mczlaw

Sheesh. This is a perfect thread title ^. Always a killjoy about

Spoddy

In a phrase: One-way encryption. Has been used for passwords on computer systems for a long time.

You can take the source, encrypt it in a way that you cannot take the resultant information and reverse it to obtain the original information.
So when you present the original data (fingerprint image/metadata or password) and encrypt it again in the same way, then compare the two results, if match the results match - because it's the same source info - the system then gives a green light.

If done properly your personal information can never be leaked out, because it's in a format that's useless to those who want to exploit it.

Unfortunately, lots of organisations/government entities/etc don't always do it "the right way".

:D!

If someone is screened by security and deemed safe to board a flight, then it doesn't matter who they are.

Whether or not you leave DNA and fingerprints everywhere, the government has no business collecting this information unless a crime has been committed and this would aid in identifying the criminal.

sdsearch

Biometrics may be the future, but even if the TSA were to adopt a biometric, it's not clear AS has suggested the right biometric for the TSA. Customs and Border Patrol already has a biometric for Global Entry (GE), but it's hand scans, not fingerprints. And their (partnered with Canada) Canadian border program NEXUS uses iris scans, not fingerprints.

BearX220

Very true. All across the cyber world the push now is toward "dual-factor authentication" with some biometric element to do transactions or verify identity. The motives are not only the weakness of password/PIN protocols, but that most people by now have dozens of them and use obvious ones or never change them. So passwords are essentially dead, but nobody knows what will replace them: face scan, hand scan, iris scan, thumbprint scan, etc., probably in combination with some digital "key" on your smartphone or wearable device. Premature to say.

And having just taken a couple of stitches in my thumb because I let a wayward stair-rail splinter get lodged/infected in there, I would not like to be denied passage on Alaska because I have a bandage around the relevant digit at the moment (and the whorl may be altered to the point the scanners kick me out). Early crude digit scanners may not be very forgiving. I had a Toshiba laptop awhile ago equipped with a face-scan login feature (as an alternative to typing in a password) and it was ridiculously dysfunctional.

CDKing

GE is fingerprints, 5 fingers instead of just one.

Indelaware

One can certainly imagine an AS committee one-day implementing a requirement that everyone present a finger-print, no exceptions, without ever stopping to realize that there are some people without any fingers to print and a few without any friction ridges on their fingers to print.

I wouldn't be surprised if AS's interest in principally to get people talking about AS.

cova

BA at LHR already takes your picture when you check in and then does facial recognition at the boarding gate to let you board.

CPH-Flyer

Scandinavian Airlines had a pilot project running using fingerprints as ID for domestic flights in 2006-2007. I can't find any references to why it was not put into wider use and ultimately stopped again. But looking at the old articles (in Danish only) there was a good response from the travellers.

Seattlenerd

AS actually previewed this at the GeekWire Summit in Seattle on October 2. They did mention it was based, in part, on the pilot of biometrics for the Board Room (for which I've signed up in Seattle).

Seems the TSA has a lot of info about us already, if we've opted in to PreCheck (including our fingerprints, for those who signed up outside of a frequent flier program).

How is this different from submitting fingerprints for PreCheck? How do you balance privacy vs. convenience in this particular case, if the TSA already has detailed information about you?

FWIW, I'm writing a column about this in the coming week, and if you'd prefer to respond by private message, please feel free to do so.

Doc Savage

But that wouldn't be nearly as amusing....

tusphotog

I signed up in SEA the day they rolled it out there. I use it occasionally in PDX and SEA. It works about 50% of the time and the other 50% I forget which finger I scanned.

The BR management person in SEA explained the scanner takes the image of your fingerprint and changes it to a series of random characters, which are then stored by AS. Those are what are verified when you scan in. Who knows if this is true or not.

MonThruThurs

For GeekWire? I went to the trivia night back in July and am college friends with one of the bloggers -- great stuff coming out of GeekWire!

Seattlenerd

I'm one of GeekWire's two columnists. Shouldn't be hard to figure out which one.

I've written about AS' tech in the past for GeekWire, either as an entire column or as part of a travel-tech themed post.

I'll be writing about this next week, having seen the "preview" at the GeekWire Summit. Mostly interested in the privacy pros/cons, though for me (and anyone else in PreCheck) the privacy issue may be less as TSA already has much detail about me. Part of it will be if this is optional, as it is for Board Room entry now (and even as PreCheck is optional for travelers).

furnace

If "all" they save is the information necessary to reproduce a fingerprint that gets you access to everything that my fingerprint gets me access to, I'm not particularly put at ease by the fact that a close inspection will reveal that it's the fake fingerptint that works just as well is not my actual fingerprint.

Storing fingerprint information — even in this form — seems nuts to me and I would want no part. Poor security practices by private companies has meant that I've had to change my credit card number several times. Fingerprint data is much easier to accidently reveal and cannot be easily changed.

I say no.