Biometric sensor can't fall into the wrong hands

If you''re using your cell phone in Japan right now, there''s a good chance that you have to swipe your finger over a thin gold bar like this in order to gain access.


You might also use one of these sensors to log into your PC or in place of a key to open your front door. And if you''re doing that, you''re probably not going to bother with your wallet the next time you buy a cup of coffee, paying instead by briefly holding your cell phone to an RF reader. The early adopters of fingerprint authentication are Japan and S. Korea, but Florida-based AuthenTec is hoping to make the technology ubiquitous.

If this seems crazy to you, you''re not alone. A major concern about fingerprint biometrics is the possibility of faking or transferring fingerprints. Or worse''in movies and reality alike, the bad guy has been known to cut off someone''s finger to get around the fingerprint security device.

But AuthenTec''s sensor aims to discourage the removal of fingers to gain secure access.

''It only reads live skin,'' AuthenTec representative Brent Dietz says. ''So you couldn''t cut off someone''s finger and then use it.'' Dietz says other technologies only look at the finger''s surface, which can be adulterated by cuts, oily skin, or worn fingerprints. But this sensor (actually an RF scanner) looks at what Dietz calls the ''true fingerprint'' in the live skin deep beneath the surface''so deep that you can see individual pores. A lost or stolen phone becomes completely useless.


And the sensors do more than just verify your identity: You might swipe your index finger to log into your PC, but your middle finger will open your e-mail application, and your ring finger will pull up a Word document. AuthenTec says the rate at which companies are adopting the technology is a "hockey-stick" growth curve. Where last year one in ten laptops shipped with fingerprint sensors (half of them AuthenTec), Dietz says this year is on track for a number closer to one in five.

I wouldn''t mind being able to use my phone in place of a Metro card. Dietz says that''s exactly the kind of application short-range wireless/mobile payment was made for. Here''s how it works: you swipe your finger over the sensor to turn your phone on''but that doesn''t allow you to buy anything. To make a purchase, you must graze your finger again, and then you have ten seconds to hold the phone to the short-range RF reader, which authenticates you and sends the transaction over a dedicated leased-line circuit. Even a fingerprint-unlocked phone would not allow transactions in the wrong hands.

But for implementation in the United States, a major stumbling block is the lack of a mobile payment infrastructure. In Japan, AuthenTec partners with DoCoMo, a partially government-subsidized cellular provider that serves about half of Japan''s mobile market and provides the wireless infrastructure for mobile commerce. Unfortunately, DoCoMo''s combined financial and wireless stake in biometrics technology has no analog in the US wireless market. Wireless carriers simply don''t have a real incentive to set up the infrastructure, as Spectrum reported last July.


Tech Talk

IEEE Spectrum’s general technology blog, featuring news, analysis, and opinions about engineering, consumer electronics, and technology and society, from the editorial staff and freelance contributors.

Newsletter Sign Up

Sign up for the Tech Alert newsletter and receive ground-breaking technology and science news from IEEE Spectrum every Thursday.