There seems to be this perception that fingerprints either match or don’t match. That’s because their use started before the widespread development of 20th-century statistical techniques. In reality, they can only match more or less on a sliding scale of probabilities, just like DNA.
I like Bruce Schneier’s summary: there are 3 kinds of authentication factors you can use.
* Something you know (e.g. a password) * Something you have (a physical key, or a device like a YubiKey, or even your mobile phone) * Something you are (biometrics, including fingerprints, iris prints etc)
Two-factor authentication is based on using two different kinds of factors together.
Simply using biometrics is not very safe. Even pop culture shows that, as there are plenty of movies where body parts were "borrowed" to get into secure facilities... Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/