Network Computingwww.networkcomputing.com

		our customizable newsletter, sends you security alerts, product updates and software patches on the products you use. Sign up now at www.networkcomputing.com /express/

However, you can get both security and convenience. With low-cost fingerprint-authentication devices, users can merely put down a digit and forget about passwords. No matter how scatterbrained a user might be, he or she simply can't forget his or her fingers.

To view the Report card.We brought six fingerprint-recognition devices into Network Computing's San Mateo, Calif., Real-World Lab® to determine how convenient--and how secure--the latest batch of these devices are.

Out of an ever-growing pack of low-cost readers, we tested American Biometric Corp. (ABC) BioMouse, Biometric Access Corp. (BAC) SecureTouch, Digital Persona U.are.U, Identix's SafeTouch II, National Registry Inc. (NRI) Secure Keyboard Scanner and Sony Fingerprint Identification Unit (FIU). We focused specifically on the devices themselves, because most are not complete systems--yet.

Digital Persona's U.are.U proved to be the best device overall, though it suffers from limited software availability. It combines a very fast and flexible reader with a low false reject rate (see "Biometrics Under Our Thumb," on page 86). We couldn't break into systems protected by U.are.U through fake finger or lifted fingerprint techniques as we could with most of the other devices tested. U.are.U features the simplest installation by virtue of the Universal Serial Bus (USB) interface, which, unfortunately, also limits its deployment in the short run.

If you need to deploy a fingerprint-recognition device now, then the best candidate for you is Sony FIU. Its reader is fast and highly secure, and it supports onboard template storage and encryption. Like U.are.U, the FIU supports one-hand operation, reading the fingerprint image without forcing the user to press a capture key.

Tools or Toys All of these devices offer optical techniques that capture a fingerprint image, using a light source refracted through a prism. Yet there are many physical differences among these units. Those from BAC and Identix are heavy, bulky devices, with complicated optics onboard, while NRI's device uses a custom plastic lens. Sony FIU is relatively small and lightweight, with several custom lenses inside. ABC's product uses lightweight plastics, and Digital Persona's device uses a thin plastic that appears to have embedded microprisms.

We also discovered manufacturers with alternative approaches to expensive optical devices. For example, Who? Vision Systems manufactures a product using a custom electro-optical polymer--a very thin, self-illuminating film--that replaces lenses. The cost to manufacturers per device is under $50. Another company, Veridicom, makes a silicon-based fingerprint sensor. Unfortunately, we were not able to get complete products from these vendors in time for testing.

Only the Digital Persona and Sony devices could detect a fake finger attack by combining optical and proprietary finger-detection methods. ABC offers an enhancement for live finger recognition that uses infrared and pulse detection--for an additional cost. Without this add-on, ABC's BioMouse can be hacked with a fake finger built from an imprint of a user's finger--as can the BAC, Identix and NRI devices.