Blending an age-old art with modern technology, a silicon fingerprint sensor offers a unique and practical approach to electronically recognizing and verifying a person's identity. Coupled with software that's available now for capturing "live" fingerprints and matching them with stored templates, the sensor lets designers build a highly secure subsystem that is at once compact, cost effective, easy to use, and power efficient.
Fingerprints are a unique way to provide security, and one for which applications abound. Moreover, fingerprints have none of the risks of passwords, personal identification numbers (PINs), keys, keypads, or badges. Unlike passwords or PINs, fingerprints cannot be hacked; forgotten; or, like keys, cards, or badges, lost or stolen.
In fact, the cost, inconvenience, and poor security of passwords have been major stumbling blocks to improving enterprise and e-business security. For example, Gartner Group estimates that large enterprises spend $340 annually per user for password administration. Similarly, half of all help-desk calls are estimated to be related to problems with passwords.
Even advanced security technologies like public key infrastructure (PKI), encryption, and virtual private networks are only as good as their weakest link: the passwords that authenticate users. In contrast, lacking the drawbacks of passwords, PINs, and so on, fingerprint verification and identification is secure enough for electronic commerce, including home banking and shopping, as well as for the business-to-business marketplace. Other uses extend to network access, physical access control, asset protection, and in government.
The basis for fingerprint identification is biometrics, the science of measuring and statistically analyzing biological data. Biometric-based security is convenient because it relies on who you are, rather what you know (like a password or PIN) or what you have (a smart card or token). It verifies your true identity because what know can be forgotten or hacked and what you have can be stolen or lost. Thus, biometrics ensures a maximum level of security that's free of keys, keypads, badges, PINs, or passwords. Alternatively, it can be used in conjunction with any of these measures.
To be sure fingerprints are just one form of biometric-based security. Technologies have been developed around several unique behavioral and physiological biometric parameters (Tables 1 and 2). Among the behavioral measures are voice patterns, signature verification, and keystroke patterns. Behavioral measures, however, while unique to one person can still vary within a range. In contrast, physiological measures, which include fingerprints, hand geometry, DNA matching, and retinal and iris scanning, are both unique and fixed for every person.
Of all the biometric security measures, fingerprint-based identification is the oldest and most familiar. It dates back to the ancient Assyrians and Chinese, who first used fingerprints to sign legal documents. But it was in the late 19th century when the British scientist Sir Francis Galton proposed the idea of using fingerprints for identification, a technique that today is well known and accepted worldwide by law enforcement organizations.
For many years, optical technology, bulky and power hungry, was the only way to capture and use fingerprints for security applications. With the advent of a low-cost, active-capacitance, silicon-based technology, however, an expansive range of possible applications exists for fingerprint-based identification. In government, for example, low-cost silicon-based fingerprint technology opens applications beyond criminal identification to such uses as gun control, immigration services, drivers' licenses, and welfare benefits and healthcare management. In businesses where employees are required to punch a time clock, fingerprint identification can reduce fraud in recording time and attendance.
In addition, fingerprint identification can be combined with conventional physical-access mechanisms to control access to machinery and equipment or to sensitive areas within an office building. Homes and hotels can also use the technology for added convenience. For example, say you are planning a business trip. You reserve your favorite room online, downloading the room number directly onto your hotel frequent-user smart card, which contains your fingerprint template. Arriving at the hotel, you go straight to your room without having to check in at the front desk. You insert your smart card in the lock, verify your identify by putting your finger on the sensor pad, and enter your room.
Elsewhere, fingerprint biometrics subsystems can be included in a wide variety of handheld devices like drivers' license readers, cellular phones, personal digital assistants (PDAs), and laptop computers. Desktop systems can be similarly protected by putting a fingerprint subsystem into keyboards, mice, or standalone readers. Not only does such a subsystem protect equipment from unauthorized users, it also significantly raises the level of security when conducting business online. Further, integrated into car doors or key chains, a fingerprint subsystem not only opens the car, but by "recognizing" who you are, it can automatically adjust the seats and mirrors and set your radio to your favorite stations.
Two TouchChip Choices
The STMicroelectronics TouchChip fingerprint sensor is available in two versions. One version of the silicon-based fingerprint sensor (the TCS1AD) consists of an array of capacitors on a 12.8-x-18-mm chip. The large active sensor area is intended for higher-security applications. The array size is 256 x 360 pixels on a 50-m pitch. Its resolution is 508 dots/in., the capture rate is 15 frames/sec., and the package size is 27 x 20.4 x 3.5 mm. To conserve power, the chip operates in three modes: nominal (20 ma), standby (7 mA), and sleep (1 mA).
A smaller device (the TCS2AF) is intended for use in portable devices, like PDAs, laptop computers, tokens, and cellular phones. It also targets high-volume, price-sensitive consumer applications. The main differences from the TCS1AD, besides lower price, are its 10.4-x-14.4-mm active sensor size, 208-x-288-pixel array, and 20 frames/sec. capture rate.
Each sensor cell on the chip registers one pixel and contains an active capacitance feedback circuit whose effective capacitance is modulated by the presence of live skin close to the sensor surface (Figure 1). Compared to a passive-capacitance approach, the active sensing method gives much higher immunity to parasitic effects. The benefit of this is a higher signal-to-noise ratio and the ability to capture a wider range of fingerprints.
Figure 1. Living skin at a fingerprint ridge falls on the sensor surface, minimizing feedback capacitance, while skin at a fingerprint valley is off the sensor surface, maximizing feedback capacitance.
Between the sensor plates is a fringing capacitance whose field lines extend beyond the silicon surface. When live skin comes close to the sensor plates, it interferes with the field lines between the plates, reducing the effective capacitance between them. Therefore, skin at a fingerprint ridge falls on the sensor surface, minimizing feedback capacitance, while skin at a fingerprint valley is off the sensor the surface, maximizing feedback capacitance.
The surface of each sensor cell consists of two adjacent metal plates that are separated from the skin and the environment by an ultrahard protective coating. The sensor plates are connected in an active feedback circuit with one plate connected to the input of an inverting amplifier and the other connected to the amplifier's output to form a charge integrator. Thus, the charge integrator converts the feedback capacitance of the sensor cell to an output voltage that corresponds to the distance between the sensor plates of that cell and the skin above it.
Specifically, the sensor cell works in two phases: reset and sensing. In the reset phase, the input and output of the inverter are shorted through a reset switch. This short causes the charge integrator output to settle to the logical threshold of the inverter. During the sensor phase, the reset switch opens and a calibrated charge is applied to the input-side sensor plate. The effect is to change the charge integrator output by an amount proportional to the feedback capacitance between the sensor cells. Because the feedback capacitance of a fingerprint ridge is smaller than that of a fingerprint valley, the output swing for a sensor cell that is under a ridge is greater than the swing for a sensor cell under a fingerprint valley.
The entire fingerprint image is captured by a two dimensional array of sensor cells. The array is addressed in a random access mode through row and column decoders. This provides for such advanced functions as "windowing" and subsampling. Moreover, the output of the sensor array goes through an analog signal-conditioning block that allows for adjustment of the sensor gain and offset before the signal is digitized to an 8-bit word by on an on-chip analog-to-digital converter.
The fingerprint sensor is controlled through a set of on-chip registers. These registers are accessed by software that optimizes the fingerprint image for sharpness, brightness, and contrast. (In the case of the TouchChip, the optimization software is called PerfectPrint.) The job of the optimization software is to produce the best possible fingerprint image quickly and regardless of skin type or environment, thus improving security by reducing the number false rejections and false acceptances.
A second program (the TouchChip version is called PerfectMatch) includes a set of algorithms that extracts a fingerprint template for storage, a process called enrollment, and compares live fingerprints against previously stored fingerprints, called verification (Figure 2). Thus, the enrollment process, which involves capturing and storing one or more fingerprint samples, or templates, is necessary before the identity of a person can be verified.
Figure 2. The enrollment process captures and stores one or more fingerprint samples, or templates. The verification process compares fingerprints against the ones previously stored. In each process, optimization software produces the best possible fingerprint image, thus improving security.
A template is created by an algorithm that extracts the fingerprint's minutia, the set of unique of characteristics of a given fingerprint. The template created by the extraction program is a mathematical representation of the original fingerprint based on an analysis of the ridge patterns.
Importantly, because a template takes up only 256 bytes (in the case of the TouchChip) far less space than the original fingerprint image, a fingerprint subsystem can be embedded in a wide variety of devices, including PCs, servers, smart cards, and the memory of nearly any embedded application. Moreover, a template cannot be used to reconstruct the original fingerprint, helping to ensure total privacy for the user.
As mentioned, templates are extracted during both the enrollment and verification processes: during enrollment the template is stored, and during verification it is matched with all previously stored templates. Once an individual is enrolled, their identity can be verified when they place their finger on a fingerprint reader and a matching algorithm compares the live fingerprint with the stored templates. The algorithm generates a matching score, which it compares with an adjustable security threshold. If the matching score is above the threshold, then-and only then-is the user granted access.
Because the fingerprint sensor described mimics the typical interface of RAM-like device¾meaning the chip can be accessed through the normal read and write commands of a RAM¾the job of building a fingerprint reader around it and a microcontroller is a relatively easy one. Moreover, the interface of this particular chip, because it is buffered, allows the readout speed to be independent from that of the internal sensor with no loss of data.
A block diagram of a fingerprint reader includes the sensor; a microcontroller (MCU) that has a built-in Universal Serial Bus (USB) interface (such as the ST92163); and a nonvolatile memory, such as an EEPROM, that connects to the MCU through an I2C interface (Figure 3). The sensor chip connects to a combination of the MCU's external memory interface port and, for control signals, some general-purpose I/O ports. The MCU also connects to the host's USB port.
Figure 3. A fingerprint reader includes a sensor, an MCU that has a built-in Universal Serial Bus (USB) interface, and a nonvolatile memory that connects to the MCU through an I2C interface. The sensor chip connects to a combination of the external memory interface port and, for control signals, some general-purpose I/O ports. The MCU also connects to the host's USB port.
Firmware consists of elements from the MCU's USB and the sensor's libraries, both provided by the manufacturer, as well as USB callback routines and the user application. The sensor's library, which is based on that of the MCU, includes a kernel that takes care of all USB transactions. It contains all of the USB functions needed to conform to USB 1.1 as well as those for processing the sensor's biometric functions. These libraries let the designer focus on the application. However, depending on the application, which will vary with the implementation, the set of callback routines must be provided to the kernel to process some standard USB requests.
The TouchChip sensor is delivered with a PerfectPrint optimizing software, the PerfectMatch suite of biometric algorithms, and a PerfectMatch application programming interface to ease its integration into an application without a need to understand details of the sensor or biometrics. Also available for TouchChip sensors is a suite of biometric security software ("Protector Suite") whose main components include log-on, file disk, password, and optionally, PKI protector programs.
Of these, the log-on protector ensures a secure a log-on to a desktop system using a fingerprint, smart card, password, or any combination of each. Included are screensaver and workstation locking features. The file disk protector encrypts sensitive file and folders, giving access only to authorized users. The password protector securely stores passwords in a bank for single sign-on to Web sites and Windows applications. Finally, the optional PKI protector is a tool for signing, encrypting, and decrypting e-mail, and enabling Secure Socket Layer user authentication in Microsoft and Netscape browsers.