Synaptics to Add Inexpensive Fingerprint Reader to Any PCby Anton Shilov on June 2, 2016 10:00 AM EST
- Posted in
- Trade Shows
The importance of biometric authentication is growing these days because passwords, which are easy to remember, are usually not strong enough, whereas complex passwords are hard to remember and enter. While many new mobile devices feature fingerprint reader and some even have an iris scanner, there is a fleet of legacy PCs that do not support any biometric sensors. Synaptics has developed an inexpensive USB dongle, which can add a fingerprint scanner to any PC. The company will offer the device to its customers later this year.
The Synaptics fingerprint USB dongle is based on the company’s Natural ID technology that relies on capacitive touch sensing and SentryPoint security features. The device is small enough to remain unremarkably installed in a USB port, hence, users will not have to carry it separately. Synaptics calls its dongle “Turnkey USB Fingerprint Solution”, but does not disclose the model of its sensor used by the device, or the encryption type supported by the product because there will be several types of dongles with different feature-set.
Synaptics’ latest fingerprint solutions support AES 256-bit encryption, but keep in mind that the scanners and supporting software never store the full image of a fingerprint and support a number of security layers. The hardware and software work together to take an abstract of a fingerprint in a propriety format (using a proprietary alghorithm) and then encrypt this data. Even if the abstract is decrypted, it would be impossible to reconstruct a fingerpritnt. The only security-related information that Synaptics discloses about the dongle is that it is certified by FIDO (Fast IDentity Online) and is compatible with Windows Hello and Microsoft Passport (i.e., Microsoft Windows 10 operating system only).
The USB fingerprint scanner is a finished, ready-to-use device, which Synaptics will offer to partners, who will then be able to either bundle them with their computers or simply resell them to interested parties under their brands. Pricing of the device will depend on exact configurations of the hardware, but should be "well below $50", according to Synaptics.
Synaptics is demonstrating its USB fingerprint scanner at Computex this week, plans to sample the product in Q3 and start to sell them in Q4.
Post Your CommentPlease log in or sign up to comment.
View All Comments
BurntMyBacon - Friday, June 3, 2016 - link@Carmen00: "How exactly does the authenticator check that your fingerprint is the correct fingerprint? It must store a hash of the fingerprint to do so - there is no other way."
There is another way, though I doubt they use it. When scanning your fingerprint, they could use the direct output of the algorithm as a "biometric" key for encrypting the private key. No need to store it at all. Rather than compare to a hash, it would simply try to decrypt the private key. If the decryption fails, you have the wrong biometric key. In this way, the biometric information is never stored. Assuming the scan algorithm is even uniquely reversible, you'd have to crack the encryption algorithm on the device to get your prints. There have been no successful attacks on the AES-256 algorithm last time I checked so its up to the implementation. Even then, we know that they (Synaptics) only use a part of the biometric information in the first place, so the prints would not be complete and most likely unusable from a physical identification standpoint.
This approach would satisfy two factor authentication as the private key is unique to the device (something you have) and cannot be obtained until unlocking it via biometrics (something you are). In other words, even if you can acquire my fingerprints and can trick a reader into accepting the fake, it doesn't get you anywhere unless you are using the specific device that I setup.
Feel free to throw in a password for the trifecta. A cryptographically sound method of combining the scanner algorithm output and a strong password before using it as a key to decrypt the private key would certainly make reversing fingerprints an interesting endeavor without knowing the password. Even with the password, it is once again possible that information is lost in reversing the prints.
Murloc - Friday, June 3, 2016 - linkthe fingerprint is all over your laptop so it's something you have as well, and something the thief has if he has your laptop.
Still, this is irrelevant for anyone not doing super-secret stuff that can generate the interest of people with the resources to do this stuff.
What matters is that thieves cannot access your data if they steal your device, and that you don't have to remember a complicated password to access it every day.
Website accounts will always be hackable because people need to be able to log-in from internet cafés and such.
sorten - Friday, June 3, 2016 - linkIn this case we're talking about 2FA. Your fingerprint and your device. Sure, 3FA would be more secure. If someone has stolen your device and your device can be unlocked with your fingerprint and your authenticator can be unlocked with your fingerprint then you're in trouble. Hopefully you're aware that you've lost your device in a relatively short period of time and have locked it remotely.
ClioCreslind - Saturday, June 4, 2016 - linkSynaptics, please let this work as a trackpoint for the 99.9% of time when it's not required to read fingerprints.
LuxZg - Tuesday, June 7, 2016 - linkInexpensive? Than it should be well below 10$!! No news here...