Biometric BTC wallet?

[The Cryptovator]

What will happen if user lost his finger in case or he become blind by any accident? If there there is any wallet based on fingerprints or retina then a user might lose his fund. So I am not much interested about this mathode. Perhaps it might be added any wallet as a extra security but there should be recovery options if incase happen any accident. So no one will lost his funds.

[1714693792]

1714693792

[1714693792]

1714693792

[1714693792]

1714693792

[o_e_l_e_o]

What will happen if user lost his finger in case or he become blind by any accident?

Presumably the user would be able to recover their funds by importing their seed in to another wallet. If a wallet does not give a seed when you set it up, then you shouldn't be using it.

Don't get me wrong, I still think biometrics are a horrible method of securing your coins, which no one should use beyond maybe a hundred bucks on a mobile wallet, but backing up in case you lose access to your wallets is a non issue.

[Pmalek]

Don't get me wrong, I still think biometrics are a horrible method of securing your coins, which no one should use beyond maybe a hundred bucks on a mobile wallet, but backing up in case you lose access to your wallets is a non issue.

Listen to this story.

My friend's wife and his daughter went abroad to visit their grandmother. His wife has the FaceID (or whatever it is called) option enabled to unlock her phone. One day he saw a gibberish post on Facebook on his wife's Facebook profile so he called her to see what that was all about. Turns out that their daughter was playing with the phone and the FaceID software recognized her face as that of his wife. She was able to unlock her phone. The interesting part is that the daughter looks entirely like my friend and nothing like his wife. Further proof that this type of protection is not something to rely on.   

[bartekjagoda]

Don't get me wrong, I still think biometrics are a horrible method of securing your coins, which no one should use beyond maybe a hundred bucks on a mobile wallet, but backing up in case you lose access to your wallets is a non issue.

Listen to this story.

My friend's wife and his daughter went abroad to visit their grandmother. His wife has the FaceID (or whatever it is called) option enabled to unlock her phone. One day he saw a gibberish post on Facebook on his wife's Facebook profile so he called her to see what that was all about. Turns out that their daughter was playing with the phone and the FaceID software recognized her face as that of his wife. She was able to unlock her phone. The interesting part is that the daughter looks entirely like my friend and nothing like his wife. Further proof that this type of protection is not something to rely on.   

So what is safe or what would you rely on? Please enlight me

[Pmalek]

So what is safe or what would you rely on? Please enlight me

Nothing is safe if you don't use proper precautions to secure your investments and many things are relatively safe if you do.

There is no need to invent new methods of storing or accessing your coins. We already have hardware wallets, you can use them. Use a paper wallet if you are a more advanced user or multisig options. You can even store your crypto in Electrum or airgapped machines. It all depends on what you have available or what you are ready to invest in combination with your computer habits. Even the most secure paper wallet or hardware device can't help you if you stored your seed/private keys in your email or phone.

[bob123]

So what is safe or what would you rely on? Please enlight me

Depends on your thread model.

What do you want to protect against ? And how much inconvenience are you accepting to take in order to secure your coins ?
A simple password protected hardware wallet already is much more secure than a 'biometric' wallet could ever be.

There are a lot of possibilities and different ways to do so, while something biometric-like is one of the worst.

[TalkStar]

Many of us have already shared their opinion about "biometric" and i am not gonna disagree with them too. Implementing retina or finger print scan system for fund transfer or wallet security wouldn't be a good idea. In both of these system there is higher chances to lose fund from wallet because those are easily collectible. I think maybe OP have got interested because in recent times most of the latest mobile phone brands are providing finger print and face detection features for their users. But mobile phone privacy and wallet security doesn't bear the same value. Where it relates with the matter of users fund there security should be unbreakable.

Yeah you can say that hackers can breach any types of security but we have to choose something which has lower chances. Current password based security system is much safer in my opinion where users could change it when they feel it necessary. But for "biometric" system we can't do it for multiple times specially for retina scanning.

[stomachgrowls]

Many of us have already shared their opinion about "biometric" and i am not gonna disagree with them too. Implementing retina or finger print scan system for fund transfer or wallet security wouldn't be a good idea. In both of these system there is higher chances to lose fund from wallet because those are easily collectible. I think maybe OP have got interested because in recent times most of the latest mobile phone brands are providing finger print and face detection features for their users. But mobile phone privacy and wallet security doesn't bear the same value. Where it relates with the matter of users fund there security should be unbreakable.

Yeah you can say that hackers can breach any types of security but we have to choose something which has lower chances. Current password based security system is much safer in my opinion where users could change it when they feel it necessary. But for "biometric" system we can't do it for multiple times specially for retina scanning.

Im thinking the same way where op do think up about biometric type which can be commonly seen with smartphones but in terms of level of bypass it do have much higher compared to those wallet that do have traditional passcode or keys and just like what been said above that airgapped devices and hardware wallets is already enough.

OT:
On side note with this fingerprint type padlock https://www.youtube.com/watch?v=RxM55DNS9CE is just useless.

[Harlot]

Don't go for it even if there is one. If we are only talking about convenience then this would be great but if you are risking the security of your wallet because of it then it's really not worth the risk. Banks have done this with their apps and one way to avoid abusing it is they added a mandatory pin before you can even send money, the fingerprint was only to access the dashboard part of the app but even that is also a risky move since you are letting other people see what you have in your account.

[bartekjagoda]

Don't go for it even if there is one. If we are only talking about convenience then this would be great but if you are risking the security of your wallet because of it then it's really not worth the risk. Banks have done this with their apps and one way to avoid abusing it is they added a mandatory pin before you can even send money, the fingerprint was only to access the dashboard part of the app but even that is also a risky move since you are letting other people see what you have in your account.

so nobody here is using faceid or touchid?

[buwaytress]

so nobody here is using faceid or touchid?

Look I think it was cool faceid and it is a form of security for corporate and business use devices, and even for consumer devices etc. But these are rather different use cases than to actually be the main form of security for bitcoin.

Biometrics in security for your iphone I'd say doesn't get me worried about someone hacking off my eyes/finger to get into my phone (I realise I'm dramatising). But if I had a sizeable amount in my bitcoin wallet, I daresay I'd be more worried about that.

P.S. I have used touchid for laptop and happy it's there. But I just wouldn't use touchid for a wallet. Others might. Power to them.

[Pmalek]

so nobody here is using faceid or touchid?

Both of those features work but how good and precise are they, that is the real question!
Have a look at what can happen in a real life example from my above post: https://bitcointalk.org/index.php?topic=5175072.msg52384156#msg52384156

Besides, your fingerprints might change or lose quality due to an accident involving fire or boiling water. How are you going to get to your assets if the system doesn't accept your fingerprint anymore?

A biometric wallet is just too big of a risk if you ask me.

[TalkStar]

so nobody here is using faceid or touchid?

Getting password from users brain is much harder than getting users finger print or retina match. That's why most crypto wallet users keep their trust on password based security rather than finger print or retina scan. Maybe some guys think that its better to continue with modern worlds invention but sometime its better to follow old fashioned way to keep us safer from unexpected attacks.

Wallet security system is always far different than our mobile phone or another devices.

 

[suzanne5223]

Don't go for it even if there is one. If we are only talking about convenience then this would be great but if you are risking the security of your wallet because of it then it's really not worth the risk. Banks have done this with their apps and one way to avoid abusing it is they added a mandatory pin before you can even send money, the fingerprint was only to access the dashboard part of the app but even that is also a risky move since you are letting other people see what you have in your account.

so nobody here is using faceid or touchid?

There will definitely be people who use the faceid or touchid but I'm sure that faceid/biometric kind of wallet are mostly used by the Chinese. With that been said, I totally don't support such platform because the system will be abuse sooner or later even if it was created by a private or decentralized company.

[The Sceptical Chymist]

It would be fairly easy to force you to restore your wallet.

All jokes aside, this was the whole point.

I get that, but personally I'd feel pretty secure since nobody I know knows I'd have any crypto on a hardware wallet (or phone, which I don't).  The chances of me getting forced at gunpoint to access my crypto is very remote.  Yeah, anything could happen but chances are I wouldn't run into a situation like that.  It would be much more likely I'd lose my wallet, in which case a fingerprint-dependent login would be extremely useful.

I wasn't even aware that biometric flash drives are being made.  I happened to come across some for sale on Amazon when I was looking for a flash drive that could be encrypted.  I think it'd be an awesome idea for Ledger or one of the other manufacturers to make a wallet with this technology.  Sure, things can go wrong....but they can always go wrong anyway.

Maybe some guys think that its better to continue with modern worlds invention but sometime its better to follow old fashioned way to keep us safer from unexpected attacks.

I get your point and I respect it fully.  But I'd still like the fingerprint tech to be applied to hardware wallets for those who'd want them.  I'd sure be interested in something like that.

[The Cryptovator]

My friend's wife and his daughter went abroad to visit their grandmother. His wife has the FaceID (or whatever it is called) option enabled to unlock her phone. One day he saw a gibberish post on Facebook on his wife's Facebook profile so he called her to see what that was all about. Turns out that their daughter was playing with the phone and the FaceID software recognized her face as that of his wife. She was able to unlock her phone. The interesting part is that the daughter looks entirely like my friend and nothing like his wife. Further proof that this type of protection is not something to rely on.   

Yes, that's the disadvantage. Another thing is, if Biomaterics failed to connect server. It has been happend on real life. Currently I am working abroad and I have to give fingerprints or face to the machine. Means company collecting attendance by a face/fingerprints machine. So some machines not recognized to me. Fingerprints was not working sometimes even face. So I had to inform authority directly. So if this happen for Biomateric wallet then it would be very hard to move your fund. You might not able to make transaction when you need and you should contact support regarding your issue.

[Bitcoin_Arena]

Is there any biometric wallet (i am not talking about simple FaceID or TouchID login usage) for crypto wallets?

I have been looking but not found any good solutions.

Anyone?

Well to be on topic rather than discuss the advantages/disavantages of biometric over pin or password...

The wallets i have used so far that have the feature you are looking for;
- Coinomi Mobile uses Finger Print ID
- imToken 2.0 Mobile Version uses finger Print ID

Pin is usually the default option, you have to set up the Finger print ID after creating the wallet.

[joniboini]

Is there any biometric wallet (i am not talking about simple FaceID or TouchID login usage) for crypto wallets?

- Coinomi Mobile uses Finger Print ID
- imToken 2.0 Mobile Version uses finger Print ID

The wallets that you mention above basically use 'TouchID' (fingerprint authentication).

Another thing is, if Biomaterics failed to connect server. It has been happend on real life. Currently I am working abroad and I have to give fingerprints or face to the machine. Means company collecting attendance by a face/fingerprints machine. So some machines not recognized to me. Fingerprints was not working sometimes even face.

I'm pretty sure the failures that you see is not because of connection problems but detection problems. Either the base data that was used to check is faulty, or your log-in process has issues. Some machines can't do their job if you have too much sweat on your finger, for example. Better tell your company to buy a new one. My sister is having the same problem with her office check-in mechanism, and I can say for sure that the device does not need the internet. The fingerprints data are stored offline.

[The Cryptovator]

I don't know about biometric authentication for company, but biometric authentication information which used on Android/iOS is stored on local device, so internet connection isn't required.

Most likely you are talking about phone lock. Almost all new Android phone coming on markets with fingerprint feature. It can't be compare with Biometric wallet. If there is Biometric wallet then it should be attached individually for each wallet (not with phone)

Besides, if you use wallet which uses side-server biometric authentication, then most likely you use custodial your wallet and it's the risks of using custodial wallet.

That's what I was talking about. Not only risk, there would high risk.

I'm pretty sure the failures that you see is not because of connection problems but detection problems. Either the base data that was used to check is faulty, or your log-in process has issues.

Of curse there was detection problem. And what will happen if this detection problems occurs during your transaction on Biometric wallet? You will not able to make transaction when you need.

[Hal9900]

I started a thread about another biometric wallet, ZenGo, and I was informed about this thread here where more people are involved. Here are the posts so far and I'm curious what you computer experts think of this new wallet:

A few weeks ago I heard a podcast with Anthony Pompliano and the founder of ZenGo, which uses ZoOm, a facial recognition security app to secure Bitcoin. I’ve had a couple of discussions with Ouriel Ohayon from ZenGo about the benefits of ZenGo over Ledger. In comparison, Ledger already seems antiquated but has ZenGo been vetted enough to trust that ZenGo is secure? Since ZenGo uses ZoOm I can see how one party would blame the other party if hacking were to occur. I am not a security expert. What do you all think of ZenGo?


There's a discussion about using biometrics to secure your wallet here: Biometric BTC wallet?
The TL;DR is that it is generally a bad idea as it is far more easily broken than a strong password or passphrase.

In terms of the ZenGo itself, I've not heard of it before, but I've had a quick poke around their website. There are a couple of things which give me some concern.

Firstly is that they extensively use cloud servers for back up. Both the client share on your phone, and their server share which they store, are backed up to the cloud. You don't need me to tell you how poor cloud security generally is - you can do a simple web search and see story after story of cloud servers being hacked.

Secondly is their recovery mechanism. If they go out of business, then they have an escrow who will release a master decryption key so all users can still access their private keys and therefore their coins. That's great, but it means there exists a single point of failure for their entire system - the master decryption key. This has been created and transferred to an escrow. We have no idea how many copies of it exist, how many computer systems it has been on, how many people have had access to it, or how good the security currently protecting it is. It's a massive vector of attack, as if someone gains access to it, they can potentially gain access to every coin held by every owner of one of these devices (and as we said above, with all the back ups being stored on the cloud, this is a real concern).

@o_e_l_e_o

Thank you for your input. Wow, I am glad I did not move my coins to ZenGo yet. I am not technologically minded so I need to rely on you experts here. I don't feel comfortable leaving my Bitcoin on Coinbase and using a Ledger with a 24 word seed phrase just seems antiquated, like I said before. Is this really state-of-the-art? Also, like I said before ZenGo uses ZoOm facial recognition. I am not sure that ZoOm is equivalent to the biometrics in your link. Can you check out the white papers on ZoOm and let me know what you think?

https://www.zoomlogin.com/#page-blk-white-papers