The importance of biometric authentication is growing these days because passwords, which are easy to remember, are usually not strong enough, whereas complex passwords are hard to remember and enter. While many new mobile devices feature fingerprint reader and some even have an iris scanner, there is a fleet of legacy PCs that do not support any biometric sensors. Synaptics has developed an inexpensive USB dongle, which can add a fingerprint scanner to any PC. The company will offer the device to its customers later this year.

The Synaptics fingerprint USB dongle is based on the company’s Natural ID technology that relies on capacitive touch sensing and SentryPoint security features. The device is small enough to remain unremarkably installed in a USB port, hence, users will not have to carry it separately. Synaptics calls its dongle “Turnkey USB Fingerprint Solution”, but does not disclose the model of its sensor used by the device, or the encryption type supported by the product because there will be several types of dongles with different feature-set.

Synaptics’ latest fingerprint solutions support AES 256-bit encryption, but keep in mind that the scanners and supporting software never store the full image of a fingerprint and support a number of security layers. The hardware and software work together to take an abstract of a fingerprint in a propriety format (using a proprietary alghorithm) and then encrypt this data. Even if the abstract is decrypted, it would be impossible to reconstruct a fingerpritnt. The only security-related information that Synaptics discloses about the dongle is that it is certified by FIDO (Fast IDentity Online) and is compatible with Windows Hello and Microsoft Passport (i.e., Microsoft Windows 10 operating system only).

The USB fingerprint scanner is a finished, ready-to-use device, which Synaptics will offer to partners, who will then be able to either bundle them with their computers or simply resell them to interested parties under their brands. Pricing of the device will depend on exact configurations of the hardware, but should be "well below $50", according to Synaptics.

Synaptics is demonstrating its USB fingerprint scanner at Computex this week, plans to sample the product in Q3 and start to sell them in Q4.

Source: Synaptics

POST A COMMENT

45 Comments

View All Comments

  • JoeyJoJo123 - Thursday, June 2, 2016 - link

    Cool! After I upload my fingerprint information to the web, what next?

    Will they want a blood sample? Urine sample? Will they need a completely intact hair follicle to create a perfect clone of me?

    Thanks, NSA!

    Love,
    Joey JoJo
    Reply
  • JeffFlanagan - Thursday, June 2, 2016 - link

    Someone with technical skills would understand that these things don't store or upload your fingerprint. They store some data on your fingerprint, but nothing like the police use.

    You should post at Slashdot, where paranoia will get you modded up. They all think they're rebels evading the government we all elected as if it were a foreign entity.
    Reply
  • Carmen00 - Thursday, June 2, 2016 - link

    Yes, they store a hash of your fingerprint. Stealing the hash of someone's fingerprint WILL allow authorities to establish whether any particular fingerprint (which they already have) matches a particular hash. So if you're leading a life of crime, you probably don't want the authorities to get that. Reply
  • Wolfpup - Thursday, June 2, 2016 - link

    Is it only stored on the device though? And then what's passed to the OS, and why can't you just pass the "yeah, this checks out" signal to the OS without the device?

    I'm not quite clear how you get the same level of security that iOS with an integrated reader + integrated separate CPU/storage to handle it on a PC where it's being added after the fact. (Which just means I don't get how that would work, not necessarily that it couldn't work.)

    Also kind of wish these were just sold straight from the company (which is Apple really?) as that leaves at least one less company you have to trust.
    Reply
  • sorten - Thursday, June 2, 2016 - link

    "Yes, they store a hash of your fingerprint"

    Actually, your fingerprint is used to unlock the authenticator on your device, which generates a public key that is sent to the website. The public key could never be used to reproduce your fingerprint.
    Reply
  • Carmen00 - Friday, June 3, 2016 - link

    A public key says nothing about identity unless it is paired with a known private key. You cannot generate a public key on the fly and make identity claims based on it. Instead, do you mean that a suitably-crafted identity token is sent from the authenticator? That would make much more sense.

    In any event, all that we're talking about now is WHERE the fingerprint hash is stored, and the only thing that the location affects is the difficulty of obtaining the data. My point was simply that, assuming a hash is obtained (via legitimate or illegitimate means), it can be used to match an existing fingerprint in the absence of the fingerprint itself.
    Reply
  • sorten - Friday, June 3, 2016 - link

    Your fingerprint unlocks the authenticator. The authenticator generates public and private keys. Reply
  • tuxRoller - Friday, June 3, 2016 - link

    No. Reply
  • sorten - Thursday, June 2, 2016 - link

    You don't upload your fingerprint information to the web. Reply
  • Mushkins - Thursday, June 2, 2016 - link

    More marketing games. It's been proven time and time again just how easy it is to trick these cheapo laptop fingerprint scanners.

    You have the laptop (which is *covered* in sample prints), all you need to get past your average $25-50 fingerprint reader is a piece of scotch tape and a decent size grape. It's not the encryption or the OS that is the weakest link with these scanners, it's the *scanner* itself.
    Reply

Log in

Don't have an account? Sign up now