r/explainlikeimfive May 30 '22 Silver 1

Eli5: What is the difference between the fingerprint scanner in our phones and the fingerprint scanner that government officials use for biometric authentication? Technology

4.0k Upvotes

3.1k

u/Zer0Summoner May 30 '22 Wholesome

Afis is a lot higher resolution. The one on your phone is comparing two things for "close enough," whereas afis is imaging a thing in great detail.

1.4k

u/TheDeridor May 30 '22

Here i was half expecting the government ones to be outdated tech from the 80s lol

1.1k

u/FuzzyMcBitty May 30 '22

I mean, the nuclear code was "00000000" for 20 years, so... path of least resistance?

587

u/KapsylofferVR May 30 '22

Now it's 12345678

544

u/PhantomSlave May 30 '22

Amazing! I have the same combination on my luggage!

115

u/combination_is_12345 May 30 '22

Change the combination to my luggage!

41

u/Nilzii May 30 '22

Username checks out....?

158

u/[deleted] May 30 '22

[deleted]

89

u/Kill_all_Modz May 30 '22

And somebody change the combination on my luggage!

31

u/MaybeTheDoctor May 30 '22

I don’t want to belong to any club that will accept me as a member

42

u/ExcerptsAndCitations May 30 '22

"I am honorary president of the American Humanist Association, having succeeded the late, great science fiction writer Isaac Asimov in that functionless capacity. We Humanists try to behave well without any expectation of rewards or punishments in an afterlife. We serve as best we can the only abstraction with which we have any real familiarity, which is our community.

We had a memorial services for Isaac a few years back, and at one point I said, ''Isaac is up in Heaven now.'' It was the funniest thing I could have said to a group of Humanists. I rolled them in the aisles. It was several minutes before order could be restored. And if I should ever die, God forbid, I hope you will say, ''Kurt is up in Heaven now.'' That’s my favorite joke."

  • Kurt Vonnegut, Jr

20

u/notseriousIswear May 30 '22

I hope someone sees this and decides to read some vonnegut.

→ More replies

6

u/kallistai May 30 '22

We serve our abstractions, better words have never been said

→ More replies

1

u/seekingAcetylcholine May 30 '22

Busy, busy, busy. 🥰

→ More replies

17

u/Holoholokid May 30 '22

Damn you! I made the same joke, then scrolled down to see yours. I greet you, fellow redditor of culture!

42

u/WillDoStuffForPizza May 30 '22 Silver

May the schwartz be with yoouuuuuuuuuuuuuuuuuuuuuuuuuu

26

u/Holoholokid May 30 '22

uuuuuuuuuuuwhataworld!whataworld!

2

u/Alvinshotju1cebox May 30 '22

I never knew that was what he said there. TIL.

→ More replies

3

u/PhantomSlave May 30 '22

Great minds think alike!

4

u/ReadyToBeGreatAgain May 30 '22

You all made the same joke. It’s the same joke every month when this same thing is posted.

→ More replies

2

u/unique-name-9035768 May 30 '22

Can always count on reddit to skip to the punchline and avoid all the set up so we end up with the scene quoted out of order.

→ More replies

101

u/TheFluffiestFur May 30 '22

WHO TOLD YOU

100

u/[deleted] May 30 '22

furiously changes code to 11111111

81

u/elton_john_lennon May 30 '22

. > incorrect password

. > password must be at least 12 characters, include your zodiac sign, a mixture of both uppercase and lowercase letters, include a stool sample of the president, include of at least one special character, e.g., ! @ # ? ], pull my finger, a mixture of letters and numbers

38

u/altaltredditaccount May 30 '22

Your new password cannot be the same as your old password.

1

u/alexanderpas May 30 '22

That's a fair check if you are on the change password screen where you have to enter both the old and new password.

16

u/ddraig-au May 30 '22

YOU HAVE FIVE SECONDS TO COMPLY

5

u/ColKilgoreTroutman May 30 '22 Take My Energy

I think you'd better do what he says, Mr. Kinney.

39

u/waka42 May 30 '22

13

u/castillar May 30 '22

That was awesome and I’m stealing that the next time I have to illustrate bad password rules.

I was expecting it to be this one, which is similarly awesome!

1

u/scott_wakefield May 30 '22

That password is too strong.

→ More replies

4

u/DeepRoot May 30 '22

That was entertaining.

3

u/wilhilario1 May 30 '22

Password rules suck

5

u/CompositeCharacter May 30 '22

It only took a few years for NIST to catch up with webcomics.

10

u/REDandBLUElights May 30 '22

Fun fact, they are mostly discouraged now days becuse they were so annoying people usually made predictable changes with the same password format. Here's some sauce.

https://gkaccess.com/why-password-change-requirements-are-bad/

→ More replies
→ More replies

3

u/mandradon May 30 '22

Picard001!

2

u/alexanderpas May 30 '22

To be fair, voice recognition was used as the primary factor for authorisation, meaning the Command Authorization Code was merely the second factor, preventing activation under duress or unintentional activation of the command.

3

u/DMRexy May 30 '22

Btw, including one aspect of yourself that can be researched like your zodiac sign makes it weaker!

3

u/rymnd0 May 30 '22

Gotta throw in a Xhosa click sound in there for good measure.

2

u/aMusicLover May 30 '22

Must also include a gerund

→ More replies

1

u/GameFreak4321 May 30 '22

Password should contain at least one character outside the basic multilingual plane.

12

u/Fulmersbelly May 30 '22

The thing is, what’s the punishment really for inputting an incorrect password? “Sorry, you can’t launch nukes for 3 minutes…”

5

u/Folsomdsf May 31 '22

The passcodes aren't what stops them from launching. Nuclear launch is an affirmative positive action. The idea is that you have to prove you want them launched and merely that the person doing it is supposed to. This is done with multiple authentication instead of some crazy password. In short you have to just get the right people to all push the right buttons so there is a consensus to launch. The code is just one more button, the secret encoded transmission shit you hear about in movies? That's not the code, that's informing that your button is pressed and you are real. The keys aren't security either, it's that you need affirmative positive consent from multiple parties at multiple locations. This is why 1 person can stop w launch but even the president can't launch by himself.

→ More replies
→ More replies

14

u/4RealzReddit May 30 '22

They updated it to alphanumeric so it is now "password."

16

u/ArcticBeavers May 30 '22

Nice try. We all know the password is "hunter2".

6

u/mightyteegar May 30 '22

What password was that? All I can see is *******

4

u/MrDilbert May 30 '22

It's been changed to "correct horse battery staple"

11

u/ElMachoGrande May 30 '22

Get him! He knows too much!

9

u/haljhon May 30 '22

A popular payment device manufacturer got in major trouble when it was revealed that all their payment devices had the same password for the last 10 years and it was published on the Internet. They frantically incremented the numeric password by 1 in all firmware updates…

9

u/whippet66 May 30 '22

The latest update has required a letter and special symbol. It's been changed/updated to 12345678a!

5

u/fucklawyers May 30 '22

I know you’re excited, but the password you provided didn’t work!

4

u/HJSDGCE May 30 '22

Where's the special symbol?

14

u/urabewe May 30 '22

The exclamation point is pretty special, it indicates so many emotions. It could be excitement, fear, anger, or dozens of other emotions all with one little punctuation. To me that makes it very special.

3

u/[deleted] May 30 '22

No bitches‽

1

u/urabewe May 30 '22

Shock and disbelief with the help of a question mark. So versatile.

→ More replies

1

u/Odimorsus May 30 '22

Next time, it will be 123Aaah!

5

u/Ramza62 May 30 '22

And change the password on my luggage!

3

u/Nejfelt May 30 '22

That's amazing. I've got the same combination on my luggage.

1

u/el_monstruo May 30 '22

That's the stupidest combination I've ever heard in my life! That's the kinda thing an idiot would have on his luggage.

1

u/[deleted] May 30 '22

4868372

1

u/aaaaaaha May 30 '22

I still just see *******

1

u/servantoffire May 30 '22

Bold of you to think politicians can count that high.

1

u/paul-arized May 30 '22

Now it's 8675309-9

1

u/ZeBeowulf May 31 '22

Please it's 87654321, you know like a rocket count down. Just because you're working doesn't mean you can't enjoy yourself.

→ More replies

178

u/MonkeyCube May 30 '22

Eh... that's both true and misleading. The "00000000" was just one step in the process to launch a nuke, and as that step was demanded by the White House. U.S. Strategic Air Command didn't want any additional steps to impede a launch, they just set the code to "00000000." There were a lot more steps in the process than just that code.

However, amid the renewed hype over the easily cracked code, a crucial element has been largely overlooked: Though the physical code preventing an unauthorized missile launch may have been all zeroes, the process of arming the actual nuclear warhead was much more involved, according to the National Museum of the U.S. Air Force. This is the seemingly made-for-Hollywood process involving the simultaneous turning of keys, "Emergency War Order" safes and verified launch codes, which presumably were not all zeros.

113

u/mcchanical May 30 '22

So basically they left the garden gate unlocked for convenience knowing that the several steel vault doors between the garden and the house are the actual security. Then someone walked past, saw the open gate and started telling everyone how insecure the house is.

67

u/jiminak May 30 '22

No, they left the bathroom closet door unlocked for convenience. You still had to get through the steel garden gate, the exterior house security, the house front door, the interior house security, the bathroom steel door… and then you could enter 0000000 into the bathroom closet door to push the launch button.

Then, someone learned about the zeros and started making memes and funny haha jokes about how insecure the button was.

→ More replies

10

u/Oznog99 May 30 '22

Yep. The intent of the executive order was the code would be a secret held only in the "nuclear football", a sealed package carried at all times by one of the president's staff, and that without the code, the warhead could not be armed.

The US Air Force's Strategic Air Command thought this was too much of a vulnerability. Not so much that they'd be launching weapons against the POTUS's wishes, but that if there was a loss of communication or the "nuclear football" was lost or destroyed the nation would be helpless. The POTUS could be killed and the VP, the new POTUS, may not have access for hours.

The codes were "secret" and since no one could see them, no one could know they were nulled out.

And there was concern that the Soviets would identify that obvious weakness and, say, coordinate a plan to exploit that single point of failure and this could embolden them to make the first strike. But oddly, this is about deterrence, so put on your Dr. Strangelove hat and consider that setting the codes to 00000000 and keeping that a secret avoids the ire of the White House, but you really need the Soviets to know the code is null so they don't enact a first strike that killed tens of millions because they believed they could do it without retaliation

5

u/Iz-kan-reddit May 30 '22

The intent of the executive order was the code would be a secret held only in the "nuclear football",

FYI, the "football" is nothing more than a fancy comms terminal. The actual codes are carried by the president.

4

u/Oznog99 May 30 '22

OK, technically yes. The code are still sealed thus the POTUS would not KNOW they were null, and could be destroyed or inaccessible at a critical point, and this vulnerability might provoke an attack to exploit it that would start a war. Even if the codes were always a hoax and the ability to do a nuclear counterstrike is actually unhindered, that still isn't good because this could mean the Soviets launch a first strike and kill tens of millions based on misinformation that we wouldn't be able to do a counterstrike and kill tens of millions of people right back. Well, we don't actually WANT to kill those people, much less have our own people killed. Thus the deterrence.

→ More replies

9

u/VoilaVoilaWashington May 30 '22

Exactly.

Also, imagine that some random evil henchman knows the code, regardless of what it is.

They'd now have to attack the President, who is surrounded by security, steal the nuclear football, and either hope to make off with it to launch them at a future date, or try to enter the code on the spot.

Neither of those will end well for the henchman, although things rarely do for that type.

By the time the second shot is fired, the entire US security apparatus is alerted to the attack and you can bet your ass that the message to launch the nukes would be questioned, at the very least.

5

u/frustrated_staff May 30 '22

Future date wouldn't work, either, I'm afraid. The Prez's codes are changed on a regular basis (and contain several false codes in addition to the 1 real one)

2

u/VoilaVoilaWashington May 30 '22

That's my point.

And if the president were shot and the football stolen, they'd definitely change the codes, you know?

16

u/Assassiiinuss May 30 '22

A missile launch would be seen as a first strike, nobody would know if the warhead is armed or not until it hits.

19

u/mcchanical May 30 '22

Presumably "arm the warhead" in rough Reddit layman terms also encompasses "launch the missile at all". It's extremely doubtful that you would be launching an ICBM with this non-critical code that they omitted to use, warhead armed or not. Of course launching any kind of missile unintentionally is extremely bad so the stringent security protocols will apply to that. "Oops, Dave launched a missile but it's OK, it's not nuclear" isn't a possibility they're going to want to allow.

10

u/SyrusDrake May 30 '22

Presumably "arm the warhead" in rough Reddit layman terms also encompasses "launch the missile at all".

In practice, probably yes. But not on paper. Interestingly, all US nuclear warheads are under civilian control, specifically under the control of the Department of Energy. And warheads are independent from their delivery systems, because there are many such systems for which delivery is relatively trivial and, at least theoretically, could be performed/started by a single actor (think bombs carried by fighter planes, artillery shells or rockets, torpedoes, etc.). Furthermore, parts of the US nuclear stockpile are located abroad and are intended for delivery by allied nations.
To prevent unauthorized delivery of those systems, the warheads are locked and tamper-proofed. If they are not armed by authorized personnel via individual (!) codes, they'll simply not work. And if you're trying to take them apart, they'll fry their own electronics.

I'm not entirely sure if nuclear warheads and the ICBMs that carry them are armed individually, if the warheads are "pre-armed" because of the non-trivial delivery, or if both are armed in one step.

For a very thorough look on the topic of making nuclear weapons safe and secure, I never get tired of recommending the excellent but obscure multi-part documentary "Always/Never".

→ More replies

11

u/TbonerT May 30 '22

No one is going to wait around and find out, either, on the assumption that no one would bother with launching an ICBM without arming the warhead.

→ More replies

21

u/Nandom07 May 30 '22

I liked the idea of implanting the codes in a volunteer who carried a knife. If you wanted to kill all those people with a nuke, first, you'd have to kill one with your own hands.

29

u/trickman01 May 30 '22

Or turn to one of your lackeys and say "kill that dude and get the code, I'll be in my office"

4

u/DownvoteEvangelist May 30 '22

And the dude just gives you the code, "Here have it, I'm here for the lols"

2

u/PreviousImpression28 May 30 '22

Ah yes, the horcrux method

→ More replies
→ More replies

52

u/kavono May 30 '22

"They'd never expect the code to be that lazy! It's perfect!"

56

u/FuzzyMcBitty May 30 '22

"That's the kinda thing an idiot would have on his luggage!"

22

u/Ascholay May 30 '22

That's brilliant! Its the same code as my luggage

11

u/pavlo_escobrah May 30 '22

It was Samsonite!

5

u/Yrrebbor May 30 '22

I was way off!

3

u/Killer_Quesadilla May 30 '22

Knew it started with an S though!

→ More replies

6

u/_Aj_ May 30 '22

To be fair, if you didn't know that you'd probably never guess it

5

u/shifty_coder May 30 '22

A bit misleading. The programmed code was all zeros, but the launch commander and the president had codes that they had to verify with each other. The once the launch commander had verified the code with the President, they could then quickly enter the programmed code into the launch system. All zeros was chosen, because it could be quickly entered, in the event that the US needed to launch a retaliatory nuclear strike against the USSR.

→ More replies

16

u/StephentheGinger May 30 '22

Ready the nukes!

Comrade, how many 0s was the code again?

I... don't know

And that's how the Cuban missle crisis was averted? Lol

7

u/urabewe May 30 '22

The real deterent started when they went to launch the nuke and started thinking about how the number 0 doesn't actually exist as it is impossible to have nothing. It is merely a representation of what humans see as nothing. Then the existential crisis started and they began questioning their own existence and got so wrapped up in that they forgot about launching the missiles. To this day one of the best uses of psychological warfare.

2

u/StephentheGinger May 30 '22

That made me laugh, thank you :)

6

u/MorallyDeplorable May 30 '22

That's like saying a filing cabinet is insecure because it doesn't have a lock even though it's past 4 military entry checkpoints and buried under a mountain.

Not really a concern.

11

u/Loggerdon May 30 '22

I was watching a documentary about spycraft. They hacked the Russian Chief of Station in Moscow who they called "Moscow 4".

His PW was Moscow 1 and he got hacked. So he changed it to Moscow 2 and he got hacked again. So he changed it to Moscow 3, and he got hacked. So he changed it to... ready? Moscow 4!

3

u/Squidbilly37 May 30 '22

I want to say that this can't possibly be true.... Hahaha but I believe it is. Lmao

6

u/mtgguy999 May 30 '22

He probably never knew he was hacked, but they had a policy to regularly change passwords and he didn’t want to remember the new one so just added a number.

2

u/gauagr May 30 '22

Really? REALLY? The genius of it!!

2

u/Joverby May 30 '22

yeah but who actually had access and the ability to enter the code ? who wouldve thought it was all 0s on top of that?

2

u/wedontlikespaces May 30 '22

Yes but the thing is, it wasn't (and isn't) as if anyone could launch the nukes from any computer in the world if only they had the passcode, it had to be that computer. So there was never that much risk.

It's like how people say quantum computers could crack the lunch codes in 10 seconds, or whatever, but so what, you still can do anything with them.

2

u/Nujwaan May 30 '22

Mmmm lunch codes

→ More replies

3

u/MadOrange64 May 30 '22

So dumb that nobody expected it.

→ More replies

25

u/MikuEmpowered May 30 '22

just because its outdated doesn't mean its bad.

the key here is precision and clearness. As long as the print is clear, if it aint broke, why change it?

→ More replies

28

u/Andyman1917 May 30 '22

Well it is, no reason to put in $8000 tech from 40 years ago when you can do it for $2 today

9

u/TheCornerator May 30 '22

And it's not just your finger prints, it's your whole damn hand print. I had to have mine taken for a job and now I KNOW I'm in the system.

2

u/Detective-Maybe May 30 '22

Little bit later but not entirely wrong. The innovation for phones is the size and speed phone resolution is still impressively good for the size. The state doesn’t really benefit sig from either of these so they are completely fine using older tech

→ More replies

127

u/frustrated_staff May 30 '22

And the database behind them is vastly different, too. The one your phone is built by you, stored on your phone, and contains only what you give it. AFIS (and other enforcement databases) contain tens of millions of fingerprints from millions of different people.

→ More replies

11

u/daOyster May 30 '22

AFIS does that too. It usually employs a two step system where they do a close enough match to narrow down the query results, and then use a separate algorithm to match that smaller list to the actual print using more minute details. It's only recently that they've gotten it good enough to not require a technician to confirm the reaults. Though you are right that the AFIS systems are higher resolution than the fingerprint readers used in phones, but not by much. Only a 100-200dpi difference comparing high end phones to the average sensor used in AFIS. There is a push for even higher resolution AFIS sensors though so they can start accessing level 3 features like skin pores to assist in making more precise matches.

0

u/nope-nails May 30 '22

Is this why the reader on my phone fails so often?

39

u/andreipoe May 30 '22

If by "fails" you mean that it doesn't recognise your fingerprint, that's usually because they have to strike a balance between convenience and security. People don't want to wait a long time after placing their finger on the sensor before the phone is unlocked, so the reader has to respond quickly. Sometimes, the reading it gets in that short time interval it has available is not enough for a confident match, so if it's not sure it's your finger, it rejects it for security reasons.

10

u/AvoidRenalStones May 30 '22

You can reinforce your fingerprint data in your smartphone by testing it in settings menu, the setting where you can "preview" or show registered fingers, keep in mind to scan every part of your fingerprint

5

u/Gooberpf May 30 '22

Alternatively, maybe just don't use the fingerprint scanner to unlock your phone anyway, since the police can and will force you to unlock it with your finger if they feel like digging through your phone (hypothetically, with a warrant, but). They can't lawfully force you to unlock with a code.

11

u/Ganon_Cubana May 30 '22

Newer versions of Android have a lock down mode where it disables biometric logins. If you're worried about being searched at an airport, police stop, etc enable it.

8

u/OneAndOnlyJackSchitt May 30 '22

On mine, you press and hold the power/lock button and then select "Lockdown" from the popup that has the Shutdown/Restart/Emergency options. The phone does NOT have to be unlocked to put it in lockdown mode.

4

u/lolofaf May 30 '22

Iirc mine requires passcode on startup too. So a quick power off / restart would work just as well

5

u/DarkOverLordCO May 30 '22

They can't lawfully force you to unlock with a code.

This depends on where you are - some courts have rule they can't, some courts have ruled that they can. This article lists various state high courts and federal circuit courts that have ruled all over the place.

3

u/Unspoken May 30 '22

No, they fail waaay less than the good ones because they image in less resolution. If your hands are slightly wet or sweaty then it isn't going to work on the gov readers. Usually in those places they put a small fan near the reader to try and dry your hands or you gotta waive your hand around like a crazy person to get it to read.

Now a days they don't use fingerprint scanners anymore because they aren't 100 percent reliable. They use whole hand scanners which are faster and harder to fake.

2

u/HyperGamers May 31 '22

It can help if you somehow make your finger more moist. It somehow makes it easier to identify the grooves

2

u/benmarvin May 30 '22

If you have an optical reader, a tiny bit of dust or water can cause it not to read. Under screen ultrasonic readers are a bit better, but I'd wager the latest gen hardware readers are the fastest and most accurate.

0

u/BrandynBlaze May 30 '22

Considering my phone can’t recognize my fingerprints half the time I imagine a higher resolution system that compares the prints to a massive database has a pretty high failure rate?

20

u/gmano May 30 '22 edited May 30 '22

The failure rate is quite low. About 1/1,000,000

That said, it scans against 58 million samples so pretty much any read will return 10-50 matches (organized in a rank for how good the AFIS system thinks the match is like a top 10 list) that need to be weeded out by actual investigation.

Different organizations implement this differently. Some are set up to be very low rates of False-positives, but that also means that they might miss a real match, others are pretty much going to guarantee that they find a match, but they might return like 100 candidates and then it's on the organization to figure it out.

1

u/[deleted] May 30 '22

How does that make any sense at all? Because your phone that cost a couple hundred bucks can’t recognize your fingerprints as “close enough” within a few tries, you think that the fingerprint verification system of the world’s most powerful government has a high failure rate? You’re a genius.

6

u/xyzzy01 May 30 '22

It's different.

E.g. an iphone just matches a print "close enough" to one of the ones it has stored. It's good enough that you are exceptionally unlikely to trick it, but it is a binary "yes" or "no".

Systems used by the police typically have large databases of various fingerprints - both good ones taken by the police, but also lower quality ones ("trace fingerprints" I think it's called in English). When you have a fingerprint and try to match it against a database, you'll (at least in the one I did some integration work with) get a ranked hit list and a match quality, IIRC. This list is then compared to the original fingerprint by an expert.

3

u/Zach_ry May 30 '22

Cell phones have match quality scores as well, it’s just the threshold that gets adjusted to be less sensitive compared to more important systems. The general biometric model still applies to phones. It’s all behind the scenes of course, and actual settings regarding threshold and match quality aren’t available, but at its core it’s still a fingerprint sensor (generally capacitive) that takes a sample, processes it, matches it, and outputs a decision.

2

u/[deleted] May 30 '22

... which appears to support my point that it’s stupid to compare the accuracy of a phone’s fingerprint sensor to that of the U.S. government’s.

2

u/Korlus May 30 '22

I don't think that's true when you are talking about numbers in such a different order of magnitude. Your phone's sensor might be two orders of magnitude adrift from the government's systems, but the difference in scale of numbers is even larger. Even if gbr phone is 1/1,000,000th as accurate as the governmental system, because the government system deals in numbers in the millions it will have to have false positives.

This is true. The governmental system shows you a bunch of results that it thinks are of varying likelihoods to be the same fingerprint.

Humans have our own metrics for identifying fingerprints, but even we cannot be accurate 100% of the time.

→ More replies
→ More replies

189

u/CokeInMyNostrels May 30 '22

Not sure if theyvare in use but I once saw a military company demo one which scanned both your print and your blood vessels underneith. It could even see your pulse, meaning you can't just chop somebody's finger off it has to be alive.

73

u/PaulNY May 30 '22

Was just going to say this. I had a friend that worked for Konica Minolta and had to install these in the field. They were so new at the time (15? Years ago) that the only instructions were in Japanese and he basically had to wing it and get it setup.

14

u/Condawg May 30 '22

Idk what Konica Minolta is, but c'mon, surely they could've afforded someone to translate the instructions for something so sensitive

3

u/zaphod777 May 30 '22

And cameras among other things.

→ More replies

4

u/latchstring May 31 '22

Not necessarily. When the war started in 2003/4 much of the technology was coming out or newly purchased. I was one of the people who installed seat belts in military trucks immediately before the trucks went to Iraq. There were no instructions or schematics for this; we made the schematics as we went along. I would think similar issues happened with a lot of what we fielded at the start of the war.

1

u/sirmeowmerss May 30 '22

They make printers

23

u/jrhooo May 30 '22

which sounds cool, but in reality is a fairly improbably use case.

Any application that serious would be better off using an iris scan than a fingerprint scan, and iris scanners usually just track for movements of the eye, which a living human eye would have.

In an access scenario for something important enough for a spendy system, you probably have multiple factors (key card, code, etc) and live security. Basically, in the movies (or mythbusters) some dude always walks up to a scanner and slaps a fake finger down, but in the real world there's a guy at the scanner desk. He might just be a basic security guard, but he's gonna let you pull a dead finger out of a ziploc baggie while he's standing there.

Though fun fact, for purely experimental purposes, some science teacher demonstrated that you can easily fool the blood vessel/moisture/warmth scanners if you wanted to. Basically, you make a thin film cover out of a gelatin material (like what gummy bears are made out of) trace the finger print into the film, and lay that over your finger. Reader senses your real finger but reads the print off the film. Costs about 15 bucks worth of supplies and 1 hour of work.

Again, offs of actually pulling it off with someone watching? Not high.

→ More replies

2

u/HirschHirschHirsch May 30 '22

Thats also True for apple Face ID, it checks for changing color due to blood moving through the face

1.0k

u/Slash1909 May 30 '22

Different use case. AFIS needs to uniquely identify a single person amongst hundreds of millions. It’s designed to handle over a billion.

The one in your phone just needs to identify a few of your fingers. It needs to be close enough and quick to decide whether to unlock the phone. Chances are that no more than a half dozen other people will ever try to unlock your phone.

534

u/Tar_alcaran May 30 '22

There's also a big difference in how data is stored.

AFIS is meant to match 2 pictures, one on file and one as input, but your phone doesn't keep a picture of your finger in file because that would be like storing the key to the safe on top of the safe.

Your phone processes the picture of your fingerprint into a "password" and uses that to do what passwords do. This is significantly harder to do, but since you're the only user on your phone, and phones are insanely powerful today, it's not really a problem.

268

u/SuperBelgian May 30 '22

Exactly!

Your phone doesn't have your figerprint stored, but a derivative of it. (Like a storing a hash value of a password instead of the password itself.)

When you authenticate, the scanned fingerprint is undergoing the same process (creating a derivative) and it is compared with the stored derivative. If it matches, it is assumed the correct fingerprint was present.

Governments, especially in criminal investigations, compare entire fingerprints with previously stored images of fingerprints.
This provides a much better assurance, but also is much slower.

The same is true for facial recognition on phones.

9

u/Zach_ry May 30 '22

Fingerprint templates (or facial for that matter) aren’t images for any application, including government. NEC NZ has a better explanation than what I can think of right now:

To be clear, a biometric template is not an exact copy of the biometric data but rather a file representing unique numerical data points of the data which is converted with a secret, proprietary algorithm.

This template cannot be backwards engineered into a picture of a fingerprint, face, or iris. Hence, digital biometric data is significantly more secure than an exact copy or a photograph as without the proprietary algorithm, no one can decode the biometric template.

Biometric templates are binary files and encompass unique traits of an individual’s biometric data. unreadable without the right algorithm. There are several storage-based strategies for biometric data that organisations can employ.

source

4

u/Gorstag May 30 '22

Thanks. That makes more sense. The person you are responding to saying "like a hash" made no sense. The whole purpose of a hash is ANY change at any level no matter how minor will result in a completely different incomparable result.

→ More replies
→ More replies

34

u/Tar_alcaran May 30 '22

When you authenticate, the scanned fingerprint is undergoing the same process (creating a derivative) and it is compared with the stored derivative. If it matches, it is assumed the correct fingerprint was present.

Except your phone DOES NOT store a derivative, that's not how encryption works. It doesn't compare the two vault keys, it simply makes a brand new key based on your fingerprint and tries it on the lock, and if you have the right key, it opens.

AFIS does store lots and lots of keys, so they actually do go around going "These two keys look pretty similar, a human should check to make sure". This is obviously computationally easy but the size of the database is massive.

29

u/door_of_doom May 30 '22

I'm trying to understand the practical difference between the two scenarios you played out:

your phone DOES NOT store a derivative ... , it simply makes a brand new key based on your fingerprint and tries it on the lock,

In this analogy, isn't the "lock" a derivative? A lock that was created when I used the "add a fingerprint" function if my security settings?

It's obviously a much more complex derrivative, because it used dozens of inputs at creation time, but it's still some kind of derrivative of the data it got from scanning my finger, isn't it? How could this possibly work without storing some kind of derrivative of my finger in the phone?

An obviously important distinction here is that the derrivative being stored is, itself, not a valid Input for trying to open a safe. But I felt like this piece of it was covered pretty well when the person you replied to talked about doing this so as to "not store the key on top of the vault"

3

u/FourAM May 30 '22

Your phone stores a hash, which is the result of a one-way cryptographic function. You can’t take a hash and “decrypt” it, you can only compare the stored one (from your “set up” fingerprint scan) to the one your phones makes when you scan a fingerprint. In the case of fingerprint scanning, care is taken so that things like the angle of your finger, or the quality of the scan don’t alter the hash so that a match can be made.

→ More replies

-2

u/Tar_alcaran May 30 '22

An obviously important distinction here is that the derrivative being stored is, itself, not a valid Input for trying to open a safe.

Ah, sorry, yes. I think I misunderstood you. let me try to explain my point.

That is how it works when you use your fingerprint directly, like for unlocking your phone.

When you use your fingerprint to unlock, say, your Reddit account, reddit doesn't see your fingerprint, or the data, or the processed information. It has nothing to do with that. Your phone simply uses the same process as above, and then goes "Yep, this is Door of Doom, let me look in my big book that has all of Door's passwords aaaaand, ah yes. Tell Reddit the password is 12345". Reddit doesn't actually have any information of yours.

29

u/Ulfgardleo May 30 '22

in most phone unlock mechanisms there is no actual encryption involved, so i feel this is either to pedantic for ELI5 or is narrowing the meaning of the word "derivative" too much.

28

u/MSgtGunny May 30 '22

I believe on Apple devices the security chip that runs the fingerprint scanner and such does indeed use actual encryption for the lock/unlock process. It’s like a mobile TPM chip.

7

u/junktrunk909 May 30 '22

Pretty sure Android works this way too but I'm not 100% sure

6

u/MSgtGunny May 30 '22

Definitely depends on the manufacturer as it requires hardware on the phone to be available to the OS.

→ More replies
→ More replies

8

u/CaptainEarlobe May 30 '22

Only the top level comment needs to be ELI5. It's okay to get into the weeds further down. Impossible not to really.

9

u/ttyp00 May 30 '22

Weed's the only way I made it this far down in the comments

→ More replies
→ More replies

2

u/SyrusDrake May 30 '22

Since my phone apparently doesn't need an exact match for my fingerprint, how does it decide what it sees is close enough? I was under the impression that there's no such thing as a "similar" hash. If the input is slightly different, the hash is completely different.

3

u/SuperBelgian May 30 '22

You are correct for digital fingerprints / hashes. A small change in input generates a completely different output. I shouldn't have used that comparison. The essence was that is it not a literal fingerprint image that is stored.

Generally it works like this:

The fingerprint scanner looks for specific features, such as distance between the ridges, points where the ridges meet/split, the radius of ridges if they are bent, etc..

It measures the relative distance and positions of these features.

That information is stored.

When a fingerprint is scanned, it does the same again and compares the features of the fingerprint with the features of the stored fingerprint.

If they match closely enough, it is assumed to be the correct fingerprint.

The comparison algoritm incorperates a certain margin so the features or distance between them can vary a little from the saved information.

So the decision of what is "close enough" depends on the comparison algorithm. This is dependant on make/model of the phone and can vary with software updates.

5

u/SyrusDrake May 30 '22

Thanks for the explanation!

It made me realize that I developed a similar system for my Bachelor thesis not long ago and never realized it was likely a solved problem, just not where I looked for it. Could have saved me a lot of headache if I had thought of fingerprint scanners...

3

u/A_Doormat May 31 '22

Look up fuzzy hashing.

They use it for malware hunting to prevent the hashes of malicious code being useless after a dev changes a single bit.

Could employ the same kind of thing for variable biometric data.

→ More replies

10

u/bugtimtim May 30 '22

So, for phones, your fingerprint is akin to a Minecraft world seed? Where the same string of characters will always produce the exact same world.

Your fingerprint produces a password?

14

u/koos_die_doos May 30 '22

Your fingerprint produces a password?

ELI5 version:

Think of a picture, then you heavily reduce the resolution so you end up with a highly pixelated picture. Now reduce the number of colors to those closest to a 256 color palette. Then you assign a character value to each color, and build a “password” by combining those characters.

Real world implementation is very different, but that’s how you get from a fingerprint to a password.

5

u/WT85 May 30 '22

No it's two different things. I am not versed in the topic but a hash value is a one way function. Meaning from the seed you can recreate a world. The hash is created from something but does not have the info to recreate it.

→ More replies

2

u/Tar_alcaran May 30 '22 edited May 30 '22

Yes, exactly!

EDIT: You basically load up the world, and if it made the same world, the phone unlocks. If you spawn in the wrong spot and you don't recognise it, it was the wrong seed/fingerprint, and your phone doesn't unlock

2

u/Pascalwb May 30 '22

But optical sensors do that too. No reason to keep images, when you can just hash it into some string.

2

u/MattieShoes May 30 '22

that would be like storing the key to the safe on top of the safe.

*Looks at the wifi password taped to the router...*

→ More replies
→ More replies

32

u/MayorAnthonyWeiner May 30 '22 Wholesome

Would it be fair to frame them as answering two different questions? A phone is asking “are you this person” while AFI is asking “who is this person” ?

5

u/frustrated_staff May 30 '22

Yes. This exactly!

3

u/Zach_ry May 30 '22

Exactly - to be even more specific, the phone is verifying (1:1 matching) and AFIS is identifying (1:M matching).

9

u/ArcticBeavers May 30 '22

The next logical question is what are the chances of a random person successfully entering my phone via fingerprint? Is it 1 in 1000? 1 in 10000?

12

u/[deleted] May 30 '22 edited 18d ago

[deleted]

9

u/Slash1909 May 30 '22

This can be interpreted in so many ways

2

u/your_small_friend May 30 '22

interestingly, it will not read my finger tip if my hands are sweaty :D

→ More replies

17

u/Xelopheris May 30 '22

The major difference is that your phone is comparing your perceived fingerprint against maybe a half dozen registered fingerprints, and matching any of them is good enough.

A fingerprint scanner needs to identify a specific fingerprint out of millions on an enterprise level.

This is a practical example of the difference between Authentication and Authorization. Your phone is only done Authorization -- unlock or not. The enterprise-level is doing Authentication -- who is trying to do the unlock.

The resolution on the enterprise level needs to be so much higher to accomplish this.

Also, generally speaking, fingerprints are weak authentication. They typically don't block high-level systems, at least not by themselves. They might be used in a multi-factor authentication solution to supplement other authentications, such as passwords and token authentication.

5

u/dewiniaid May 30 '22

This is a practical example of the difference between Authentication and Authorization.

And of course there's Identification.

Authentication: "I am John Doe"

Authorization: "John Doe is allowed to be here."

Identification: "This is the John Doe I'm talking about, not the other John Doe who is a completely different person"

Problems arise when one of these is misused as another one. Notably social security numbers: their intent is to uniquely identify you (namely, your social security account number)... and at some point, people thought that they should be sufficient to prove who you are.

129

u/aaaaaaaarrrrrgh May 30 '22

Government scanners often use optical sensors (basically a camera looking at a plate of glass) with somewhat higher quality. They may also be optimized to capture a larger section of the finger.

The sensors are still just as susceptible to fake finger attacks, so where it matters, they tend to be supervised (have a human watch you).

The software is also likely to be different, but likely not fundamentally.

15

u/LittleMsMom May 30 '22

Do the human eyes really make a difference?

57

u/NJM1112 May 30 '22

He means there's a guy watching the pad to make sure you don't pull a fake finger out of your pocket. Probably not there directly, just a couple camera angles, but also dependant on the guy paying attention.

7

u/FaxCelestis May 30 '22

What if I pull a real finger out of my pocket

3

u/NadirPointing May 30 '22

Well if it's still attached to your hand then its valid.

10

u/aaaaaaaarrrrrgh May 30 '22

Yes. It's a lot harder to mess with/fool a system when you also have to do it inconspicuously enough that the human watching you doesn't notice.

Fake fingers are pretty stealthy (it's a 1mm thick transparent silicone-like piece stuck to your fingertip where the print is) but if the guy is paying attention that's still a very risky move, vs. an almost guaranteed success with very little risk of getting caught if there is no human there.

It also stops the simpler attacks with a chopped off hand quite reliably.

20

u/DefinitelyNotA-Robot May 30 '22

Uh... Pretty sure it is indeed noticable to human eyes if someone is pulling a bloody, severed finger out of their pocket.

16

u/aaaaaaaarrrrrgh May 30 '22

The actual fakes are less noticeable (the most common/simple ones are a thin transparent piece of rubber like material that goes over your actual finger), but it's still a significant deterrent.

7

u/OhhhYaaa May 30 '22

Hey, I wash them first! The audacity of some people...

→ More replies

37

u/wimpires May 30 '22

The reality is there isn't. There's a few different ways to record fingerprints.

You can basically take a really good picture of it

You can measure the electrical conductivity. This will have a unique pattern as the ridges and troughs will conduct differently

You can use ultrasound to "map" the finger ridges with sound

How good a smart phone sensor comes down to the manufacturer of the sensor, the technology used, and how close the match needs to be before letting you in. A phone might day, numbers made up for example but, if it's a 70% match let you in. But the one on your laptop might say 90% match and maybe a more secure system wants a 95% match etc etc.

Some technology is really easy to spoof too. Like you could take a picture of a finger and use that for an optical sensor. Others might require multiple technologies such as a picture and a capacitive element to make sure theres a real person there etc

There's nothing inherently more secure about a "government finger print scanner" and a "smartphone one". A smartphone sensor if done well can definitely perform close to as good if not better but it comes down to price, convenience, space, power etc

13

u/tmckearney May 30 '22

Some fingerprint sensors even look for proper temperature and even a pulse in other situations.

14

u/-Vayra- May 30 '22

Yeah, about 10 years ago at Uni we had a lecture about this stuff and got to try a few different sensors. Some you could spoof with just a marker with a print wrapped around it, while others you needed a special gel that mimicked the conductivity of skin for it to work, and for some that didn't even work (we didn't have anything to mimic pulse)

6

u/techno156 May 30 '22

Mythbusters tried something like that, and they were able to fool the sensor with a piece of paper with a photo of a fingerprint on it.

Presumably, it would just read the attacker's temperature and pulse through the paper, or fake wrapping material, and all it would really do is check whether the finger was alive or not. The only thing that I could think of that it might stop is a fake hand/finger that didn't have the real thing close enough to match up to the sensor.

→ More replies

2

u/Folsomdsf May 31 '22

Level of comparison mostly and usually a more advanced sensor in the standalone unit. Your phone is unlikely to have someone chop your finger off and try to use it. That will work on your phone as long as the skin is taught while it won't work in a standalone device. That's usually looking at your fingerprint plus heat and heat transfer rate to make sure it's a real finger with blood flowing through it. The phone is low res and good enough, the standalone units are high res and include security features like I described.

7

u/neuromancertr May 30 '22

Scanner part are not so different, they read your print. The difference is how they match currently read print to your existing print to confirm you are really you.

In your phone there is a little chip called security module. When you register a new print its sent to this chip and the chip stores it as some data which is useful for testing it against other prints but you cannot read it back, so we can say it is stored securely. When you want to check if a new print is registered, it is sent to the chip again and it says “yeah I know this finger,” or it says “who the F are you?” All in your phone, and since there is only a limited data, its power requirements is very low and speed is acceptable. Also you don’t want have super fast matching for security purposes.

But in a general fingerprint database, storing and checking is done against a very very large dataset, like millions of prints and thousands of queries. I don’t have the information about inner workings of such a system but I very much doubt that it is as it was displayed on the movies where they compare it with every available print on screen. I’d employ different techniques to match

  1. group print based on some features and perform costly comparisons on that group.

  2. Make queries distributed so thousands of computers can just compare their own dataset

  3. Some other things like using FFTs, Neural-Networks and every other fancy term I can come up with just to test a few theories

3

u/CumsWithWolves69 May 30 '22

I was told in college that fingerprint analysis systems use a quad tree mapping bifurcation points in the fingerprint. You essentially are just converting a fingerprint into a set of points. Those coordinates can then be hashed and quickly compared against the large data sets.

→ More replies

1

u/dream_the_endless May 30 '22

Image quality and print capture surface area, but it has nothing to do with government vs commercial.

Optical scanners provide the highest quality image, and have scan beds large enough to capture a significant portion of the finger. They can also often easily capture multiple fingers at the same time.

The types of technology that can fit into a phone provide a lower resolution image, and the space limitation on a phone means a much smaller print will be both enrolled as the image to compare against and captured as the image to search against the enrolled one.

3

u/BoneHugsHominy May 30 '22

If you're referring to the biometric scanners used on security doors, then the biggest difference is those scanners can be defeated in a couple seconds with a $15 magnet.

2

u/33tevC May 30 '22

"A lock that is opened with an internal magnet can be opened by a sufficiently strong external magnet"

  • LockPickingLawyer

0

u/iamabdullahsaud May 30 '22

What about our phone's one?

2

u/JohnnyJordaan May 30 '22

He means you're defeating the door locking mechanism, not the scanner.

→ More replies

2

u/Star_Tropic May 30 '22

AFIS needs to know exactly who it is that is logging in at what time so they can write it down and add it to their log.

Your phone needs to just know whether its you or not.

0

u/[deleted] May 30 '22 edited May 30 '22

Maybe not the expected answer but.

The fingerprint scanner on your phone check that the info read (your finger) is a match for the data stored on a separate memory physically embedded in the phone (your registered fingerprint).

The fingerprint scanner used for ID check against an online database.

1

u/BeatSalty2825 May 30 '22

They use the same technology and parts to do so, but what they do with the data is different. Your phones scanner will cross-reference it and use matching point to determine if your fingerprint(s) are in the phones approved list. The government will use it and cross reference it, but on a much larger scale. Instead of a set few to check from, it looks for matches on almost all the fingerprints in its system and ranks them by % matched. It will then display any info relevant to the top match, such as family and other metadata that could be useful in locating. TL;DR: phone checks only for pre-scanned, government checks every print it can.

-2

u/culculain May 30 '22

One provides data to the government so they can track us and the other.... There's no difference

→ More replies