The Super Creepy Technology That Could Replace Both Boarding Passes and Chip + PIN

by Gary Leff

Alaska Airlines wants to fingerprint you instead of using boarding passes.

“Our big picture dream is that any time you have to prove who you are during any of the steps of air travel, you could simply use your fingerprint instead,” says Jerry Tolzman, manager of customer research and development. “We want this to be a curb-to-seat experience.”

The first tests of biometrics began last fall in Alaska’s Board Room airport lounges. The opt-in fingerprint entry option proved so popular that it’s now a regular feature of all four Board Rooms. The logical next step was to begin looking into biometrics for other areas of the day-of-flight experience.

But right now you have a QR code on a phone, instead of your finger print, so I’m not sure how much easier this is for the customer – novelty aside.

It provides greater authentication security — less risk that someone else is impersonating you, which protects the airline’s revenue (and I suppose prevents someone from mileage running for you).

This type of technology is seen as having the potential to reduce credit card fraud, which is a huge cost to payment processing companies as well.

One technology for this biometric identification is Nymi, which makes a wearable wristband funded by MasterCard. It’s been around for a few years but I first learned of it at a recent MasterCard conference

Here’s how the authentication works: their wristband verifies your identity with biometrics and broadcasts it through bluetooth. The idea is you always wear it and always broadcast to provide persistent identification.

Here’s a demonstration:

I’m not sure how fingerprint identification is quicker and easier than scanning a boarding pass contained on your mobile device. I’m certainly unclear as to why Alaska Airlines Boardroom access necessitates the level of security afforded by biometrics. Risk of loss to Alaska Airlines is fairly small. If someone manages to access the lounge via a false authentication, what’s the loss? Pancakes?

I understand why a payments company will want this. Whether or not consumers go along and it becomes a standard remains to be seen, although consider how long it has taken for chips to enter common use in US cards (and most transactions in the US aren’t chip-based, let alone chip and PIN) I suspect it will take some time.

My worry though is that having fingerprints and other biometric identifiers stored in a variety of databases means that a hack of one of those makes it easier to access the others. And it’s precisely because biometrics are considered so secure that their proliferation makes them a greater threat — the security biometrics provide is only as great as the most vulnerable system which holds records of them.

US merchants are being pushed to adopt chip technology for processing payments through a risk shift, they become liable for fraudulent transactions if they aren’t using it. I see the move towards biometrics as a risk shift onto the individual consumer. It’s no wonder payment processors like it, we may well get it, but I’m not sure we should be excited by it. As I’ve written in the past, though, there’s so much information out there about us now that identity can be verified positively without biometrics. We could also well skip this stage entirely.

About Gary Leff

Gary Leff is one of the foremost experts in the field of miles, points, and frequent business travel - a topic he has covered since 2002. Co-founder of frequent flyer community InsideFlyer.com, emcee of the Freddie Awards, and named one of the "World's Top Travel Experts" by Conde' Nast Traveler (2010-Present) Gary has been a guest on most major news media, profiled in several top print publications, and published broadly on the topic of consumer loyalty. More About Gary »

More articles by Gary Leff »

Comments

  1. It’s essentially what Disney does… ‘Magic Band’ along with a fingerprint scan. They’ve been doing it for years. Was kinda weirded out about it at first too.

  2. Unlike PINs that can be changed, you can’t “reset” your biometrics when someone’s database inevitably gets hacked.

  3. Another issue: I’m a member of the 2-5% of the US population with insufficient fingerprints to “pass” Global Entry.

    I’ve lost count of the number of times I’ve tried to enter the US using GE. I’ve gotten an “X” every time – even with the poor agents making suggestions and empathizing with the not-so-uncommon plight.

  4. I have enough fingerprints to pass GE, but am having trouble sometimes at 24 hours fitness. I hope they will still accept paper boarding passes.

  5. Other than clothes, I wear a wedding ring and glasses on my body, period. No way in hell am I going to wear a bracelet/wristband for the convenience of some payment company. The cluelessness of these clowns is astounding.

  6. Seems to me face scanners work better and more convenient than fingerprints. I like it very much that I can pass through immigration at the German airports – returning from an non-Schengen-country – without standing in line to see an officer: using face scanners with my electronic passport or ID card: Americans and Hong Kong citizens can apply to use that system, too. http://www.easypass.eu

  7. Some great comments here, especially regarding biometrics databases which can (do) get compromised. Worth noting that Nymi has taken a different approach and does not store any of the user’s biometrics. The biometric profile lives in an encrypted state between the Nymi Band and the companion application and never goes to a cloud or server.

Comments are closed.