Examples for Prototyping
| The following prototypes
are examples which have been designed, developed, and realized, still at
Siemens times, by today's employees of Bromba GmbH or its partner
companies |
|
|
| under the conduction of
Dr. Manfred Bromba. Their intended purpose was to demonstrate reasonable
and feasible applications for fingerprint biometrics. |
|
|
|
|
|
|
Fingerprint Cellphone
 A
cellphone clearly illustrates the improved security and convenience that
can be achieved using fingerprints. For cellphones, PINs (personal identification
numbers) are used to prevent unauthorized persons from accessing the wireless
network and incurring costs for the authorized user. Typically, a cellphone
user must enter the PIN as soon as the device is switched on. For security
reasons, only three attempts can be made to enter a PIN; if three incorrect
PINs are entered, the SIM card is disabled. Should a cellphone be misplaced
(a particularly critical situation if the cellphone is switched on), the
service provider can disable the SIM card at the user's request. |
|
| Users of fingerprint phones
are no longer plagued by such concerns. For them, security is literally
at their fingertips. Fingerprint confirmation of each number dialed can
easily be set up. This ensures that security cannot be breached even if
a cellphone that is switched on falls into the wrong hands. |
|
|
| What's more, the fingerprint
phone recognizes not only a single authorized user; it can distinguish
among several authorized persons, assigning personal phone books and accounts
to each. |
|
| The electronics for the
mobile phone shown above, together with the necessary firmware, has been
developed in 1998 by our partner companies Triodata
and Siemens PSE (Austria).
It was the worldwide first fully functional fingerprint cellphone and has
been presented on CeBIT 99 by the Siemens group Information & Communication
Mobile on the basis of the SL 10 which was brand new at that time. Unfortunately,
opposed to the beliefs at that time, fingerprint sensors will only be ready
within a short time to be integrated into cellphones. For cost and space
reasons, this will happen on the basis of swipe sensors. |
|
| • |
Either PIN or fingerprint
can be used to switch on and off |
| • |
Can be set up for fingerprint
confirmation of numbers dialed |
| • |
The phone's owner can authorize
other users at any time |
| • |
Number of fingerprints that
can be stored: up to 60 |
| • |
Number of users who can
be authorized: up to 60 |
| • |
Number of fingers that can
be stored for each user: up to 10 |
| • |
Number of prints that can
be stored for each finger: up to 60 |
|
|
|
|
|
|
Fingerprint ID Card
 For
many e-commerce applications, the identity of the transaction partners
must to ensured. Since passwords may be passed on to others, they unfortunately
offer no help in determining who actually provided a (digital) signature.
The Fingerprint ID Card which has been shown at CeBIT 99 is a future-oriented
solution that combines the biometric process of fingerprint verification
with established encryption procedures. The result is a universal card
which simplifies all business transactions requiring personal identification.
Moreover, the Fingerprint ID card will reduce the number of items users
need to carry with them every day; it can replace nearly everything from
smartcards, driver's license, ID cards, and keys. |
|
| The Fingerprint ID card,
a closed system, contains an integrated fingerprint sensor, a processing
unit and a non-volatile memory for the fingerprint characteristics and
data to be released on fingertip. Fingerprint characteristics can be stored
exclusively via the sensor interface and can by no means be read out. In
other words, the users' unique and inalterable biometric data cannot be
copied; nor can copied data be used. A challenge-and-response procedure
which runs on an encryption processor on the card is used to inform the
service provider that the card owner has been successfully recognized.
Because both the biometric fingerprint characteristics and the recognition
algorithms are completely hidden in the card, any hackers are doomed to
failure. |
|
|
|
| Another important feature
of the fingerprint ID card is the option of having the card deactivated
by a trust center, thereby increasing security in the event that the card
is lost. On the other hand, a user may possess an unlimited number of cards.
Cards can be deactivated thanks to the inseparable combination of a unique
key pair for asymmetric encryption and the unique biometric characteristics
of the card owner. While the biometric characteristics are inalterable,
the key pair, and hence the combination, can be changed. The only condition
is that a valid key pair be used (obtainable from the trust center). Otherwise,
even the card owner cannot use the card. |
|
| • |
No compromising of fingerprint
characteristics possible |
| • |
No problem with vandalism,
because the entire biometric unit is the property of the card owner |
| • |
Extremely high protection
against manipulation |
| • |
Universal applicability |
| • |
Two-pronged approach to
protection against card loss |
|
| • |
card does not function without
the correct fingerprint |
| • |
personal/public key pair
can be centrally deactivated |
|
| • |
No data security problems
as with central storage of fingerprint characteristics |
| • |
Inexpensive card readers
without special security requirements |
| • |
Card dimensions: 85.6 mm
x 54.0 mm x 3.3 mm |
| • |
Significantly more robust
and durable than normal smartcards |
|
|
|
Swipe-Sensor Devices
 |
Swipe sensors were said
to be less user friendly than plain sensors. With the aid of on ergonomic
survey this conjecture could be disproved using these both devices which
were equipped with sensors from Atmel. However, it could be shown that
the design had a significant influence on the biometric performance. This
investigation has been performed by employees of our partner SD&C. |
 |
|
|
Authentication Device
 |
This prototype comprises
a complete processor unit for capturing and processing fingerprints for
test purposes. It can be controlled via a smartphone. It has been developed
and realized together with the control software by our partner Siemens
PSE in Austria. |
|
