At the risk of upsetting a certain anonymous commenter, here’s some more news from the burgeoning Metropole development. It seems that Vida Fitness, the gym in the basement of the Metropole, is so modern that you don’t even need a key card to get in. Instead, Vida keeps your fingerprint on file and scans your finger for entry. It’s like Mission Impossible with Bowflex machines.
Now, I’ll be interested to see if people are generally accepting of this practice. Obviously, as mentioned in the article, there are privacy concerns whenever fingerprints are involved, and particularly so when the print is linked to a monetary account. I know that back in Iowa a grocery store (ah, how I miss you, Hy-Vee) tried out a similar system where you could pay by scanning your fingerprint, and it definitely didn’t catch on. Maybe tech-savvy Washingtonians will be more comfortable with the idea.
Vida owner David von Storch, naturally, dismisses the privacy worries:
But von Storch says the fingerprint is discarded just the numbers are maintained so there is little risk to the member.
“We can’t retro engineer or re-engineer your fingerprint from that information so there is no real security or identity theft concerns,” he said.
I’m not really a techie guy, but this seems, frankly, like a lot of crap. When Vida’s computer scans your finger, it has to compare the image to something in order to identify you. Even if what Vida stores is not a literal image of your fingerprint, the stored data would obviously have to be representative of the print in a translatable manner. I’m really not trying to be a naysayer here, but I’ve got to think that someone with a little unsavory knowledge would be able to use the stored fingerprint data just the same as an actual image.
But, again, not a tech guy, so I could be wrong about all of this. Hopefully the futuristic endeavor works out for gym-goers. What I really want to know, though, (and I think I speak for the whole neighborhood when I ask this) is when are the fake Oscar statues coming back??
I deal occasionally with fingerprinting and it’s important to remember that your fingerprint isn’t being compared to a fingerprint on file.
When you first give your fingerprint, the system turns its unique identifiers (points) into a string of numbers. Even if that string were stolen, from what I understand it’s nearly impossible to reconstruct even the unique points, let alone a full fingerprint, because of the decentralized and shifting algorithms. And I’m sure they’ve thought of a simple search and compare if you manage to crack and extract from both the reader and the processing database.
Encryption also means that attempting any of this would take the resources of the Russian mob or an intelligence agency. After all, fingerprint ID is good enough for the NSA and many vendors sell commercial packages that are nearly NSA-level.
Here’s a good explanation (from a vendor but matches what I’ve seen/heard): http://www.secprodonline.com/articles/49751/
I wouldn’t worry about this. Oh, and for full disclosure I’m a buyer in the building (can’t wait to move in finally!) and hope the statues return permanently :)
Sweet, thanks for all the info Justin!