by multiple users. Disney World
issues each passholder a card at the time the pass is purchased. The
name of the passholder is not recorded on the card, and, in fact, the
card can be transferred freely from user to user until the first time
it is used. At the time of first use, information about the
passholder's finger geometry (not related to the passholder's
fingerprint) is linked to the card. Any time after the first use of
the pass, the person presenting the pass must authenticate ownership
of the pass using a finger geometry verification check (by holding
his or her hand up to a measuring device). If the check fails, the
person presenting the pass is denied access to the park.
Finger geometry is not distinctive enough to identify the passholder
uniquely; therefore, verifying finger geometry does not provide
sufficient certainty for accountability (see below). However, finger
geometry varies sufficiently from person to person so that a randomly
selected individual who is not the passholder is not likely to match
the finger geometry linked to the card. Therefore, this system works
well enough to prevent multiple users from using the same pass in
most cases-an acceptable level of risk, given what the system is
protecting. This system uses a loose form of biometric authentication
to protect against fraud (here defined as multiple users) without
collecting information that identifies the legitimate owner of the
pass.
"One unique application is at Walt Disney World® in Florida, where
200,000 annual pass holders are enrolled in a finger geometry
recognition system."
http://financialservices.house.gov/banking/52098jd.htm (Statement of
Jeffrey Dunn, Chairman, Biometric Consortium) [both as of May 1998]
I'd like to point out, however, that whether any such decision is a
"good business decision" includes more factors than Bill Rogers
mentions: at the very least, it's important to ask whether there are
less intrusive ways of fighting fraud.
It would also be interesting to know how Disney World assesses finger
geometry as a fraud prevention measure, if I'm correct that this is
not new.
Lee
-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/