Security Basics mailing list archives

RE: Biometric question

From: "Vince Hillier" <vdh () plutonium homeunix com>
Date: Thu, 7 Nov 2002 19:18:01 -0800

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I used to work for a company that deployed a palm scanner for a time clock, the palm scanner had little pegs that fit 
between your fingers to make sure you had you hand in the same place all the time, you still got denied once in a 
while, but it was much less.  It was a big PITA when you got denied 3 times, you had to goto management, get them to 
come to the scanner, enter their codes, then try again.

Perhaps thumb scanners could implement the same sort of thing, but instead of pegs, use a little gadget that holds the 
rest of your hand in place, to decrease the chances of denied logins.

- - -----Original Message-----
From: Bryan E. Glancey [mailto:bryan.glancey () epstechnology com] 
Sent: Thursday, November 07, 2002 8:41 AM
To: Felix Cuello; security-basics () security-focus com
Subject: RE: Biometric question


Biometrics are tricky. One thing to think about it how to revoke users.
There are a lot of great companies that make the fingerprinting stuff
including ethentica and a lot of others.
        Try to pay close attention during your installation to the user
management.

        AS to your question on how secure: the answer is the more secure
it is the bigger pain it is for your users. If you make it so that the
tolerance is not very high (your finger must be placed on the sensor
exactly the same way every time) it's pretty good - but then your users
may get frustrated with false refused log ins. If you set the system to
more tolerant modes (you can put your finger on 'close' to the same way
every time) there will be more false accepts but less log in refusals..
It's all a trade off.


Bryan Glancey
bryan.glancey () epstechnology com
Manager of Security Solutions
EPS Technology
999 Executive Parkway Drive 
St. Louis, MO 63141 USA
http://www.epsione.com/
314-205-2300
314-205-2303 fax



- - -----Original Message-----
From: Felix Cuello [mailto:felix () qodiga com] 
Sent: Wednesday, November 06, 2002 1:27 PM
To: security-basics () security-focus com
Subject: Biometric question


Hello list!

   I will work in a project where phisical security will be based on
   biometrics, in fact only will be based on fingerprints biometric.

   How secure are fingerprints?, what biometric are more secure? (voice,
   eye, ??? what else).

   I'm not a security expert :-)

   Thanks a lot,

   Felix
   [my english is bad... please sorry :-)]

- - -- 
Felix Cuello
felix () qodiga com

Qodiga/its
Av.Santa Fe 882 P.13 Of. "E"
C.P. ABP1059C
Tel.: (54) 011 - 4312-1698
Buenos Aires - Argentina

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0 (Build 294) Beta

iQA/AwUBPcss6UBtW3tWqkVxEQIj+QCff3jzh57Vip6b8jMGFi6qWfClpnYAoLwz
S/oSGSXKjh5Bmnt7IKCZXTRe
=NyAY
-----END PGP SIGNATURE-----

Current thread:

Re: Biometric question, (continued)
- - Re: Biometric question Catfish (Nov 09)
- Re: Biometric question Noah Salzman (Nov 09)
- Re: Biometric question Blake Girardot (Nov 09)
  - Re: Biometric question Felix Cuello (Nov 09)
- Re: Biometric question ktyler (Nov 07)
  - Re: Biometric question Johan De Meersman (Nov 08)
    - Re: Biometric question Meritt James (Nov 09)
  - Re: Biometric question Konrad Rzeszutek (Nov 08)
  - Re: Biometric question ATD (Nov 09)
- RE: Biometric question Bryan E. Glancey (Nov 07)
- RE: Biometric question Vince Hillier (Nov 08)
  - RE: Biometric question Naveed Ahmed (Nov 09)
- RE: Biometric question Bryan E. Glancey (Nov 09)
  - R: Biometric question Alessandro Bottonelli (Nov 11)
- RE: Biometric question dporter (Nov 09)
- RE: Biometric question Nero, Nick (Nov 09)
- RE: Biometric Question Cage Uber (Nov 10)
- Biometric question Jacob Kitchel (Nov 11)