Identity fraud is a serious threat in our networked world. A 2010 study claimed that more than 7.5% of all US adults were exposed to some form of identity theft. Present day mobile devices like smartphones, tablets and notebooks store vast amounts of personal and professional data. People are rightfully concerned about their privacy.
Today the most attractive target for criminals pursuing identity theft are centralized databases. At present, user authentication methods are often primitive (e.g., password, pin code, social security number or a security code written on a payment card), which is why successful database attacks often prove very profitable for criminals.
Occasionally people create so-called “fake fingers” and publish that they have “hacked” the system (see the “Fake Fingers” section above). Such negative publicity makes many users feel that presenting their fingerprints to public or shared devices is risky. Placing a finger on a public sensor already touched by many people can also be intimidating to some individuals.
NEXT sensor technology facilitates new mass-market systems and solutions that address these issues in a powerful way.
Local vs. Centralized Systems
Centralized databases are vulnerable to attacks in many shapes and forms along the route between end users, database and the return route to end users. These include hacking, eavesdropping, inside operators, and human errors.
NEXT technology facilitates systems and solutions that store personal data locally in personal devices. This is only possible with a sensor that satisfies targeted requirements for cost, dimensions and power consumption.
Bypassing large centralized databases altogether is a significant positive contribution to enhancing privacy and overall security.
Personal Devices vs. Shared or Public Devices
Some individuals hesitate to “give away” their fingerprints or allow them to be scanned for identification.
The NEXT combination of high levels of security and convenience in small pocket-compatible formats at a very low system cost facilitates a wide range of fingerprint-based devices that store all personal data in devices owned and controlled by the individual only.
This is a further significant contribution to both true and felt level of privacy.
Details of the NEXT Approach
The NEXT system design includes a variety of measures that respect and enhance user privacy:
1. Type of data
The NEXT software SDKs store only minutiae templates. These are standardized pixel coordinates; it is impossible to derive the original fingerprint image from this data.
2. Data management
Whenever possible, the template is stored in the memory space of the algorithm library. It is not accessible by application programmers.
3. Storage location
The templates are typically stored in the user's private, portable device. An optional cloud service is available that permits authentication on several devices (without having to enroll on each). In this case, all data transfer and storage employs strong encryption.