Tweet
All --
I've been evaluating several physical security solutions involving biometric security methods. In doing this, I've been looking at using geometric hand scanning and a PIN code to help secure physical access to a location.
for those that haven't heard of this technology, it uses a camera and mirrors to take a snapsnot of the hand that can analyze up to 31,000 points and 90 individual measurements. It then creates a "template" that is used in conjunction with a PIN to validate a hand. The verification process takes less than a second.
I've worked with several other biometric solutions (fingerprints, retina scanning) in the past, but was disappointed at how easy they were to defeat and how much work went into setting up and managing the system.
This solution seems quite different from others I've seen.
It takes almost no time to complete an enrollment. Other systems I've used can take up to five minutes to get someone set up correctly. Storage on many biometrics systems have been an issue. This system actually compresses its scanned record to just 9 bytes. It also flexes the scan template to deal with issues one might have with their hand like swelling, jewelry, and soft tissue injuries.
Has anyone ever implemented a system like this in an environment they've maintained? This particular system is made by Ingersol-Rand and is marketed under the "Handkey" brand.
We're currently taking the unit through its paces and I'm thinking of any way I can to spoof the system. Has anyone developed a solid process for evaluating this type of security? Any ideas on protocols for beating this type of security?
We threw a lot of crazy ideas out like creating latex, wax, and even Play Dough casts to try and replecate a hand's weight, size, and dimensions.
Any suggestions or input is appreciated!
I've been evaluating several physical security solutions involving biometric security methods. In doing this, I've been looking at using geometric hand scanning and a PIN code to help secure physical access to a location.
for those that haven't heard of this technology, it uses a camera and mirrors to take a snapsnot of the hand that can analyze up to 31,000 points and 90 individual measurements. It then creates a "template" that is used in conjunction with a PIN to validate a hand. The verification process takes less than a second.
I've worked with several other biometric solutions (fingerprints, retina scanning) in the past, but was disappointed at how easy they were to defeat and how much work went into setting up and managing the system.
This solution seems quite different from others I've seen.
It takes almost no time to complete an enrollment. Other systems I've used can take up to five minutes to get someone set up correctly. Storage on many biometrics systems have been an issue. This system actually compresses its scanned record to just 9 bytes. It also flexes the scan template to deal with issues one might have with their hand like swelling, jewelry, and soft tissue injuries.
Has anyone ever implemented a system like this in an environment they've maintained? This particular system is made by Ingersol-Rand and is marketed under the "Handkey" brand.
We're currently taking the unit through its paces and I'm thinking of any way I can to spoof the system. Has anyone developed a solid process for evaluating this type of security? Any ideas on protocols for beating this type of security?
We threw a lot of crazy ideas out like creating latex, wax, and even Play Dough casts to try and replecate a hand's weight, size, and dimensions.
Any suggestions or input is appreciated!
![[Syntax]](./core/customavatars/thumbs/avatar2542_1.gif "[Syntax]"){kind=avatar}
Comment