1. Field of the Invention
This invention relates to a method for testing a fingerprint.
2. Description of the Background Art
Fingerprint testing is gaining more and more importance in connection with the use of chip cards used for identifying and verifying authorized persons, for example in access controls or the performing of financial transactions.
Checking the fingerprint substantially replaces PIN entry in such cases, the advantages being that the user does not have to remember any combination of numbers and security is increased since a fingerprint, unlike a PIN, cannot be spied out or found by trial.
For checking the fingerprint it is known to provide terminals equipped with a sensor for sensing the fingerprint. The sensed fingerprint is compared either in the terminal or on the chip card with a fingerprint stored on the chip card. Such assemblies are known for example from EP-A 0 343 580.
Since evaluation of a fingerprint exceeds the computing power that can be realized on a chip card, evaluation is usually done in the terminal. However, calculation in the terminal has the disadvantage that the reference values stored in the chip card are sent outside, making it possible for unauthorized third parties to determine the reference values as they are stored in the chip card by interception or other kinds of attacks.
To avoid the abovementioned disadvantages it was proposed in DE-A 198 11 332 to perform all security-relevant operations within the data carrier and only swap out computing-intensive operations if the swap does not endanger security. In the swap the chip card specifies which data are transmitted from the terminal to the data carrier in what form. In particular, the terminal performs a pre-evaluation of the measuring values in the course of which temporary results obtained from the measuring values are linked with data that were transmitted to the terminal from the data carrier. The terminal then only transmits the result of linking to the data carrier, in which it can be checked with comparatively little effort on the basis of the linking results whether the detected biometric feature comes from an authorized user.