Question for the people in the replies here. What's wrong with this? This is done for convenience no? I see the same people poo pooing this but are totally fine uploading and storing all theirs and their families pictures, documents, messages, payment records etc in iCloud.
What's up?
I have a similar feeling. In spirit, itâs not too far off from going to a neighborhood store where you have a tab, and the proprietor adds your current purchase to it.
Technologically, it replaces the neighborly, human-based facial recognition with computer-vision based palm recognition, and instead of owing the establishment, you owe your credit card provider.
The question in my mind is always around the attack vector. What can an attacker do with this if I choose to use it?
Itâs for this reason that I donât use biometrics (fingerprint or face ID) to unlock my phone. An attacker could, say, unlock my phone by overpowering me, or while I was sleeping. But if my unlock code is information, they canât take it from my person without my willful assistance. (Backdoors apply to both methods so itâs a wash).
So what could an attacker do with the information of my Whole Foods palm print? In principle, they could charge a bunch of goods to me. But the video and other evidence would show that I wasnât at the store. The credit card would claw back the funds and make me whole.
Overall, the palm-for-credit model doesnât trigger my immediate rejection.
