On Monday 14 May 2012 22:33:01 justin joseph wrote: > HI > > Are there any laws in India regarding private entities (example: > clubs, companies..) collecting fingerprint data for access control/ > identification. Any research material available on the security > issues raised by this practise in India.
None for private companies. > > I am observing small companies employing mostly semi skilled work > force and some clubs using fingerprint based scanners. Soon the > Chinese manufactures will have all our fingerprints. Does not matter. As long as you dont apply for UID / pancard / whatever at the same time as you registered with the access control system. Fingerprints change within 3 months for many. And within a year for almost everybody. So ironically, the real person wont be able to auth after a few months, but a spoofed finger (using gummy fingers) or template injection will work forever. The fakes work better than the original. > > thank you > justin > _______________________________________________ > network mailing list > [email protected] > http://lists.fosscom.in/listinfo.cgi/network-fosscom.in -- Rgds JTD _______________________________________________ network mailing list [email protected] http://lists.fosscom.in/listinfo.cgi/network-fosscom.in
