A new fingerprint scanning biometric authentication system that developers say could eradicate cybercrime has been unveiled.
Following eight years of development, Dutch firm Primary-Net revealed its Biocryptology technology at an event at the Science Museum in London today, which chairman Klaas Zwart claims could allow people to “travel the world with empty pockets” by replacing passports, credit cards and cash.
The firm claims that as the system encrypts and decrypts users’ biometric information on hardware devices only there is no threat from malware and anti-tamper mechanisms protect the system from reverse engineering.
Finger-print scanners on the devices used to capture biometric data also feature several life-detection systems, such as infrared to detect oxygen in the blood, to ensure a severed or artificial copy of a finger is not used.
Zwaart likened the system, which is covered by 10 separate patents, to the technological equivalent of a total cure for cancer claiming that the firm’s product made it impossible to forge someone’s identity.
“We believe this is the most revolutionary security measure since the invention of the internet,” he said. “This system will put a total stop to identity fraud and identity theft thereby vastly decreasing cybercrime.”
The technology is already undergoing a trial in Rapid City, USA, in the Nexus SmartPay biometric payment system, which allows registered users to identify themselves and authorise transactions by inserting their finger into a scanner on a payment terminal unit.
The firm also unveiled the Primary Pass, a mouse-sized device that connects to a computer via USB that can be used to encrypt data or carry out encrypted transactions or file transfers over the Internet. Each device is unique to an individual user, so unlike Nexus it cannot be used by multiple users.
And according to head of R&D Nicolas Antequera the encryption system used to transport information is virtually uncrackable.
“Technically speaking I don’t like to speak about 100 per cent of security,” he said. “But in this case our security is close to 100 per cent.”
Biometric information is transformed into a set of numbers by an algorithm, with each byte of information converted using a different key from a total of more than 8,000 keys stored in a chip on the device.
The encrypted code is then transmitted to one of the firm’s three data centres, located in north and south Europe and South America, which verifies that the person operating the biometric reader device is the same person that has enrolled previously with the same credentials.
According to Antequera, even if someone manages to break into the encrypted data centre, while they will be able to access a list of keys used by each device, they will be unable to determine the sequence in which they were used making it impossible to decode the biometric data.
And even if a hacker did manage to get hold of information held for identification, the firm only holds clients’ name, date of birth, nationality and sex, which Zwart claims would be of little use to anyone attempting to carry out a cyber crime.
While the Nexus payment system is already under trial, the Primary Pass has yet to be tested in a commercial situation.
Zwart stressed that the technology is only an authentication platform so needs to be run in conjunction with a third party, but he believes the system has countless applications including payment systems, benefits distribution, network access, airport security, public transport and law enforcement.