The problem with security is that it isn't very secure. The ATM card that controls access to your bank account can be stolen. The PIN that augments your ATM card's security can also be stolen, or even guessed. In an airport, the four-digit combination that unlocks doors to secure areas can fall into the wrong hands. And picture badges are easy to counterfeit.
But suppose security is controlled not by something you possess—such as an ATM card—or by something you know—such as a PIN—but by something you are—such as your fingerprint. Because virtually no one else has the same fingerprint, your fingerprint proves that you are who you say you are.
Thanks to developments in silicon fingerprint sensors, fully automatic fingerprint authentication now occurs in less than a second by security systems that are small, reliable, and inexpensive. You simply place your finger on a sensor that acquires an image of your fingerprint. If the print matches an authorized print in a database, you're in. If it doesn't, you're out.
Image conscious. Fingerprint sensors are going just about everywhere, too. In cell phones and PDAs, they can keep anyone but the owner from accessing sensitive information. In a warehouse, they can ensure that only authorized personnel have access to hazardous materials.
Fingerprint sensors use an array of elements to acquire a digital fingerprint image from a live finger. For example, in the MBF110 from Fujitsu Microelectronics, a 500 dpi array of capacitors acquires a 300 x 300-pixel image. Other sensors from Fujitsu and from Infineon, STMicroelectronics, and Veridicom work similarly. Each capacitor pixel has a capacitance value that is lower if the capacitor is adjacent to a fingerprint "ridge" or higher if it is adjacent to a "valley."
Sticky fingers. Fingerprint sensors can have difficulty acquiring good images from some fingers, however. Wet or very dry fingers can pose problems, for example, as can fingers that are cut or worn or callused from manual work. Fingers that are greasy, dirty, or stained are especially challenging. The software in fingerprint authentication systems deals effectively with many of these problems, but it can't handle all of them.
Fingerprint sensors from AuthenTec inject
an RF signal into the finger to obtain a fingerprint image from a
subsurface "live" skin layer. The subsurface layer provides a better image
than the surface layer, which might be too wet, too dry, dirty or stained.
To improve fingerprint imaging, sensors from AuthenTec acquire images not from the surface of the finger, but from an underlying "live" layer of skin where the fingerprint remains largely unaffected by external conditions. After a transmitter injects a radio-frequency (RF) signal through the surface skin layer, the signal travels easily through the fingertip to the moister, subsurface layer. A typical 128 x 128 array of tiny AM receivers in the sensor measures signal strength at thousands of points on the subsurface layer to form a fingerprint image. A strong signal indicates a fingerprint ridge; a weaker signal indicates a valley.
After acquiring a fingerprint image, a fingerprint authentication system extracts key features from the image, which it then compares to a database of features previously extracted from authorized fingerprints. The software matching engine that performs the comparison requires a fairly powerful microprocessor, such as one based on an ARM7 or ARM9 processor core from ARM Holdings PLC. High-security applications can require additional processing power, sometimes even from a digital signal processor such as a TMS320VC5509 from Texas Instruments.
Only a few key features from a fingerprint are necessary to distinguish that print from any other print. According to Doug McArthur, director of the Biometric Sensor Product Group for Fujitsu Microelectronics America (Sunnyvale, CA), most people have from 15 to 50 fingerprint ridge endings or bifurcations (splits), and no two fingerprints have the same features in the same locations. Fingerprint authentication software extracts and stores the coordinates of these features, called minutiae points, using four bytes of storage space per feature.
The relative locations of fingerprint
ridge endings and bifurcations (splits) form a pattern that fingerprint
authentication software can use to distinquish one fingerprint from
Foiling the bad guys. The security provided by fingerprint authentication is good even in a simple system. For example, Fujitsu systems, according to McArthur, typically grant access to unauthorized persons only about one in 1,000 to 10,000 times. This false acceptance rate (FAR) is easily low enough, McArthur says, for protecting data in a PDA or cell phone. To protect more sensitive information or facilities, he notes, a system can implement two-factor authentication, for example by requiring prints from two different fingers.
Fingerprint authentication systems also guard against attempts to circumvent them. Many systems, for example, store only minutiae points, not an actual fingerprint image, and it's impossible to reconstruct a fingerprint from these points for subsequent presentation to a fingerprint sensor. AuthenTec's system does store fingerprint images, but it attaches a randomly generated digital signature to each one. In order to successfully feed one of these captured images into a system electronically, rather than through a fingerprint sensor, the recorded signature would have to match a new signature being randomly generated by the system at the same time—a virtual impossibility.
Under my thumb. Fake fingers aren't likely to work, either. "It's very difficult to make a latex or plastic finger that will pass through a matching engine," says Fujitsu's McArthur. "In addition, it's very easy to write application software that can identify fake fingers." Nor can anyone be assured of success by using a finger from a dead person. Mansfield notes that AuthenTec sensors can measure finger impedance, which allows distinguishing between live fingers and dead ones.
In most cases, developers of fingerprint systems strive for the lowest possible false acceptance rate and a tolerable false rejection rate (FRR—the rejection of an authorized user). FRR for Fujitsu systems is typically 2%, according to McArthur, or one time out of 50. Most users will tolerate a 10% to 30% FRR, he says—a rate comparable to incorrectly typing a password on other types of systems. And on a fingerprint system, McArthur says, "The way you re-enter your 'password' is you just put your finger back down."
Besides wet, dry, or dirty fingers, fingerprint systems also face problems in the environments where they operate. Even the sensor in a pampered PDA can encounter electrostatic discharge (ESD) in dry environments. ESD traditionally has been capacitive sensors' Achilles heel. The protective top layer of a silicon capacitive sensor must be very thin for the sensor to work, but this thinness decreases immunity to ESD damage. Capacitive sensor manufacturers are increasing ESD immunity, but AuthenTec's Mansfield doubts that it matches that of AuthenTec RF sensors, which can have a thick protective coating.
Fortunately, design engineers seldom have to worry about designing a fingerprint authentication system at the sensor level. All of the sensor manufacturers have technology partners who have incorporated the sensors and sophisticated software in cable-connectable or embeddable subsystems that include keyboards, mice, PC cards, and stand-alone fingerprint readers. Also, some companies, such as Biocentric Solutions, make fingerprint authentication products for harsh environments.
Closed-door policy. Of all the markets for fingerprint authentication, perhaps none seem so urgent in the wake of September 11 as physical access control. From offices to warehouses and factories to airports and shipping yards, limiting access to authorized personnel has taken on new importance. As noted by Fujitsu's McArthur, "The days of airport personnel moving through a secure door by means of a little punch keypad are soon going to be over."
Comments on this article? E-mail the author at email@example.com.