Financial institutions are presently investigating the gathering of financial data using wireless communications and a unique private key. In one example, a credit card company is using a wireless transaction system using RFID tags wherein the RFID tag is swiped across a payment scanner. More specifically, a consumer can tap or wave their RFID equipped cell phone at a point of sale (POS) terminal, and an RFID chip then transmits account and payment information to a terminal which is connected to the credit card payment network. The entire process is designed to take only a few seconds.
Critics of the RFID approach are concerned with security problems, particularly with determining who is paying for a transaction. That is, a POS terminal has no way of knowing if the credit card owner is the person using an RFID-equipped cell phone to make the purchase. This lack of authentication can lead to fraudulent purchases.
One way to authenticate transactions is through the use of biometrics, such as, for example, fingerprints, retinal scans, etc. Fingerprints, for example, contain minutiae points, which are defined as unique identification points on a fingerprint where a ridge of the fingerprint joins another ridge or the ridge simply ends. A gathered fingerprint may be compared to a stored fingerprint by comparing the minutiae points using known techniques.
A drawback of such an authentication scheme in a wireless environment, however, is that personal data (e.g., data pertaining to the retinal scan, fingerprint, etc.) is broadcast to any device within range of the wireless communication. For example, a POS terminal and a user's wireless device wirelessly transmit personal data (e.g., regarding the minutiae points of the scanned fingerprint and the saved fingerprint). A third-party device within the range of the transmissions could intercept and store the personal data (e.g., data regarding the minutiae points), which data could be used for identity theft.
Accordingly, there exists a need in the art to overcome the deficiencies and limitations described hereinabove.