Fingerprint System-issues re legality&privacy

rolion

Hi,

Looking for some advice from you...working as a third party on a project related to a system that does attendance in a school,via fingerprint technology.

While i'm happy with the technical requirements,what i shall consider regarding database information of all the users enrolled on the system ?
Things like:who holds the database,who has access, what encryption system, what /where storage location, logging and accountability and so on...

Any one in the same field ??

Thanks in advance...

Sparks

Moved to Security from S&S...

FSL

I personally would strongly oppose such a system. There is far too much invasion of privacy already.

Most so called democratic governments hold more personal information on its citizens lives than the Stasi could have dreamed of,

rolion

thanks to all ...
but let's say that the information is held in to a database,on a server,in a encrypted format.not sure about it,i have to ask the solution supplier for more information.

can this database be hacked and info stolen ?

how can i "manage" who and how have access to information ? i mean,from a third party poit of view,i have to trust the supplier of the solution...

what if the info stored has no link to physical student ?

can these info be presented to other parties involved in the running of the school ie Garda or parents or ...dunno who else ?

tia

Sparks

Is this storing a database of fingerprint images (dodgy, bad idea) or is the sensor breaking the fingerprint down to some collection of detected-in-the-image artifacts represented in a way that can be one-way encrypted and checked the same way as any other password? (not so dodgy, but still insecure since pretty much every fingerprint scanner out there can be beaten with little more than gummi bears).

rolion

the main issue that i can see it here...

The scanners are located around the building processing the students finger,convert it to some student = IDs = data.
Then,this info is passed in to another module that is part of the main software application for student management,results,tests and so on...

So the privacy issue is coming from collecting data,storing data or passing over to another application for further processing ?

Quite complex and peculiar...thinking what if my kids at school have to go through a simillar system,will i'm going to be happy !??
So,from all angles...student,teacher,parents,supplier,third party ... i need to look in to all these angles to see what + /- i can see it.

the_syco

rolion wrote: »

can this database be hacked and info stolen ?

Is the database turned off, and locked in a sealed concrete bunker? Maybe.

If the server will be in a school, the security may be lax in the evenings. 3rd party may be good, as it'd mean that the info would be in a secure server off-site, but would mean that it'd be connected to the internet somehow.

If it was in the school, I'd say you could have it completely offline, with all dumb pads connected to a server in a safe. Runs the risk of if the safe goes missing, you loose all, but meh.

I'd wonder how much 300 fingerprints linked to names would be worth to an ID thief?

Mr. Presentable

OP, I presume you are concerned that the actual fingerprint is recorded and stored. This would not be normal.

Normally you store encrypted numerical values derived from fingerprints and not the actual image (each time a fingerprint is scanned a numerical value is created and compared to the original).

The scanner makes a number of measurements across the finger - width of whorl, distance between loops etc, and generates a number based on this information. This is what is stored. You couldn't reverse engineer a fingerprint from it because there is insufficient data - which is why it is possible, though very rarely so, to fool the scanner with a fake print.

Sparks

the_syco wrote: »

I'd wonder how much 300 fingerprints linked to names would be worth to an ID thief?

Approximately nothing if the fingerprint scanner isn't dumb, but translates the images to a series of artifacts which are then run through one-way encryption in order to get the token that gets sent out of the fingerprint scanner for comparison to a set of tokens in a database store somewhere. Which is how most scanners work.

Sparks

Mr. Presentable wrote: »

it is possible, though very rarely so, to fool the scanner with a fake print.

I'd say that "rarely" wouldn't really apply here - defeating fingerprint scanners with ridiculously simple techniques and equipment is now a well-documented task. It might not be done very often, but it is quite easy to do.

rolion

ok,that is the email sent over to supplier:

Q1.Please advise if system needs a dedicated hardware platform, due to software and security requirements;

Q2.Confirm the fingerprint readers will be installed across the school and it needs a Ethernet connection and static IP addresses associated to their mac address with no internet access required;

Q3.the database is stored in a SQL database. Please elaborate the “security template” as I wasn’t able to understand it properly…

Q4.the scanned information is stored on the fingerprint reader and can be backed –up after enrolment as a backup strategy, once every few weeks. The resulting flat file needs to be encrypted and stored in a secure media/location;

Q5.please confirm that your company is aware of all the Data Protection standards and the proposed solution incorporate all these requirements in to a default or customized installed solution (customized after or during installation);

Q6.please confirm who has access to information resulted at enrolment and after every scan/read, with the exception of the AD user that needs full access to SQL database and is properly secured in AD directory;

Q7.please confirm if and how a third party can get access to data and if can be “reverse-engineered” to create a link between the “binary data” and the physical individual;

Q8.Please confirm that LTD have fully accepted the solution and being aware of it, supporting without any reserves the current system;

Q9.Please confirm maintenance charges and how you plan to support the system;

Q10.Please confirm what kind of local ‘internal’ support and training will be given to staff, teachers and/or students;

Q11.Please let me have a previous school/site/reference that I can approach if I need further information from the end-user perspective/experience;

Q12.If our school is going to be used as a “pilot scheme”, used as a reference for further potential customers, can we discuss about a discount on final price for the solution;

Q13.On the quotation, please detail me:
-clockwise-school student time & attendance @ €xxxx.What exactly …hardware or software that covers ?

-standard configuration is ok, what other charges will be attracted if additional customisation will be requested or for unplanned issues.

-how many days of training are proposed by you?

-what exactly LTD annual fee covers and who pays it ?

-please confirm who has to install the Ethernet cables across the school and what type of network connection the reader requires.

-please confirm hardware warranty for the readers ,the manufacturer lifetime expectancy of the unit MTBF (per hours or per readings/scans) and any additional charges for extended warranty or for replacement once out of warranty. Also, replacement time and availability of the units in case of hardware failure.

-regarding the maintenance, please confirm response time, method of approaching the reported issue by end user/teacher and “minimum rates” figures.

Mr. G

Might be better to use ID/Scan cards which might work out better data protection wise.