Somehow, someway, it hit me today how biometrics should be done. I thought, why not take a fingerprint and run the resulting normal biometric encoding through a one-way hash function (ie. MD5, SHA-1, etc). Then, the database that normally contains an encoded fingerprint or handprint, now contains a one-way non-reversible hash of the biometric encoding. Then whenever I need to authenticate, I submit to a scan, a hash is computed and then that result is compared to the value in the database. Similar to how passwords are transmitted and verified against a password database when logging onto a computer. Great idea right? Now no one ever has my uniquely identifiable information in their grubby little database. I’ve retained my privacy. Perfect idea.

Well as luck would have it, as usual, I’m a day late and a dollar short. More like a year late and thousands of dollars short. After much Googling, I found Privaris and their product line of plusID Biometric Scanners. They have created what I was thinking of the whole time. Their plusID product is a key fob with a fingerprint scanner built in. The only real big difference between what I was envisioning and what they have done is the presence of a database of hashes, or lack thereof. With their implementation, they’ve made it even more simple. Once a successful fingerprint is scanned on the fob, then the fob becomes activated and it becomes like any other proximity card, smart card, or password token. All the biometric computations and authentication are done right on the key fob. I love it already.

I really, really just wish I could one day actually come up with something that hasn’t already been invented.