[ltp] credit fingerprint

[David A. Desrosiers]

> Q: How difficult is it to fake a fingerprint?
> A: Very.

	Or Easy, depending on how you want to do it. 

> Q: How easy is it to amputate a finger complete with print?
> A: Very

	A: Not very easy 

	Unless your biometric scanner is El-Cheapo bought at WAL*MART, 
you won't be able to amputate a finger and use it to authenticate, not 
with the proper scanner. Besides, you'd have to amputate and use the 
finger within 2-3 minutes of initial amputation to allow it to work at 
all. Its probably better to just get the person themselves to swipe 
their own finger at gunpoint instead, since they have to be in close 
enough proximity to the scanner anyway. 

> Q: Do we really want fingerprint readers?
> A: Speaking entirely for myself, no thank you!

	Absolutely, if designed correctly (i.e. meeting all three 
goals of the Code of Federal Regulations, 21:11). Right now, passwords 
meet 1 criteria. That's not strong and easy to compromise. A biometric 
card satisfies all three: 

	1. Something you have (card, keyfob, usb dongle) 
	2. Something you know (password, phrase, magical incantation)
	3. Something you are (biometric fingerprint, eyeprint, voice)

	Anything else is just not worth investigating. 


David A. Desrosiers
desrod@gnu-designs.com
http://gnu-designs.com