Experiential
Computing
Blog

Not All Fingerprint Authentication is Created Equal

Jul 21, 2015

By Ritu Favre


Secure Fingerprint AuthenticationThomas Jefferson, in the Declaration of Independence, is famously credited with the assertion that all men are created equal. That time-honored position on equality, however, doesn’t necessarily apply to biometric security, because not all fingerprint authentication is created equal.

In the biometrics space, fingerprint authentication protects devices and the data they access, and ensures secure transactions. But whereas the use of fingerprint recognition may be common in those applications, the similarities end there; the technology behind authentication varies, as do the levels of security they provide. 

To fully appreciate the distinctions, let me provide a little background.

Biometric techniques for user identification enjoy the advantage of making user authentication more secure while also making the verification process more convenient by eliminating passwords. Fingerprint sensing is by far the easiest and most cost-effective among available biometric techniques.

The simplicity and inherent certainty of fingerprint sensing have made it central to user identification and authentication in mobile devices. Additionally, it plays an increasingly central role in point-of-sale transactions, ranging from retail and banking to facilities access.

The fundamental requirement in fingerprint sensing is making a positive match with a known representation of the user’s fingerprint. The sensor is used initially in an “enrollment” process to store a representation of the fingerprint, which then gets used during every subsequent access and authentication attempt. Note: In order to ensure user privacy, the best practice is to store an encrypted template of the proprietary representation of the fingerprint, and never a copy of the actual fingerprint image itself.

Common today in fingerprint authentication is Match-on-Host technology, where the fingerprint module captures the fingerprint image and sends the data for processing to the host processor or other external processor. While popular today among many smartphone manufacturers, Match-on-Host security, even if it occurs in a trusted environment, is susceptible to malware and other attacks on the host system. This simply isn’t on par with that of a new architecture called Match-in-Sensor technology.

Match-in-Sensor dramatically raises the protection level against on-device threats. Through a purpose-built, fully encapsulated system-on-a-chip (SoC) architecture, Match-in-Sensor isolates fingerprint enrollment, pattern storage and biometric matching — all within the device’s fingerprint sensor. In contrast, Match-on-Host has neither the processing power nor the memory to achieve this, so it must rely on the host (or a separate processing element) to perform the matching function.

With mobile payments depending more and more on fingerprint authentication, there’s an increasing concern among smartphone makers and their users about security risks and threats of attack. Match-in-Sensor technology, therefore, is taking on a greater level of importance to counter those threats.

At Synaptics, we’re very proud to be the industry's first and only provide of fully hardware-encapsulated fingerprint sensors, which allows our customers to offer significantly stronger protection in their products. Data collected and managed by Match-in-Sensor is stored in the sensor itself – completely isolated from the host system, which is vulnerable to hackers. Nor do the sensors store the actual fingerprint image; the sensor instead creates a template, encrypted with 256-bit Advanced Encryption Standard (AES) technology, that can’t be reconstructed. If the host system is compromised, the biometric data is still secure, as it never leaves the fingerprint sensor module.

There’s a range of applications to which Match-in-Sensor technology can provide a powerful level of protection that augments host-based security: smartphones, tablets, personal computers, computer mice and keyboards, docking stations, and automobiles, to name a few.  And with legislation underway that dictates security for electronic commerce, financial transactions and health records, the stringency enabled by Match-in-Sensor technology is imperative.

As the industry’s only provider of sensors to feature this emerging Match-in-Sensor technology, Synaptics has earned a prominent position at the forefront of biometrics-based data security. As the deployment of our new Match-in-Sensor progresses, it will become increasingly clear that, while biometric-matching techniques may seem essentially similar, not all fingerprint authentication is created equal.

Ritu Favre
Senior Vice President and General Manager of Biometrics Products Division (BPD)

News & Views

博客

想象一下传感器和人工智能将会如何改变我们的工作场所。

让我们想象一下,比如十年后的一天,如今智能家居设备背后的技术已经在工作场所变得无处不在。计算能力将不再局限于服务器机房和笔记本电脑等独立设备。各类传感器将几乎融入工作场所的每一处。所有这些将完美匹配具备人类感知智能的设备,…

无论你是否意识到,我们都正在进入人机感知的智能新时代。在新突思(Synaptics),我们正在帮助客户通过新一代的产品和服务创新引领人机界面的未来发展。基本上,新突思结合了易用性、功能性和美观性,使产品能够帮助我们实现更高效、更安全和更愉快的数字生活。…

想象一下,如果十年前的你今天早上出现在你的卧室里。什么会使她惊讶?你的孩子已经12岁了,并且你搬到了一个更大的房子里。这些都是可以预料到的。新技术看起来并没有什么未来感。现在的手机比过去大了一些,使用电力的汽车也多了一些,但即使是最先进的高科技设备也与十年前没什么不同。(好吧,…

查看全部

Synaptics WeChat

接收最新消息