False positives of the fingerprint scanner. How does the fingerprint scanner work? Products that may interest you

Any fingerprint scanner has two functions: obtain an image of the fingerprint and check its pattern against other patterns in the database. Modern smartphones use optical scanners. They work on the same principle as small digital cameras. The picture is taken using a microcircuit consisting of light-sensitive photodiodes and an autonomous lighting source - a matrix of LEDs, which illuminates the patterns on the finger.

When hit by light, photodiodes create an electrical charge, capturing an individual pixel in a future photo. Depending on the amount of light entering, the color intensity of the pixel changes. The combination of pixels of different intensities forms a fingerprint image on the scanner. Before starting to verify the print, the scanner checks the quality of the image, namely its brightness and clarity. If the photo is too bright or dark, the scanner's shutter speed is adjusted and the process repeats.

Once the fingerprint is received, it is analyzed using special software. The software uses complex algorithms to determine the features of papillary patterns. In total, there are three types of patterns: arc, loop and curl. Having determined the type of pattern, the scanner identifies the endings of the pattern's lines, such as breaks and splits - called minutiae. They are unique and allow one to identify its owner by fingerprint. The scanner determines the position of the minutiae relative to each other in each image: it breaks the print into small blocks of 9x9 pixels, each of which contains a certain number of minutiae. The coordinates of the detected minutiae and their orientation angles are recorded in a vector. Identical blocks from the scanner and images from the database are then compared, and if the patterns in them are identical, then the fingerprints belong to the same owner. It is worth noting that scanners do not analyze every line of the pattern: they only find identical patterns in a small number of blocks and establish similarities based on them.

There are two main types of optical scanners. The first one takes a picture of the desired area of the finger when touching the scanner. This type is used in Apple smartphones, starting with iPhone 5s.

The second type of optical scanner involves running your finger across it. It takes a series of pictures and programmatically merges them together. Such a scanner has found its application in Samsung. But in subsequent models it was replaced by the first type, which is more convenient, but also more expensive due to the need to use a larger matrix.

A common disadvantage of optical scanners is their susceptibility to contamination and scratches. In addition, such a scanner can be deceived using a cast of the phalanx of the finger.

Smartphone manufacturers these days include a fingerprint scanner on almost all new smartphones. Of course, users also like this feature, as it makes the device more secure and more. Just today we decided to devote this article to setting up a fingerprint scanner, since some users have difficulties with this. You will also learn what you need to pay attention to when adding a fingerprint scan to the device memory.

Setting up the fingerprint scanner

Friends, some smartphones may have different settings, but the basics remain the same. Well, let's try to set up a fingerprint scanner on your smartphone. First, go to the device settings, and then gradually follow the steps below:

go to the fingerprint scanner settings - to do this, go to the system settings (pull the notification shade down and click Settings), then look for Lock screen and fingerprint. In the window that appears, select Fingerprint Management;

the smartphone will prompt you to configure it first alternative way unlocking, I have this graphic key. Select and configure an alternative unlock method;

if everything is done correctly, a new window will open, this is where we will configure the fingerprint scanner. Tap Add fingerprint (confirm the key or password for an alternative unlock) and scan your finger (only one finger) from different angles (different zones of the finger tuft);

when scanning a fingerprint, on the display of your device you will see which zone of the finger tuft was scanned;

Congratulations, you have just successfully set up a fingerprint scanner on your smartphone. As you have seen, there is nothing complicated here, but for beginners, setting up a fingerprint scanner may seem like a difficult task. In the same way, you can scan/add a fingerprint for the other hand, or even the finger of your wife or child (of course, if you don’t have any secrets from them).

If you have any questions while setting up the fingerprint scanner, write to us in the comments below. Stay tuned, there is still a lot of interesting things ahead.

So what is a fingerprint scanner?

This is a type of biometric security technology that uses a combination of hardware and software methods to recognize the user's fingerprint. It identifies and authenticates a person's fingerprints to allow or deny access to a smartphone, app, and other places that need protection from unwanted interference. There are many other ways to protect personal information, such as: biometrics, iris scanning, retinal scanning, facial feature scanning, and so on, right down to a special blood or gait test. By the way, gait analysis was demonstrated in the Mission Impossible film series with Tom Cruise. Some smartphones even use an iris scanner, but the implementation of this feature is naturally far from ideal. Why a fingerprint scanner? It's simple: fingerprint scanning boards are quite cheap and easy to manufacture and use. Touched the scanner and your Redmi Note 3 is instantly unlocked and ready to go.

How do they exist? different types Biometric security technologies and types of fingerprint scanners have different technologies and implementation methods. There are three types of fingerprint scanners:

Optical scanners;
Capacitive scanners;
Ultrasound scanners.

Optical scanners

Optical fingerprint scanners are the oldest method of capturing and comparing fingerprints. As you might guess from the name, this method is based on capturing an optical image of a fingerprint. Essentially, it is a photograph of a fingerprint that, once captured, is processed using special algorithms to detect unique patterns on the surface, such as ridges and unique curls, by analyzing the lightest and darkest areas of the image.

Just like a smartphone camera, these sensors have a finite resolution and the higher the resolution, the finer pattern details the sensor can discern on your finger, the greater the security. However, these sensors have much higher contrast than a typical camera. As a rule, they have very a large number of diodes per inch to capture images at close range. But when you put your finger on the scanner, its camera doesn’t see anything, because it’s dark, you object. Right. Therefore, optical scanners also have entire arrays of LEDs as a flash to illuminate the scanning area. Obviously, this design is too bulky for a phone, where the thinness of the body plays an important role.

The main disadvantage of optical scanners is that they are quite easy to fool. Optical scanners only capture 2D images. Many have seen how, with the help of simple manipulations with the same PVA glue or simply with a high-quality photograph, a scanner is hacked and access to your important documents or cats is obtained. Therefore, this type of security is not suitable for smartphones.

Just as you can now find smartphones with resistive screens, you may also find optical fingerprint scanners. They are still used in many areas, except those where real security is needed. Recently, with the development of technology and the increasing demand for more serious security, smartphones have unanimously adopted and are using capacitive scanners. They will be discussed below.

Capacitive scanners

This is the most common type of fingerprint scanner today. As the name suggests, the capacitor is the main scanning module in a capacitive scanner. Instead of creating a traditional fingerprint image, capacitive scanners use arrays of tiny capacitor circuits to collect fingerprint data. Capacitors store electrical charge and, if you place your finger on the surface of the scanner, the amount accumulated in the capacitor will be slightly changed in those places where the ridge on the pattern touches the plate, and will remain relatively unchanged where the depressions on the pattern are opposite. Integrator circuit operational amplifier is used to track these changes, which can then be recorded using an A/D converter.

Once the fingerprint data has been captured, the data is converted into digital data and searched for distinctive and unique attributes of the fingerprint, which in turn can be stored for comparison at a later stage. The main advantage of this technology is that it is much better than optical scanners. The results of the scan cannot be reproduced with the image and it is incredibly difficult to deceive using prosthetics, that is, a cast of the fingerprint. As written above, this is because when a fingerprint is recognized, slightly different data is recorded, namely, changes in the charge on the capacitor. The only one real threat security comes from any hardware or software intervention.

Capacitive fingerprint scanners use fairly large arrays of these capacitors, usually hundreds, if not thousands, in one scanner. This allows for a highly detailed image of the ridges and valleys of the fingerprint. Just like in optical scanners, a larger number of capacitors provides a higher scanner resolution, increasing the recognition accuracy and, accordingly, the level of security, down to the recognition of the smallest dots.

Because of more components in the fingerprint recognition circuit, capacitive scanners are usually slightly more expensive than optical scanners. In early iterations of capacitive scanners, many manufacturers tried to reduce cost by reducing the number of capacitors needed for fingerprint recognition. Such solutions were almost always not very successful and many users complained about the quality of recognition, because they had to put their finger on it several times to scan the fingerprint. Fortunately, these days this technology has already been brought to mind and even picky user will be satisfied. It is worth noting that if your finger is dirty or too wet/greasy, then the capacitive scanner will sometimes not be able to recognize the fingerprint. However, do they still wash their hands? :)

Ultrasound scanners

Ultrasonic fingerprint scanners are currently the latest technologies fingerprint recognition. First this type scanner was used in the Le Max Pro smartphone. This phone uses technologies from the American company Qualcomm with its Sense ID.

An ultrasonic scanner uses an ultrasonic transmitter and receiver to recognize a fingerprint. The ultrasound pulse is transmitted directly to the finger, which is placed in front of the scanner. Some of this impulse is absorbed, and some returns to the receiver and is further recognized depending on the ridges, valleys and other details of the fingerprint that are unique to each finger. In ultrasound scanners, a sensor that detects mechanical stress is used to calculate the intensity of the returning ultrasonic pulse at various points on the scanner. Scanning for a longer period of time allows for additional fingerprint depth data to be captured, resulting in highly detailed 3D images of the scanned fingerprint. The use of 3D technology in this scanning method makes it the safest alternative to capacitive scanners. The only disadvantage of this technology is that at the moment it has not yet been developed and is too expensive. The first smartphones with such scanners are pioneers in this area. For the same reason, Xiaomi did not use an ultrasonic scanner in its flagship Mi5.

Fingerprint processing algorithms

Although most fingerprint scanners are based on very similar hardware principles, additional components and software may play an important role in fingerprint recognition. Different manufacturers use several different algorithms that will be most “convenient” for specific model processor and operating system. Accordingly, the speed and accuracy of identifying key fingerprint characteristics may vary between manufacturers.

Typically, these algorithms look for where ridges and troughs end, intersect, and split into two. Collectively, the features of a print's pattern are called “minutiae.” If the scanned fingerprint matches several “little things”, it will be considered a match. What is this for? Instead of comparing entire prints every time, small comparisons reduce the amount of time spent computing power necessary to process and identify each fingerprint. Also, this method helps to avoid errors when scanning a fingerprint and, most importantly, it becomes possible to place your finger incompletely. You never put your finger exactly right, do you? Of course not.

This information should be stored in a secure location on your device and far enough away from code that could potentially compromise the reliability of the scanner. Instead of storing user data online, the processor securely stores fingerprint information on the physical chip in a TEE (Trusted Execution Environment). This secure zone is also used for other cryptographic processes and directly accesses security hardware platforms, such as the same fingerprint scanner, to prevent any software surveillance and any intrusion. These algorithms may differ from one manufacturer to another or may even be organized differently, for example, Qualcomm has the Secure MCM architecture, and Apple has the Secure Enclave, but they are all based on the same principle of storing this information in a separate part of the processor.

Fingerprint scanners have become a fairly secure alternative to remembering countless logins and passwords, and for secure payment transactions, scanners will eventually become a very common and important security tool.

Products that may interest you:

Global Version means that the product is released for the global market and meets international quality standards.

Rostest is a certification mark that guarantees that the device complies with all Russian norms and standards for environmental protection and user health. This sign does not imply any additional differences or advantages over other devices.

Global Version means that the product is released for the global market and meets international quality standards.

What's true and what's not when it comes to fingerprint sensors and multi-factor authentication in mobile devices?

It seems that not a single day can pass without news of hacking. As more and more data about our personal and business lives is shared online, the Internet has become a target for many criminals and other miscreants trying to get their hands on valuable personal information or company secrets. This has made smartphones and personal computers very attractive targets for cybercriminals, which in turn has led to the use of fingerprint sensors as a means of reliably identifying the legitimacy of a device user.

However, there is a huge amount of misinformation associated with fingerprint sensors. Therefore, it is time to study the facts about these sensors and see if the belief that they can be easily hacked is wrong.

1. A fingerprint is easy to fake.

Not true. Despite what you see in movies or demos from security vendors, spoofing a fingerprint through high-resolution photography or latent fingerprint recovery is extremely difficult. This technique is called a “spoofing attack” and is a technical challenge. Very few criminals would use this method, and if they did, it would only be to gain access to sensitive data, not to the average user's computer.

The main reason this Myth #1 exists is that demonstrating spoofing is very easy if you are a willing participant. With a lot of practice and a lot of patience, it is possible to create an imitation of your fingerprint by carefully making a mold from various materials such as glue and clay. But even this is not at all simple, and is made even more difficult by the constant emergence of new anti-spoofing algorithms.

2. Optical sensors are less secure than capacitive sensors because they store the actual image of the fingerprint.

Not true. A smartphone or PC that respects basic privacy and security principles will never store a complete image of your biometric data. They transform the data into a "template" where some parameters are retained and the rest are discarded. Then, when storing the abstracted data, the template is encrypted.

Since the template only stores certain information about the scanned image, and not the image itself, it is not possible to recover a fingerprint from the template. Therefore, even if the fingerprint template is somehow extracted, decrypted and read, this information will be useless to reconstruct the image of the original fingerprint. This basic principle applies to both optical and capacitive sensing technology.

3. If an attacker gets your fingerprint from your phone or computer, they can use it to access your phone.

Not true. As stated in Myth #2, the fingerprint image will not be saved in your PC or smartphone. And if fingerprints are not saved, then they cannot be stolen from your device.

4. Multi-factor biometric authentication in mobile devices is complex and expensive.

Partially true. This is easy because many mobile devices already have fingerprint sensors and front cameras, so expect to see rapid growth in the use of multi-factor authentication based on your fingerprint or facial image (Figure 1). Other combinations will likely follow, including retinal and voice recognition.

The difficulty is that combining multiple biometric parameters into a single trust criterion is a complex combination of science and art, and the algorithms for this must be carefully tested. However, you can expect them to be available in the very near future. Ultimately, we will see a robust ecosystem supporting universal multi-factor authentication across platforms and applications.

5. Contextual factors are not enough to ensure mobile device security.

True, but... it must be said that contextual factors alone are not enough to ensure the security of a mobile device. When combined with biometric authentication, they can be part of an overall very strong and user-friendly solution. For example, modern smart watch" can remain unlocked as long as you do not remove them. In the future, your device will be able to use contextual factors such as location, proximity, room conditions, etc. to remain unlocked as long as you are in your office or authorize transactions without additional authentication.

6. Fingerprint sensors should be on the Home button or on the back of the smartphone.

Not true. Fingerprint sensors come in a wide range of designs, including thin sensors that can be placed in the power button on the side of the phone. In addition, the new sensors can detect fingerprints while working under protective glass screen, allowing you to remove the Home button and use the entire surface of the smartphone for the display. And in the future, we will see solutions where any area of the screen can effectively scan fingerprints. (Please note that the fingerprint sensor of the smartphone shown in Figure 2 is located behind the glass of the screen).

7. Biometric authentication is for security purposes only.

Not true. There are many ways in which this information can be effectively used once the user's identity has been established. For example, it can be used to customize the user interface or to take into account user preferences. Here's an example: Scanning a fingerprint on the engine start button sets seat positions, mirrors, and infotainment options to suit the user's needs (or can even be used by the insurance company, car rental company, etc.). Scanning your fingerprint in a Smart Home can unlock doors, turn on preferred lighting and mood-setting music, and restrict access to certain features or areas of the home (when shown to a buyer).

8. Optical sensors are too large and consume too much power to be used for fingerprint scanning in mobile devices.

Not true. Nowadays, technological advances have made optical sensors miniaturized and efficient enough to be used in mobile devices, and they will be supplied in industrial quantities in the near future. And even better, some optical sensors create a deeper image of the fingerprint, allowing you to get more detailed information about the fingerprint that will be used in the template.

9. All fingerprint scanning solutions are the same, so price is a deciding factor.

Not true. Fingerprint sensor suppliers offer vastly different solutions, covering different technologies (e.g. capacitive and optical), different levels of security, a variety of design options, a wide range of power consumption and durability characteristics, and especially software solutions.

This is not just a hardware fingerprint sensor. This is a two-pronged solution, where software and hardware work together as one, and both elements must include security features. The quest for cheapness could result in phone makers or anyone in the mobile payments ecosystem being left out of the market if proper security measures are not in place.

10. Biometrics are too complex and expensive for use in enterprise environments.

Not true. Fingerprint-based solutions in enterprise environments are more secure than typical username and password configurations. They also eliminate cumbersome password changes and IT support calls, making them easier to maintain and support. IN modern world cloud business, where devices can connect to corporate networks anywhere in the world, this is very important. Additionally, legacy personal computers without biometric support can easily be upgraded with one of the peripheral fingerprint sensors on a USB key or a mouse with a built-in fingerprint sensor.

11. Encryption is sufficient to protect the fingerprint template.

Not true. The purpose of encryption is to protect the template file while it is stored, typically in small non-volatile memory. However, there are many cases where the pattern must be deciphered primarily during the matching process. During such operations, the template must also be protected.

In some cases, the security architecture will be a trade-off between security and cost. Such decisions include:

Match in host:
A control processor is used to verify the fingerprint match.
Protected element:
Fingerprint matching is performed by a separate integrated circuit, usually with its own secure memory.
Match in sensor:
The entire matching algorithm and memory are built into the fingerprint sensor itself. It should be noted that the "match-in-sensor" architecture ensures safe startup personal computer, preventing the system from booting before fingerprint authentication is confirmed.

Computer tips for novice users