Finnish security researcher Mikko Kiviharju says that Microsoft’s low cost biometric device for consumers Fingerprint Reader doesn’t encrypt the fingerprint image thus, leaving it exposed to be hacked.
Kiviharju, who presented his findings at Amsterdam’s Black Hat Europe conference last week, laid out a scheme using ’sniffers’, hardware or software tools that intercept encrypted data, to fool the Fingerprint Reader.
Anyway, MS already has said that the reader is a tool of ‘convenience’. It spells it out in the opening of the product’s Getting Started guide that says; “The fingerprint reader is not a security feature and is intended to be used for convenience only. It should not be used to access corporate networks or to protect sensitive data, such as financial information.”
