Introduction

Fingerprint authentication is the best choice for highly secure applications for its accuracy, convenience and cost-effectiveness. A whole system based on this biometric technology may be expensive, complicated and difficult to maintain, but if you combine it with smart card technology, such should not be the case.

The smart card-fingerprint reader feature of the AET63 BioTRUSTKey makes it deployable in applications of different natures, be it online or offline, for large or small user population, etc. It is an ideal solution for a broad range of applications, including e-commerce, physical/logical access control, banking and point-of-sales transactions.

i) Maximum security via multi-factor authentication and on-board biometric processing
Authentication is two- or three-way. The BioTRUSTKey verifies something “you have” (smart card), something “you are” (fingerprint) and something “you know” (PIN/password). Users carry their fingerprint templates with them and fingerprint verification authenticates only the smart card user, neutralizing privacy concerns and security risks posed by dummy fingerprints or stolen cards. Obviously, anti-security threats are eliminated via more factors of authentication.

Moreover, the BioTRUSTKey performs fingerprint template extraction and matching within the device itself – not in the PC – for maximum security. The 3DES encryption used to protect USB data transmission and the optional secure access module (SAM) further enhance the security delivered by the BioTRUSTKey.

ii) Affordable, flexible and scalable system
By storing the encrypted fingerprint template in a smart card, matching just involves checking the live fingerprint against the stored template. Hence, in contrast to a traditional fingerprint system, a BioTRUSTKey-based system does not require extra provision of fingerprint algorithm, database, server, and network connectivity, lowering both setup and maintenance costs.

iii) Easy application development
The BioTRUSTKey API and software development kit – which contains demo programs, tools/utilities, sample codes and reference manual – provided by ACS lets developers integrate fingerprint authentication into smart card-based applications effortlessly without requiring them to have an in-depth knowledge of biometrics.

Complete local-site authentication implies that, under normal circumstances, a biometric system can be constructed with just three components: local PC applications (or remote server applications), any common smart cards, and the BioTRUSTKey. As only the front-end applications need modification or replacement, back-end system architecture remains intact, removing scalability constraints and allowing undemanding system administration and maintenance.