Subscribe in a reader

Recent Posts

« | Main | »

Privaris plusID Biometric Scanner

By Patrick | March 22, 2007

I was reading my normal blogs today and I stumbled across someone discussing biometric means of authentication. As a standard response, I’ve always said I’m against all forms of biometric products. I just don’t want my fingerprint, retinal scan, palm print, or whatever the next form of biometric data is, in some external database. I don’t like the idea of my unique, personally identifiable information being out of my possession. I’m still mad about how many people have my Social Security Number.

Somehow, someway, it hit me today how biometrics should be done. I thought, why not take a fingerprint and run the resulting normal biometric encoding through a one-way hash function (ie. MD5, SHA-1, etc). Then, the database that normally contains an encoded fingerprint or handprint, now contains a one-way non-reversible hash of the biometric encoding. Then whenever I need to authenticate, I submit to a scan, a hash is computed and then that result is compared to the value in the database. Similar to how passwords are transmitted and verified against a password database when logging onto a computer. Great idea right? Now no one ever has my uniquely identifiable information in their grubby little database. I’ve retained my privacy. Perfect idea.

Well as luck would have it, as usual, I’m a day late and a dollar short. More like a year late and thousands of dollars short. After much Googling, I found Privaris and their product line of plusID Biometric Scanners. They have created what I was thinking of the whole time. Their plusID product is a key fob with a fingerprint scanner built in. The only real big difference between what I was envisioning and what they have done is the presence of a database of hashes, or lack thereof. With their implementation, they’ve made it even more simple. Once a successful fingerprint is scanned on the fob, then the fob becomes activated and it becomes like any other proximity card, smart card, or password token. All the biometric computations and authentication are done right on the key fob. I love it already.

I really, really just wish I could one day actually come up with something that hasn’t already been invented.

Popularity: 5% [?]

Topics: Biometric, Corporate | 1,406 Comments »

1,406 Responses to “Privaris plusID Biometric Scanner”

  1. Jeffc Says:
    November 17th, 2007 at 12:00 am

    Unfortunately, what you have outlined won’t work and is not what Privaris has done.

    You cannot create a working system based on hashing an initial sample, then comparing hashed values of a live sample. Due to the nature of fingerprints and the readers, you cannot count on getting the same exact image (or corresponding minutae measurements) when sampling the same finger.

    Therefore, you cannot compare hashes because they would only match if the input is exactly the same.

    Modern fingerprint algorythms compare the stored fingerprint (template) to the live sample and “score” the result. If the result meets a specified threshold, then it is called a match.

    So Privaris, like others, stores an encrypted file called a template containing measurements of the fingerprint key characteristics (minutia).

    Works great, and as you correctly said these minutia based templates cannot be reverse engineered to create a fingerprint image.