Fingerprint Readers. The more things change...

A ton of excitement over fingerprint readers and with good reason. Readers are becoming a mature, low cost technology. Fingerprint readers on your phone are now a common form of keeping that phone secure. So what could possible go wrong?

You don’t need to be CIS to lift a fingerprint!

You leave your fingerprint for anyone to reproduce countless times every day. You don’t need to be CIS to lift a fingerprint. Simply press on your phone when it has a dark background and you can see that fingerprint with the naked eye. Mom would yell at us all for leaving fingerprints on the fridge or coffee table. Dad would have to rub them off the car windows. The one place that a fingerprint can be sure to be found is at the location of the device that is being protected! They never change. You can’t revoke your fingerprint and issue a new one.

The best analogy for a fingerprint is that it is a long… long password that is issued to you when you are born. You make millions of copies of this password and leave them everywhere you go for the rest of your life.

Yes there are improvements and mitigation strategies. “Proof of life” technology will add security (read time and money) to readers.

What stays the same is this – There are three factors to security:

  1. Something you have (a unique credential such as a prox card)
  2. Something you know (a unique item such as a code or password)
  3. Something you are (such as a fingerprint)

The first two factors can be encrypted, strengthened, revoked and pseudo random (or rolling). A lost card or compromised password is pretty easily handled. A compromised fingerprint can also be easily changed ….. but only 10 times.

So “YES”, fingerprint technology is making the world more secure by adding a level of security with little cost and business interruption. So “YES” you can’t lose or forget a fingerprint. So “NO”, fingerprint technology is not changing the fundamentals of security.

