How do match-in-sensor fingerprint scanners communicate with a PC?

371 viewsOtherTechnology

While shopping for a USB fingerprint scanner for my PC, I found two types:

*match-on-host*, which lets the computer read the fingerprint scan’s data to verify your biometrics,

and *match-in-sensor*, which verifies your biometrics in the scanner itself then tells the computer that it succeeded.

Wouldn’t it be possible to make a USB device pretending to be a fingerprint scanner which responds to the computer’s request to scan with a pre-programmed success response? There must be some way for the computer to know whether a fingerprint scanner actually verified a fingerprint other than simply receiving a “yes it matches,” or it would be trivial for a bad actor to make a master key for any computer with biometric login and a USB port.

Does the computer store a digital key on the fingerprint scanner to confirm it’s the same hardware that the biometrics were originally set up with? or vice versa?

In: Technology

5 Answers

Anonymous 0 Comments

normally some type of cryptographic data would correspond to a particular fingerprint but it’s always going to be up to the device to not lie about which “key” was a match when scanning a particular finger.

using the crypto method prevents other people from spoofing but afaik there’s no way to reliably tie a specific fingerprint to some other kind of data that a device *can’t* lie about.

You are viewing 1 out of 5 answers, click here to view all answers.