| || |
Re: Who can't wait for fingerprint scanners on their phone?
More than likely the fingerprint is converted into a number. That number is then written on a secure location on the chip. When the finger is scanned, it converts the number again and compares it to the stored number. If they match, it unlocks. This is similar to how a Hardware Security Module (HSM) for PIN for an ATM is used. The HSM data can never be read directly ever,no matter what you do. It can only respond when a value is entered to tell you if it matches. If you try to access the chip directly, the data automatically corrupts.
We know there is at least one secure eliminate or space on the phones if they support Near Field Communication (NFC). It would stand to reason that the fingerprint data is stored there or in another secure element on the phone.
Depending on how strict the phone is with its matching criteria, which would have to balance a slightly crooked or misaligned finger with security and speed, it will be more secure then a PIN which can already be broken based on time constraints only. Patterns, depending on how complex, are more secure than PIN, but both would suffer from "shoulder surfing" (watching over your shoulder as you enter it).
Therefore, the finger is probably the most secure and would be the most difficult to reproduce.
Edited autocorect errors.
Sent from my Kindle Fire using Tapatalk 2