It is known to use fingerprint checking systems to control access to a protected object, for example information or premises.
A fingerprint checking system can be divided broadly to into three parts—a sensor, a memory and a processor. The sensor is used to record fingerprints. The processor compares the fingerprint recorded by the sensor with a previously recorded reference fingerprint, what is known as a template, which is stored in the memory. If the recorded fingerprint corresponds to the reference fingerprint, the system accepts the recorded fingerprint and allows access to the protected object.
Two terms used within this field are FAR (False Acceptance Rate), in other words the frequency of false acceptances, and FRR (False Rejection Rate), in other words the frequency of false rejections. FAR is therefore a measure of the probability that an unauthorised person, whose fingerprint is not stored as a reference fingerprint in the system, will incorrectly gain access to the protected object, and FRR is a measure of the probability that an authorised person, whose fingerprint is stored as a reference fingerprint in the system, will incorrectly be denied access to the protected object. The ideal value of both terms is 0.
When a fingerprint sensor is used, a finger is placed against it. When the finger is removed from the sensor, traces of the fingerprint: may remain. These traces may be caused by the usually greasy surface of the finger, by other substances on the finger or by substances on the sensor, Such a residual fingerprint is referred to below as a latent fingerprint. A latent fingerprint constitutes a security problem because it can be intensified and in the worst case lead to false acceptance, in other words an unauthorised person gaining access to the protected object.
In many fingerprint checking systems, use is made of silicon sensors, also called capacitive sensors. A silicon sensor utilises information about a fingerprint having height differences and the finger having a specific resistance and a specific capacitance. In the event that there is a latent fingerprint on a silicon sensor, the sensor can be fooled into recording a fingerprint by breathing lightly on it or cupping a hand over it. If the latent fingerprint belongs to an authorised person, an impostor can in this way fool the system into granting him access to the protected object.
Optical sensors are another type of sensor used in fingerprint checking systems. An optical sensor records an image of the fingerprint if any part of the finger is located sufficiently close to the sensor surface. In this case, the law of total reflection applies. If there is a latent fingerprint on the optical sensor, the system can be fooled into recording and accepting a fingerprint in spite of the fact that there is no finger on the sensor by darkening the surface of the sensor. There is therefore a risk that an unauthorised person will in this way gain access to the protected object.
The problem with latent fingerprints may occur in any fingerprint sensor which requires the user's finger to be in touch with the sensor surface and which records the user's fingerprint by a single image. The problems associated with latent fingerprints thus mean that FAR has a high value.