Thumbprint required for auto purchase in CA
This is surreal:Â
Imagine you’ve gone through a multiple week process to purchase an automobile.Â
You know the drill. Research every feature, pick your color, then, it’s negotiations for purchase price and for trade-in. Everything is done and agreed upon, and excited, you are ready to hand over the check and collect your new car.
But wait!
You are handed a slip of paper and told to mark your right thumbprint in a box. The paper says clearly that it’s a request, for your protection, and to prevent your identity theft.Â
When you politely decline, the dealership refuses to sell you the car.Â
This is precisely what happened to me today when I tried to purchase a new X3 at the South Bay BMW dealer in Torrance, California.Â
Go check out the rest of the story, it’s an interesting read. Especially considering recent reports that Chase Bank is now refusing to cash checks without a thumbprint, this is becoming a serious privacy issue.Â
South Bay’s claim is that, even though the customer was willing to pay in cash, that that biometric data was necessary to prevent fraud. Either I still have an abundance of post-surgical meds coursing through my veins, or I am not nearly as smart as I fancy myself. In either case, I am begging somebody to explain to me exactly what kind of fraud this prevents and how it does so?Â
Personally, I have no intention of submitting biometric data to anyone who does not possess a court order to collect it. Not only is this a gross violation of consumer rights (unwritten, to be sure) but it clearly creates a superfluous security nightmare given the apparent inability for organizations ranging from hospitals to private companies to the US freakin’ government to protect the privacy of their own databases. Hell, if the VA can’t keep it together, my faith in South Bay BMW to protect my privacy rates somewhere around my belief in unicorns.Â
Comments
Re: Thumbprint required for auto purchase in CA
That argument is ridiculous. Using fingerprints for identification is not much different than using a driver's license. They are both photographs that can be used to verify someones identity. In fact, you use biometrics every single day of your life without even thinking about it. When you pass a friend on the street you identify them by the shape of their face, color of their eyes, the pitch and timbre of their voice. These are all forms of biometrics. A copy of your fingerprint provides absolutely no useful information. Biometrics aren't the privacy concern, it is the wealth of information stored in various databases like your bank account that are the concern. Biometrics is simply a method of identification or verification that can help secure these databases.Ridiculous? Think again...
To a certain extent I understand your point. However, one of the major problems with using biometric identification is the perception of finality that comes with its use. Using your eyes to identify someone on the street based on facial recognition is not even in the same league as providing an indelible record of your thumbprint. Photos (including drivers licenses) may be manipulated and are therefore subject to credible doubt and/or recourse in the case of their misuse. Biometric records such as thumbprints, DNA, etc. are subject to such a high level of statistical confidence that they are beyond question as a means of identification. This, of course, is why they are used as security measures and, consequently, why they should never be recorded and maintained in anything less than the most secure databases. To use your example, imagine two instances of database theft (for identity theft purposes). The first involves the theft of my drivers license, the second my thumbprint. In the case of the former, I (or the responsible party) retain the ability to report the record as stolen, have a new number issued, and flag the old record so that the offender may be identified should s/he ever try to use it. In the case of the latter, I have ZERO recourse - I can't have my thumbprint reissued (obviously) and have now forever lost any security my thumbprint may have once held.Re: Thumbprint required for auto purchase in CA
The thing is, I mean, they've have to had access to all of your information anyway, most likely, to process the sale-name, address, social security number. If they cannot reasonably verify your identity that way, how the hell do they think a thumbprint is going to help?
Very troubling indeed.