By Craig Guthrie
Touchscreen and fingerprint tech firm Synaptics has unveiled a unique fingerprint sensor for smartphones and devices that the company says defends against malware and hacking attacks by conducting all fingerprint capture and processing inside an enclosed, isolated unit.
Synaptics says that its “Match-in-Sensor” fingerprint reader effectively creates a barrier against identity theft and hacking, unlike existing sensors that need to communicate with a potentially compromised operating system.
“The key difference between Match-in-Sensor and Match-in-Host is that Match-in-Sensor enables the highest levels of security by both storing fingerprint templates, and executing matching algorithms, directly on the fingerprint sensor module instead of on the host processor TEE [trusted execution environment],” Ritu Favre, senior vice president and general manager, Biometric Products Division at Synaptics, told Planet Biometrics.
“This makes Match-in-Sensor more robust against malware and other software attacks”.
The danger of mobile biometric authentication systems being compromised at weak data points was laid bare by a claim in April that hackers had intercepted biometric data on a Samsung S5 before it hit the devices’ secure zone.
In that case, rather than trying to break into the secure zone itself, hackers focused on reading the data coming directly from the fingerprint sensor before it reached the trusted execution environment.
“Our fingerprint sensor products with Match-in-Sensor capability communicate a match result - from algorithms executed locally on the sensor module - to the host via an encrypted channel,” said Favre.
“The fingerprint data - the templates and images - are not communicated with the OS. This helps increase resistance to hacking. What is communicated between the sensor and host, via encrypted channels, is the match score. A higher score indicates a closer match to the template, a lower score indicated a poor match.”
The technology mirrors the “Match-on-Card” concept that has featured in biometric smart cards. In these, fingerprint template matching is carried out in a microprocessor embedded in the card, instead of matching biometric information on a PC processor or stored in the cloud.
On these cards – form factor, cost and power usage proved an issue, and in response to questioning on this Synaptics said: “Since Match-in-Sensor executes complex matching algorithms directly on the sensor module, the entire hardware and software module system must be designed to meet the needs for high accuracy, fast response, and low latency. Match-in-Sensor is offered on the premium products in our Natural ID product portfolio”.
Favre also added that the new sensor would be compatible with trends towards in-touch screen sensors.
In March, Planet Biometrics was the first to report that Synaptics had revealed that the firm’s latest small area touch fingerprint sensor features on the Samsung Galaxy S6.