A while ago I wrote about how to set up fingerprint scanning security on an HP Elitebook Folio 1020 running Windows 8. A reader promptly emailed saying they thought I shouldn’t publish that info because people shouldn’t save their fingerprint data due to hackers getting ahold of the info.
That seemed unlikely, but I asked HP about the situation. Here’s their quite interesting response…
The HP person I’m interviewing is John Groden, the Director of Product Management, so if he says it’s true, it’s a good bet that he’s spot on with his comments. It also suggests that if you have a fingerprint scanner on a different device (an iPhone, for example) then you might really want to do some research to identify how it’s being stored and whether you’re opening yourself up to a vulnerability down the road or not.
Q1: Some of my readers have contacted me about the security of the scanned fingerprint on the HP EliteBook Folio 1020 and what is stored in the operating system. Can you shed some light on that?
A1: The questions raised about fingerprint sensors and fingerprint template files are completely valid for most sensors. However, they do not apply to the fingerprint authentication systems employed on our business-class PCs, including the HP EliteBook Folio 1020.
Unlike most fingerprint sensor implementations provided by our competitors. HP fingerprint sensors are a “hardened”, high-security, implementation with some very important additional security features.
Q2: Okay, can you elaborate a bit on the additional security features?
A2: Sure, unlike most fingerprint authentication solutions, HP’s fingerprint sensors actually perform the final fingerprint match on the sensor hardware itself. This means that hacking data within the operating system does not compromise the authentication result.
Additionally, HP’s fingerprint sensor modules also have their own Non-Volatile Memory for storage of fingerprint templates (templates are the files that contain the matching information for a scanned finger). This means that the fingerprint data cannot be accessed directly by applications running in the operating system.
Q3: So, there is a demarcation between the operating system and the hardware that protects the fingerprint data and adds an additional layer of protection? How does that work?
A3: The fingerprint data is also encrypted by the fingerprint sensor hardware, using keys unique to each sensor. So, even if an attacker were to get access to the template files from the sensor module storage, the data can only be decrypted by the fingerprint sensor.
Q4: But what if an attacker did get access to the template files? Would they be able to get sensitive information from that?
A4: It is also worth noting that for all fingerprint systems (even the less secure systems), getting access to the fingerprint templates would not provide much information that is useful to an attacker.
This is because fingerprint templates do not contain a “picture” of the fingerprint –as some people seem to think. They only contain mathematical representations of some “features” of the fingerprint. The “features” differ for different matching algorithms, but they do not constitute data that can be used to recreate a fingerprint image.
Thanks to John Groden for sharing this insight. Now you know, it’s something to think about before you use the fingerprint scanner on your next device, isn’t it?