[114164] in cryptography@c2.net mail archive
Re: VaultID
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Mon Jan 28 11:39:27 2008
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: cryptography@metzdowd.com, leichter_jerrold@emc.com
In-Reply-To: <Pine.SOL.4.61.0801231837150.28287@mental>
Date: Mon, 28 Jan 2008 15:12:06 +1300
"Leichter, Jerry" <leichter_jerrold@emc.com> writes:
>Anyone know anything about these guys? (www.vaultid.com). They are trying
>to implement one-time credit card numbers on devices you take with you -
>initially cell phones and PDA's, eventually in a credit card form factor.
>The general idea seems good, but their heavy reliance on fingerprint
>recogition is troubling (though it may be appropriate in their particular
>application).
>From what I can gather from their black text on a dark-grey background, all
they're implementing is one-time CC numbers on various devices. Banks have
been using one-time CC numbers for awhile now, all this is doing is garnishing
them with an extra layer of biometric magic. The important thing isn't the
biometrics, it's the one-use-only CC number that provides the security, and
that's not really new.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
