On The Insider: Britney's Bikini-Clad Top 10
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 5 of 62:
Next »
« Previous
Biometric Security Hoax
John,

Not necessarily. I work with Biometric readers for our time-and-attendance system. Bio readers do not necessarily capture your fingerprint - what they capture is a template of "interest points" that is unique to the individual. While a fingerprint capture is certainly POSSIBLE it's not required.

What happens is the bio reader generates a mathematical template - I.E. "password" that your finger uniquely produces. On the verification pass, you present your fingerprint again and the reader re-generates the template. The validation part is where the 2nd template is compared to the first. The match must be within certain percentage points - I.E. the template generated the 2nd time must look "substantially" like the one stored.

While the techology to "capture" and "reconstruct" your fingerprint certainly exists, it doesn't have to be used that way. IOW - just because a fingerprint template is stored for you doesn't mean a third-party can just "duplicate you" if they have the template. They would have to have a finger that the reader re-calculates a template just like yours to make it work. The templates are often encrypted data that has no reverse translation. This is called 1 to 1 verification.

Biometric validation isn't really a hoax. Believe it or not, doing validation that way instead of using passwords could greatly simplify some things. Biometric finger scanners installed on PC's (provided they standardized the mechanism of template generation) would be, actually, quite convenient. When you go to a website that you've registered at previously, you would simply present your finger instead of having to remember a password - your unique template would match the one on file at the website and you're in.

There's no more inherent lack of security with stored finger templates than there is with passwords. Just the fact that the templates are much larger data fragments (several hundred bytes) actually DECREASES the possibility that someone could just "hack" your identity.

-CB wink
Posted by: CodeBubba   Posted on: 11/18/04 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

Passwords: Forget your Gates  Xunil_Sierutuf | 11/16/04
And how much will that cost  Arrg | 11/16/04
It's costing you not to have it....  rock06r | 11/16/04
Biometric Security Hoax  JohnMinn | 11/17/04
Biometric Security Hoax  CodeBubba | 11/18/04
Biometric Security Hoax  stephen0838_z | 11/18/04
You gotta be kidding  theace18 | 11/16/04
no kidding...  linuxoverwindows | 11/17/04
Sure thing, Bill  alterego_z | 11/16/04
640K should be enough for anyone  SC-man | 11/17/04
managed biometric data  +-Chris-+ | 11/16/04
re: managed biometric data  alterego_z | 11/16/04
Why Not? If Bill Says It's Ok, Then I'll Do It!!  itanalyst | 11/16/04
Start with your ATM card  rock06r | 11/16/04
You do know that  FilledOut | 11/17/04
Hilarious!  marksashton | 11/16/04
ABMers are good at cutting and pasting the same reply. (NT)  NonZealot | 11/16/04
What's an ABMer?  voska | 11/16/04
Anything But Microsoft (ABM)...  DigitalKid | 11/16/04
geekdom  SC-man | 11/17/04
Hilarious  esblake | 11/17/04
Dumbest post here (nt).  doe_z | 11/17/04
lol  linuxoverwindows | 11/17/04
Huh?  mds_z | 11/18/04
thank you for your permission, sir.  linuxoverwindows | 11/17/04
Congratulations!  StanWest | 11/20/04
The problem is....  Nigel Johnstone | 11/16/04
too simplified  rock06r | 11/16/04
Well said.  doe_z | 11/17/04
Passwords are still required  voska | 11/16/04
Easy to hack tools or Bill Gates wants everything you have.  Vily Clay | 11/16/04
Really...?  rock06r | 11/16/04
They keep Biometrics on MS OS/servers ... Should I continue? (NT)  Vily Clay | 11/16/04
Please Do  s31064_z | 11/21/04
Maybe you can show your brains first?  Vily Clay | 11/22/04
Easy to hack  SC-man | 11/17/04
Replace the worse with better and go on. (NT)  Vily Clay | 11/17/04
just open all the windows  linuxoverwindows | 11/17/04
Hey, the Title Changed!!!!  coffeenite | 11/16/04
not to mention  linuxoverwindows | 11/17/04
Forgetting one major problem  AbsolutelyNot | 11/16/04
good point  linuxoverwindows | 11/17/04
Said it before,  FilledOut | 11/17/04
Re: 640 K  NoDogs | 11/17/04
Maybe it is a case of sour grapes  dbriscoe | 11/17/04
MSLinux.NET  linuxoverwindows | 11/17/04
crap, i spoke too soon!  linuxoverwindows | 11/17/04
biometric ID on the old system?  trm1945 | 11/17/04
The Bill and Steve comedy company  Roger Huffadine | 11/18/04
Chip in wrist | forehead! Yeah!  kwalker_z | 11/18/04
SmartCard? Been there, done that  wupdike@... | 11/18/04
where is the future of smartcards?  davidcarta | 11/18/04
The Mark of the Beast  RexBallard | 11/18/04
"Mark of the Beast"  PhoenixStorm26 | 11/18/04
Of course it's coming, but...  robspcfixerupper@... | 11/18/04
Focus on Technology  myohmy | 11/18/04
Another step in the WRONG direction  jgoodman_z | 11/18/04
Rights?  joeclectic@... | 11/18/04
Lost, but not forgotten...  tgbayly@... | 11/18/04
Another strategy to push propritary .NET  steitel | 11/18/04
Bill's kinda Passe himself these days  StanWest | 11/20/04
1500 Million installed SIM cards in GSM...  Theo19 | 11/21/04

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
advertisement

SmartPlanet

Click Here