At Mobile World Congress (MWC) 2017 in Barcelona, many smart-sensor developers presented fingerprint recognition devices that are secure.
Norwegian IDEX, a supplier of fingerprint sensors for LG and other companies, claims that the majority of its partner smartphone developers enable access to fingerprint sensors' data only within a secure environment. The "raw" data from a fingerprint sensor is encrypted, then the system detects distinctive ridges, encrypts them as well, and sends to secure storage. All of these operations take place in a trusted execution environment.
Sensor maker called CrucialTec is taking a serious step ahead in fingerprint authentication security. The company has added heart-rate sensors to fingerprint scanners. This means that 3D-printed finger copies, plaster fingers, and even real fingers cut off of their owners will not work. The same holds true for simple copies of finger ridges created with a common printer. This system checks ridges to confirm that they are similar but doesn't unlock the smartphone until it detects a proper heartbeat.
One Chinese company presented a fingerprint scanner built directly into the glass of a smartphone display. However, the company did not bring any sample in Barcelona in order to show it. In addition they are not completely sure how users will understand which part of the display they should tap to get in, since the sensor is not clearly visible.
In addition, several companies offer flexible and very thin sensors that can be used as a part of banking card. IDEX offers a scheme that does not require an additional supply of electricity, whereas CrucialTec builds a battery and a simple display into the card to show if the user is successfully authorized or not. The fingerprint sensor can be a good alternative to PIN codes: easier to use and harder to fake.
Two years ago, Qualcomm presented SenseID - more secure and quick ultrasonic fingerprints scanners. This time, the company offered another authentication method that scans your iris, which is quite reliable.
Qualcomm's iris recognition system can distinguish a fake copy of an iris from a real eye. The sysetem possibly takes into account that eyes move a little all the time. In addition, the system can recognize irises even through big, black sunglasses.
Qualcomm's prototype works surprisingly well, taking advantage of the speed of the latest cameras and imaging processors.
The problem here is that in case criminals find a way to steal and use biometric data, users will be stuck, not being able to change their faces, irises, or fingerprints. PINs and passwords can be changed in seconds.