Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: is it worth buyin biometric finger print device?

  1. #1
    Junior Member
    Join Date
    May 2002
    Posts
    24

    Question is it worth buyin biometric finger print device?

    i went to this infosec forum, n tried out this biometric device-
    the one i used was mouse-shape, just put finger on.
    n dnt even have to type username nor pswd.

    think its kinda good fr lazy pple, but is it reliable?
    how am i supporse to log in when the device broke?

    is it worth buyin, u think? its 80quids in UK...
    My kei-goh is Silver Wolf!

  2. #2
    Senior Member
    Join Date
    Nov 2001
    Posts
    742
    IMHO no it's not wort buying yet..

    It has improved during the years but is not 100% reliable and has security flaws. I would not recomend it as a standalone authentification system (today), if you would like to use it anyway do use it with another authentification system.

    how am i supporse to log in when the device broke?
    You do need a password for the "admin" and depending on program/product may every user also need their own password. If the device do not work then you'll get an option to log in with your password (may vary between products).

  3. #3
    Senior Member
    Join Date
    Nov 2001
    Posts
    472
    Some of the readers are safe, some aren't. There are different kinds of fingerprint readers, the optical and the capacitice. According to Japanese scientist Matsumoto there is relativly easy to fool an optical fingerprint reader, using a "gummy-finger". Read more about that here. Matsumotos conclusion was that there are just a few reliable fingerprint readers.

    To make their fingerprint readers more reliable, some of the vendors have chosen to integrate a smart-card reader in their fingerprint readers. On these devices your fingerprint is stored on a smart-card, and when you use the device, your fingerprint is validated against the one on the smart-card. These soulutions would definatley make it harder to fool the system.

    The solution you're talking about is actually using password for authentication, the fingerprint-software maps your fingerprint against a password which is used for logging in. A solution I've used from Precise Biometrics did the same thing. It changed the login-routine by altering certain DLL's in the system, changing the login screen to accept fingerprints instead of passwords. I suppose there was a way to bypass the fingerprint login, and use passwords instead. But that depends on the vendor. There are quite a few stupid solutions out there, so I wouldn't count on the system would let me in if I lost my fingerprint reader.
    ---
    proactive

  4. #4
    Banned
    Join Date
    Sep 2001
    Posts
    521
    Where are these available for purchase by the way?

  5. #5
    Senior Member
    Join Date
    Nov 2001
    Posts
    276
    This german magasine (text in english) "tested" some different biometrics. (mostly made the tech look like crap)
    I can´t wait until I can get my hands on one to test the.. uhm.. security of the device
    But buy one? It´s not realy safe but it´s a good thing fer the lasy people.
    Dear Santa, I liked the mp3 player I got but next christmas I want a SA-7 surface to air missile

  6. #6
    Senior Member
    Join Date
    Jan 2002
    Posts
    682
    fwiw...i would never consider any biometric solution (at least right now) as a stand alone solution....it should only be used in conjunction with strong pwds, pins, smartcards...whatever...my thought is that biometrics is an additional layer of security and not just a different layer of security...
    I used to be With IT. But then they changed what IT was. Now what I'm with isn't IT, and what's IT seems scary and weird." - Abe Simpson

  7. #7
    Senior Member
    Join Date
    Nov 2001
    Posts
    472
    Originally posted here by Dome
    Where are these available for purchase by the way?
    I only have experience with Precise Biometrics, but to get their product I sent them a mail and asked where I could buy one. As they are one of the larger vendors of fingerprint reader, their products should be available in the US. Mine cost about 220$ (that's the one with smart-card reader included). If you decide to buy one, I have a neat SDK for development of applications for it. Pretty cool! I can mail it to you if you'd like. Just send me a PM.
    ---
    proactive

  8. #8
    Senior Member
    Join Date
    May 2002
    Posts
    236
    When I visited Hal 2001 last year it whas made clear that biometrics suck, fingerprinting can be fooled 75% of all times. Even PGP's Phil Zimmerman gave some good facts about biometrics.

  9. #9
    Senior Member
    Join Date
    Nov 2001
    Posts
    472
    Originally posted here by Leviatan
    When I visited Hal 2001 last year it whas made clear that biometrics suck, fingerprinting can be fooled 75% of all times.
    Of ALL times? That certainly depends on what FP-reader you choose to buy. IMO biometrics is here to stay, and although many current solutions don't provide enough security, the industry are working on new and better readers & validation algorithms.

    From my experience the big problem is knowing what to buy, because many products are really bad.
    ---
    proactive

  10. #10
    Senior Member
    Join Date
    May 2002
    Posts
    236
    The industry might still be working on it but it's still not 100 reliable and yes perhaps there is a diffrence between cheap and expensive solutions but the risk still remains.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •