Can Time Clock Fingerprint data be used for criminal purposes?

AlphaBiz Solutions
11 July, 2017

We get a lot of questions from businesses regarding how the FingerTec bio-metrics technology works and today I have picked out one specific question that I will address. It’s great to get these types of questions to do a write-up about, so keep them coming. In this blog post I will be covering the FingerTec’s bio-metric security specifically how the biometric data is captured and the security it gives your employees.

Let me start with a small history lesson, biometric security has been around a long time, it’s not a new concept to use your face, fingerprint or iris as a means of authentication. The word biometrics comes from the Greek language. The first part ‘bio’ is ‘life’ and ‘metrics’ is ‘to measure’. On the other hand, we use the same skill in everyday life. Humans have an already built-in facial recognition system, that’s how we recognize each other, otherwise, it would be the first date every time. The last 20 years, however, technology has really jumped forward in both lower cost and better performance, but in fact, it was 1936 when the first semi-automated facial recognition system was created.

Enough history, for now, let’s skip to today, our question is “Can the fingerprint data be used for other criminal purposes like identity theft?”

I get this question often particularly when demonstrating the unit, and still, there is a lot of skepticisms, and the quick answer to breaking the anticipation is no, it cannot be used for criminal purposes. Let me explain this further, first of all, the connection between the terminal and your PC is secured with proprietary software, no one but FingerTec has the source code to decipher what’s inside the software and device, and even then it’s not usable outside the FingerTec system.  Obviously, you can export general data like time & attendance transactions but not the biometric data.

So how is this possible let’s take the fingerprint feature for example, while it shows you a scanned visual representation of your fingerprint it does not store a picture, nor does it use the picture to authenticate. It uses a patented algorithm called Fingerprint Bridge VX10.0, And it works by having the CPU calculate the scan, as your place your finger on the scanner, through an encrypted algorithm which translates the ‘live scan’ to a VX10.0 string of data (the data is just ones and zeros eg. 0101101110110101), there is no image. It then validates against the stored VX10.0 string and if it matches it clocks you in, all this in less than a second and completely encrypted.

The device never shows what data it has stored, it only lets you know that it has you in the database, so my suggestion is to refrain from watching too much CSI and Mission Impossible and understand this technology only improves the efficiency in your business by eliminating buddy-punching, reduce tardiness and streamline the timesheet entry to payroll and/or jobs. FingerTec’s fingerprint system has been encrypted and engineered to not just protect the data it holds but make it completely useless to those pesky criminals. Making it suitable for a hassle-free time attendance or a means to allow access to a building or secure rooms.