While discussing testing biometrics (fingerprint scanners) for single factor authentication, one of the sales reps indicated his device encrypted the fingerprint (scan) prior to sending to the computer via a usb connection. I was wondering if this sounds true as the scanner would need additional hardware "buit in" to accomplish this. The second question is can a usb keystroke logger be used to capture the scan and play it back (man in the middle analogy)? I have researched the questions but not found any solid answers....
July 22, 2005 12:29 PM
July 22, 2005 3:46 PM