It’s hard to forget your login/password when it’s your finger(print)

The scanners must be certified because encryption of the fingerprint is done inside the sensor. When a user swipes a finger, the recognition data is compressed and encrypted, then sent to a TrueMe server, which handles authentication. If the user is allowed to visit the website or resource in question, the server sends the verified identity directly to the site.Given the way that crooks have attacked traditional two-factor authentication systems, will fingerprints prove to be more secure? Hopefully. The TrueMe system also records the device ID of the fingerprint scanner used in the authentication attempt, potentially making it easier to spot fraud and to track down malicious users. We imagine that the technology could also be used by businesses to restrict employee access to sensitive internal websites to certain company-supplied PCs, though Pay By Touch says nothing about the way that the ID check will be used.

Read this article from Ars

Advertisements

Leave a comment

Filed under Cybercrime, Identity

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s