Topic: Block's plan hardware wallet with fingerprint sensors... (Read 344 times)

This is what happening in reality as they would posses that enhancing security is best way to safe you but on the other hand wants to collect your personal data also.We are familiar with crypto exchanges,wallets data leaks of clients on dark web so this is how we make our funds more secured?

The biometrics can save you time but it can save your funds it's not guaranteed as there are so many problems associated with it but they are not focusing on it.

Seed phrases are traditional way of securing your funds but they are offline not on blockchain as it's open ledger and you can't post something personal or secret there.

I think too, that biometrics in such hardware wallets will be used as an extra feature, something like unlocking apps on an iPhone with a fingerprint, which can be disabled in the settings. Still, seed will be the primary method, because a fingerprint cannot be digitised in a blockchain. And I wouldn't trust such wallets that use biometrics because you are identifying yourself with specific addresses, which is not secure.

Depends on the wallet they can make it primary or secondary and also depends on the user, some like to have an easy access to their wallet so they might like it to be as primary security while some will stick on the old school which is by using private key, seed phrases and alike.

Fingerprint technology are not new but they have been released before in the early smartphones and I think inventors of it already know the issues and vulnerabilities so they probably improve the technology by now. Phones right now holds everything including finances, much more if it's a hardware wallet alone? improving the security is really important for this matter.

I think fingerprint security is going to be a secondary security measure and access to carry out transactions and the seed phrase or wallet key will still be there if I understand the article correctly but what the new does not contain or I failed to see is the statues of the wallet whether if it's will be a custodial or noncustodial wallet this will give us more clarifications on the fingerprint feature I wallet. As others have rightly said, the fingerprint is not secured security 🔒 feature as fingerprint can easily be bypassed via many means but if it an additional security just like we have in our trust wallet as access means but not for the restoration of the wallet. Placing the fingerprint feature as the key security to the wallet may be a big turn-off to many.

incorporating finger print into hardware wallet will be the worst innovation, if Dorsey should finally implement this my candid advice is for Bitcoin user to avoid such wallets because hackers might start working on softwares that can register and save fingerprints that has been captured once and Bitcoin investors will no longer be safe because many might face the risk of finger amputation using a well advance technology to preserve the finger from decay or deterioration

Well if we are talking about the upgradation then why don’t they think about the Retina scans for that matter. If skin looses the elasticity over the age then eyes don’t. They stay as it is until your last breath. Just hope that your eye does not fall off with the time. Lolz.
I think what we have currently is way more than enough as security. May be they can add 2FA by connecting with Google Authenticator or add SIM slot so that it can turn into private network mode and receive the OTP for verification. This way no one has to worry about fingerprints or retina scans.

What say?

I posted in another thread about this, but beyond the good and bad of the fingerprint, they probably want you to use their app & software so they can track you better.

https://bitcointalksearch.org/topic/m.59307599

This is how integrated block / cashapp is within their ecosystem. Do you want to give them knowledge of your BTC spending habits?

-Dave

This made me think on something funny worrisome, although not related to the fingerprint scanner: since it will not have any screen at all, how would somebody get to backup (and restore from) the seed safely offline?!
Quite an odd design, no matter how kind I want to be towards this project. Indeed, I don't see why one would buy this.

I do not think that many will run to buy this wallet with a fingerprint, because there are many factors that can affect the owner of the wallet independent of him, for example...the sensor on the wallet broke or lost the wallet, it was synchronized with the fingerprint, so far there are more questions.

I’m pretty positive that they’ll use the fingerprint scanner as the default primary security access method, as it is impossible to conceive there being no fall-back method.

Their march edition update status points in this direction, although nothing is a done deal yet:

One additional thing to consider, and here others will be able to chip in with better contextual knowledge, is whether the authorities can or cannot ask you to unblock the device using biometrics (likely state and/or country related).

I read this article for example, stating that opening a device protected by biometrics could not be demanded under certain circumstances, whilst (see this other one) stated the opposite, and seemed to represent the more generalized stand in the US (as opposed to pins and passwords, which could not be demanded).

See also:
https://medium.com/@GadgetHax/how-to-keep-law-enforcement-out-of-your-face-id-touch-id-devices-92f66299387

Actually, I don't think finger prints are safe to control hard ware wallets despite the fact that it's a good idea. Am afraid it may not be necessary

Therefore, it is not clear to me why anyone is thinking in that direction at all, because the negative aspects of biometric methods are, in my opinion, much greater than any benefits.


This could be avoided by adding a PIN to the fingerprint, as is the case on smartphones where in case you fail to unlock the fingerprint device for some reason, you get the option to do so with the PIN you previously set. It often happens to me that I can’t unlock my smartphone with a fingerprint located under the screen (often after washing my hands), but a PIN is always there as an alternative.


If someone thinks this would give more security, maybe the seed could be combined with a fingerprint, so in case someone steals the seed he has some extra security with biometric data - something like a biometric passphrase - although I don't know how technically feasible.

Yes there are many security related issues which could be used against the person and turned out to be more dangerous by providing such fingerprint security sensors.As i have mentioned in the @OP also like there are some diseases in which person lost his skin tissue and it becomes impossible for them to recover it overtime which means he cannot access his funds so how could it help them?

Seed phrases are more conventional way of storing the funds as you can have it's backup on steel washers and in many other ways but if you're hardware wallet owner with these sensors life is at stake as you just need one click to unlock the funds so it's not much of good thing to do.

Sometimes the software the company has installed in the devices to recognise the fingerprint sensor become unresponsive and you can't unlock your device.The other reasons you have mentioned like dirt, sweat and some stickyness on the skin could be resolved easily but some major issues such as skin damage is unresolved.The fingerprints tends to remain the same but they could lose the elasticity if you are involved in some kind of labour work with chemicals involved so how come you solve these issues? The 3D face recognition technology is advanced and we don't know how will they implement it properly as it could also be broken in extreme cases according to me.

My first reaction was "this is crap, this is no longer a hardware wallet". (I've said it nicer: "I fear that this HW is designed more for hype than security...")

But at a second thought... I see a paradigm shift towards increased convenience and decrease of security. And it can be OK for somewhats safekeeping non-life-changing amounts of money from internet hackers.
And it may open the need for a new classification of hardware wallets. Because:
* some can transfer data even without cable or NFC (eg with SD card); PIN; screen for viewing tx; open source; Let's say that's security 9+ (although the one I know may be lower security because it can be also used with cable)
* some have cable; PIN; screen for viewing tx; open source or not; secure elements or not; Let's say security 6-8?
* some have NFC; PIN; screen.. maybe security 4-5?
* this one has NFC, no screen for verification; tx seen on online app? security maybe 2-3?

(I know that the security scale is far from best and far from accurate, it's just some sort of idea).


The point is: is this "hardware" wallet safer than using only a software wallet alone? Probably (depending though on how their wallet will look like).
It's clearly not what I expected from the new hardware wallet to come, I will most probably not advise people buy it, still.. well.. it can be somehow seen as a hardware wallet.

It is now coming to a time someone can be sleeping and another person can just careful hold his finger to unlock his hardware wallet, or should we call it a time coming when robbers can know more about hardware wallet that uses fingerprint, all needed is the person's finger to unlock the wallet. Or maybe other security features will be included that will make these types of things not to happen, but I doubt that. I can never use such a wallet, I will always prefer the ones that only uses password and pin.

I was blown to see they are including biometrics on a hardware wallet. If they are, I have strong doubts that this will be the only way to verify. For example, you will not be able to sign a transaction with your fingerprint alone; the verification process would likely include a PIN of some sort.

Like you, I agree having biometrics would not be a very safe way to secure a wallet. Especially when you consider our favorite $5 attacks.

Accessing wallets through fingerprint is a good idea but some certain factors have to be in considerations, first in my opinion is the category of the type of wallet that can support fingerprint, where we have hot wallet recommendable to this such as mobile wallets which have their private keys stored online.

The second consideration is the devise in use and cold storage wallet cannot be consider for fingerprint because it security measure  is high and mostly are desktop wallets which keys are stored on a paper and it usage for fingerprint can not be suitable as in hot wallet

The non-recognition problem that occasionally occurs in security using Fingerprint I have and often experience. That's because the fingerprints are covered by dirt so they can't be read properly. and it will also not work when a fingerprint is damaged, so need to be re-verify.
A fingerprint is currently only security that is paired with several other easier optional security such as Patterns and Numbers.
Maybe security will also be added using 3D Face Recognition LOL.
Nothing will be safe when we make mistakes or negligence as device users.

Dorsey seems to like finger print scanners as part of the solution to secure devices, since around the time the iPhone 5s came out with its first Touch ID implementation.

The fact that using current day devices, with finger print scanners of all sorts (security lock, smartphones, laptops, etc.), render non-recognition issues every now and then (I’ve had recurrent problems with the said devices), certainly goes to show that, leaving aside all good points such as those mentioned in the OP, it cannot be the sole access method, but a complementary one at best.

The battery that is going to be required on the device is another potential point of failure (as we’ve seen with one of its competitors, even though I figure they’ve got that on their mind and plan a (way) better build.

They also mention the need to hook it up to their new App, but I haven’t seen a reference to it being hookable to other frontends, and bearing in mind that it won’t have a screen, there is that concept of verifying TXs on the device, that you do on most current hardware wallets, that won’t be doable on its own. This feature is one of the ones that builds to the security checks one performs, so I’m not sure how they plan on tacking that.

I'm glad that they're making an effort to help the community, but it seems like they're doing it to pat themselves on the back more than anything else.  They keep talking about how great the process is going to be to build this thing, but I'm unsure if people really want to own a hardware wallet in the first place.  Sure, maybe for cold storage if they aren't using an intermediary already, but with most people using their phones for purposes like this, I don't think this will be some game changer for crypto.  When your product can be replaced by a piece of paper, you have to wonder how groundbreaking it really is.  I doubt most people will have a need for this, but it's still cool.