[OPLINLIST] Smart phone Library Card application

Mon Aug 22 11:42:56 EDT 2011

I'd actually like to see some more discussion on the security aspect of using barcode apps on smart phones.  I think Dan Will brought up an excellent point about patrons being able to enter any number they like.  I can see this becoming a huge problem.  Anyone tech savvy enough to use such an app will figure out that they can enter any number they like.  As long as the barcode meets the check digit, they can literally use anyone's account.  

Personally, I'm thinking that if we accept it, we need a photo ID as well (as the original poster asked).  

One person said: "there isn’t a way to verify that the person holding the card is the person you issued the card to, so why would the device be any different?", but I see it as being very different.  A physical card would have to be lost for someone else to use it, and the patron can report it lost/missing.  With a barcode app, anybody can use my account even though my physical card is safely tucked away.

Thoughts anyone?

Thanks,

Avery Shifflett
Carroll County District Library

========================================================================================

Bruce,

   I have not seen this and since I don’t have a “smartphone” I won’t be using it but, my opinion is that the library card was given to the patron as their method of identification. They knew that when they got the card. They cannot (reasonably) expect you to accept something else.  What prevents the user from putting just any number in the app and have it create a barcode that might actually be someone else’s number? I can see where this might be something to work towards for our patrons but, I think we need a way to control the id creation (unless there is security controls that I am unaware of).

Be interesting to see how this plays out.

Dan Will
Technology Supervisor
Meigs County District Public Library
willda at oplin.org
740.992.5813
740.992.6140 (fax)