Biometric Sensor for Authentication with Smart Cards
Biometrics add an additional layer of security to a smart card system. A biometric smart card protects biometric data and provides a reliable solution where there are privacy concerns. Fingerprints are an ideal credential for logical access control to computer networks and fingerprint templates never leave a smart card unprotected.
Integrating a biometric sensor into a smart card reader makes sense because it is more convenient to combine a smart card reader with a fingerprint scanner in one integrated device. Fingerprint sensors in smart card readers enhance security by bringing the biometric sensor physically closer to the smart card system. In case of a "match on a card" (MOC) system, they stay inside the card from the time of first enrollment.
There are three factors in this authentication process: smart cards provide the "something you have" factor; the "something you know" is usually a PIN that must be entered to access a card; and, integrating a fingerprint scanner into a smart card reader increases security by adding "something you are" to the authentication process.
Smartcards are ideal to store templates, make them portable and validate the identity of the card holder. Those templates can either be matched on the host system, on an intelligent smart card reader, or on the card istself via match on card (MOC).
The biometric fingerprint sensor takes a digital picture of a fingerprint. The fingerprint scan detects the ridges and valleys of a fingerprint and converts them into ones and zeroes. Complex algorithms analyze this raw biometric scan to identify characteristics of the fingerprint, known as the "minutiae". Minutiae are stored in a fingerprint template (a data file usually smaller than the the initial scan). Up to 200 minutiae are stored in a template, but only a subset of these has to match for identification or verification. In most systems, if 10 to 20 minutiae match, the fingerprint is considered a match. In today's smart card systems approximately 40 minutiae are stored, because of space restrictions.