A new type of fingerprint authentication technology being introduced by Synaptics may help make your next laptop as well as your other devices a lot more secure. Rolled out Thursday, the new “Match-in-Sensor” system is significantly more secure than other authentication systems because it is physically separated from other elements of a computer system, the company said
The Match-in-Sensor system consists of a system-on-chip (SoC) architecture, allowing a single device to perform both input and output functions with an in-sensor microprocessor executing firmware. As a result, the processes of fingerprint image enrollment, pattern storage, and biometric matching are all executed within the fingerprint sensor itself.
Isolated from the Host System
The all-in-one functionality of the SoC architecture allows the sensor to operate in complete isolation from the host operating system. Since all of the security sensitive functions occur on the chip without interacting with the operating system, the authentication system is less vulnerable to malicious attacks.
The new system is far from the only fingerprint authentication solution on the market. With Match-on-Host systems, however, most authentication tools communicate with the host processors. That opens them up to hardware attacks and system malware, making them much more vulnerable.
Interest in password-free authentication methods has increased rapidly in recent years, thanks to several high-profile cases in which hackers were able to gain access to login and authentication details with little trouble. Last year, hackers attacked Apple’s iCloud using a brute force technique that allowed them to make unlimited login attempts to break into individual accounts.
Passwords are also notoriously difficult for enterprises to manage. Efforts by IT departments to force corporate users to adopt more secure behaviors by requiring them to use special characters, or to change their passwords periodically typically backfire. That's because users often write their passwords down in unsecure locations, or choose easy-to-remember passwords such as “password1.”
Drive-by Mobile Payment Systems
The faults in password security are not the only forces driving interest in alternate authentication systems. The growth of electronic payment platforms, such as Apple Pay that allow people to use their mobile devices as digital wallets is also driving interest in fingerprint authentication technology.
Synaptics' new system was designed with this need in mind, according to Ritu Favre, senior vice president and general manager of Synaptics’ Biometric Products Division. "Match-in-Sensor technology provides for the requirements of smartphone manufacturers, the convenience for end users, and the security for online service providers when authenticating their customers," Favre said.
The isolated nature of Symantic’s new system would make the technology particularly attractive to mobile device manufacturers, said Les Santiago, Research Director for IDC, a technology advisory firm. “Synaptics' Match-in-Sensor raises the bar on security by ensuring that your biometric information never leaves the sensor compared to Match-on-Host or Match-on-Host Trusted Zone solutions,” Santiago said. “This is especially useful if the host system is compromised by malware or a virus."
Posted: 2015-07-09 @ 7:05pm PT
Fingerprint for bringing down security?
Whether iris, face, fingerprint, typing, gesture, heartbeat or brainwave, biometric authentication could be a candidate for displacing the password if/when (only if/when) it has stopped depending on a password to be registered in case of false rejection while keeping the near-zero false acceptance.
Threats that can be thwarted by biometric products operated together with fallback/backup passwords can be thwarted more securely by passwords alone. We could be certain that biometrics would help for better security only when it is operated together with another factor by AND/Conjunction (we need to go through both of the two), not when operated with another factor by OR/Disjunction (we need only to go through either one of the two) as in the cases of Touch ID and many other biometric products on the market that require a backup/fallback password, which only increase the convenience by bringing down the security.
In short, biometric solutions could be recommended to the people who want convenience but should not be recommended to those who need security.