Mikko Kiviharju’s Black Hat session

Mikko gave his Black Hat Europe presentation about the security issues with Microsoft/DigitalPersona’s fingerprint readers recently, which seems to have been a success.

It has gained media attention, with a few reports floating around in addition to the one I linked to recently. itnews.com.au has one of the better ones, including comments from Digital Persona. At least Mikko found one way to get through to them :)

Mikko’s slides are online here and it looks like audio will be published soon on this page. Mikko explains the lack of encryption and references the dpfp project in a few places for some of the discoveries. He also explains some of the device optics and demonstrates how the lack of encryption can be exploited to allow finger replay attacks.

Leave a Reply

You must be logged in to post a comment.