The market for fingerprint readers started getting traction in 2016 thanks to the inclusion of fingerprint readers in almost all phones and their acceptance in payment services like Google Pay. Promises of additional business such as the payment card industry has made the stock market put companies developing and producing the actual technology to bloom. Fingerprint Cards, a Swedish company based in Gothenburg, is known to have one of the fastest readers, and is present in a lot of global brands, such as Huawei, HTC, Oneplus, Xiaomi etc, with the notable exclusion of Apple and Samsung, that together still are the biggest players.
From a security perspective, the discussion is around ‘liveness’ detection and which algorithm is used by the hardware. ‘Liveness’ detection is of course important in ensuring that the used fingerprint is an actual fingerprint, but the algorithm as such is very much key in ensuring that the image read is processed in the correct way. What’s still lacking in the market, besides a few providers of hardware and software for this, is insurance of the correctness. Precise Biometrics provides an algorithm which is FIPS certified while most the others aren’t. Going from accepting a 4-digit PIN to the usage of fingerprint in a world cluttered with PINs and passwords, should be a positive thing, especially when the false-positives are very few, but it will still take time before local finance industries will accept this.
In any case, the focus so far has been on the user experience, not making sure the application and technology is tested and verified including the management of the actual technology being used. It’s a technology and usage switch, a change in going from “what you know” to “what you have” and it needs to be ensured that the level of security is actually increased, and not just convenient.