• United States

Show Microsoft a finger

Sep 20, 20043 mins
Enterprise ApplicationsMicrosoftSecurity

* Fingerprint recognition from Microsoft

How often do your words come back to haunt you?  Just a few months ago, in the Identity Management newsletter (see link below) I said that in the mid-to-late 1990s we thought that all keyboards would have fingerprint readers built-in. I also suggested that you check out such keyboards the next time you were in a computer store. How wrong I was, at least as far as Microsoft is concerned.

The Sept. 8 issue of the Seattle Times carried a story headlined “Fingerprint recognition a first in biometric field for Microsoft.” I had to read on, since it was 1998 when I first saw a demonstration of a fingerprint reader used to authenticate a user, so I wondered what could possibly be a “first.”

Microsoft does dabble in the hardware field, usually with mice and keyboards. Generally speaking, it demonstrates a new design or technology (the scroll wheel on a mouse, the ergonomic keyboard, etc.), which is quickly picked up and exploited by other manufacturers. This serves Microsoft’s purpose, since the company isn’t out to make money from hardware. Instead, its software can exploit the new features (the “start” key on keyboards, for example) so that users will continue to upgrade their Microsoft software while also buying the third party hardware and gaining extra functionality. Everybody’s happy, everybody profits and the world keeps spinning.

As the Times article revealed (and a quick look at the accompanying picture should have told me!) Microsoft’s small hardware products division has released three fingerprint recognition devices. Well, it’s actually one device, but three configurations: a stand-alone reader, plus one integrated into a wireless keyboard or a wireless mouse. The included software allows the user to store all of their passwords (for network and/or Web access) in a “secret store” then use a simple fingerprint scan to automatically log them in.

First, the user needs to “register” their fingerprints. Yes, that’s plural. You can register one, or all, of your fingerprints then differentiate among them for different authentication sites. You might use the left index finger for general purpose authentication, but your right pinky for your bank account, or the financial database.

The usual caveats about forged fingerprints are minimized since a “fingerprint thief” would need all of your fingers – and know which ones you used for what! Then, when you visit a site that requires a password, just touch the fingerprint reader with any registered finger (and the phrase “registered finger” does make me chuckle), enter your data, and then click OK – it’s the last time you need to enter that information. In fact, if you turn on Fast User Switching in Windows XP, you can use the fingerprint reader to switch between user accounts without actually logging off from the computer. With a touch of a finger, you can quickly switch between users without closing programs and files – and each user’s personal content stays personal. All of this functionality is available with any of the three fingerprint-ready products, by the way.

Drop over to to see the demo (warning, this site uses Macromedia Flash) and think of the possibilities for your network.