Design Article
Cell Phone Security at Our Fingertips
Art Stewart
12/2/2004 12:00 AM EST
Fingerprint identification once was exclusively the domain of law enforcement and government agencies. Fingerprints could be used to identify criminals by matching their prints against a large national database. Governmental organizations with highly confidential premises and hefty budgets were attracted to biometric security options and could afford to implement them. Large, unwieldy and prohibitively expensive, the fingerprint sensor was not a feasible security option for typical consumer electronic devices sold at retail outlets. Since the turn of the millennium, however, the technology has made significant advances and is well on its way to becoming as widespread as wireless networks, MP3s and handhelds—none of which were widely recognized as recently as a decade ago.
Today, numerous models of desktop, notebook and Tablet PCs as well as peripheral products in the U.S. market are available with biometric security options at major retailers such as Circuit City and Best Buy. They come from top manufacturers such as Fujitsu Computer, Samsung, Motion Computing, Memory Experts and APC. In the gadget-friendly Asian market, biometrically enabled devices are even more popular. Cell phones on the NTT DoCoMo network in Japan and manufacturers like LG are equipping their phones with fingerprint sensors for security and convenient navigation.
In past decades, fingerprint sensors had to be large enough to capture the entire print surface in order to be effective in identifying the print's owner. That is no longer the case. Sensor size has dropped from that of a silver dollar to less than that of a pencil point. Improved technology that can accurately identify a user with a partial fingerprint rendered the large sensors of the past unnecessary. Furthermore, the latest slide sensors are even smaller and more cost-effective. These new high resolution slide sensors provide a high degree of detail and capture a relatively large area of the finger by scanning as the user slides a finger across the sensor surface.
An example is AuthenTec's EntréPad family of slide sensors which use mixed signal analog technology for a sensor array configured in a matrix of individual receive channels. The sensor is organized in a 192 x 16 element array with separate individual receive channels that can be quickly scanned. During image collection, the 192 wide columns are powered up and the signals from each of the 16 pixels are sampled, digitized and returned to the host processor over the selected interface sequentially. This technique allows for a smaller sized sensor.
Figure 1: AuthenTec's EntréPad AES2510 sensor is optimized for wireless applications using either Synchronous Serial or 8-bit parallel Interfaces. The AES2510 allows for convenient operation with either a Crystal, a low cost resonator, or with externally supplied clock input. (Source: AuthenTec) |
Small silicon die size drives sensor costs down, but equally important to the product designer is the total cost of designing this feature into their solution. Slide sensors can provide multiple data interface options, including USB, Synchronous Serial and 8-bit parallel. These types of integrated product features, as well as multiple clock alternatives, allow the designer to integrate with a minimum of extra components needed on the printed circuit board.
Highly robust security architecture protects interfaces associated with each hardware and software component. Template encryption, code signing, and run time authentication are some of the many built-in security techniques that all combine to make this architecture highly resistant to spoofing. AuthenTec provides drivers that are composed of library components such as the matcher and control code as well as platform specific code. The drivers are already ported to most of the popular operating systems shipping in volume commercial products today, including Windows, WinCE, Symbian, Linux and Qualcomm REX / BREW, as well as lower level operating systems, such as uITRON and Nucleus.
Take the modern cell phone for example. The cell phone is evolving into a "smarter" phone with advanced wireless capabilities and has brought the importance of securing these devices to the top of the manufacturer's priority list. Contact lists, personal data files and imagery from high resolution cameras all need what is called Client Side Protection. Connection to high speed data services adds more personal information to the phone, and now with access to company networks, advancements on the security front is critical. The need for too many passwords and challenging user interfaces has opened the door to "simply swipe your finger" security, a convenient alternative which is growing in popularity among users.
Another application for these sensors comes from the world of finance. M-payment, or mobile banking, is now emerging in Japan and Korea. NTT DoCoMo subscribers are currently able to make purchases with their cell phones and slide sensors protect access to this feature. In Korea, the AuthenTec EntréPad slide sensor is protecting access to users' online accounts for mobile banking. Monetary transactions are executed by the phone and the phone migrates to an e-wallet capability, increasing the importance of convenience-based security.
The master-mode SPI interface and navigation-packet timing technology introduced by such sensors eliminates a majority of host-processor intervention for image capture and navigation, and at less cost than competitive products, because it requires no companion-chip. The sensor requires only a half-second for authentication, whereas older technology interrupts other time critical processes as it communicates with the host.
Japan's NTT DoCoMo network may provide the most convincing substantiation of the increasing popularity of biometrically enabled wireless devices. In total, Japan has 78 million cell phone subscribers and AuthenTec's biometrically-enabled cell phones have a 4% market share—impressive for a new, emerging technology. This market share is so impressive that Korean provider LG Telecom took notice and introduced its first biometrically enabled phone to that market in September.
Furthermore, the demand by cell phone users for increased services and features will continue to influence manufacturers to seek out new additions that can increase the value of the phones—without resulting in a hefty increase in manufacturing costs.
The migration of cell phone based biometrics is following the roll out of advanced carrier services. NTT DoCoMo's roll out of their 3G network capability years ago and strategic vision of the phone migrating to an e-Wallet capability made it the natural choice to incorporate convenience based security. In Korea, where data services are extremely popular, fingerprint based security has also become a mainstream feature. High speed data services and advanced features result in a higher value attached to convenience based security, and OEMs are viewing the fingerprint sensor feature as a means of differentiating their phones on the marketplace. In China, both the popularity of Smart Phones and the roll out of their 3G infrastructure, make it the logical next beachhead for cell phone based biometrics in 2005. Although we are already seeing PC based biometrics surface in Europe and the U.S. today, wireless platforms will likely follow the roll out of advanced carrier applications as they make their way around the globe in the latter half of 2005.
|
|
|
|
|
