this post was submitted on 22 Mar 2024
66 points (98.5% liked)

Europe

8324 readers
1 users here now

News/Interesting Stories/Beautiful Pictures from Europe 🇪🇺

(Current banner: Thunder mountain, Germany, 🇩🇪 ) Feel free to post submissions for banner pictures

Rules

(This list is obviously incomplete, but it will get expanded when necessary)

  1. Be nice to each other (e.g. No direct insults against each other);
  2. No racism, antisemitism, dehumanisation of minorities or glorification of National Socialism allowed;
  3. No posts linking to mis-information funded by foreign states or billionaires.

Also check out [email protected]

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 18 points 8 months ago* (last edited 8 months ago) (1 children)

A "database of fingerprints" would only contain checksums. They can be used to verify the result of a reading but not to get the whole print.

Most of the time they don't even contain that. The primary checksum is stored only on the ID, which outputs a secondary one, which is matched against a verification checksum produced independently by a reader.

The national database doesn't need any of those, it holds the person ID numbers and their civil status and stuff like that not how they are verified.

[–] [email protected] 1 points 7 months ago (1 children)

A “database of fingerprints” would only contain checksums

that's the case for fingerprint readers in phones/laptops

But does that also apply to prints collected for government ID cards?

[–] [email protected] 1 points 7 months ago* (last edited 7 months ago)

But does that also apply to prints collected for government ID cards?

Most probably, for several reasons:

  1. If the government or a goverment organization wants to fake the fact you've presented your fingerprints somewhere they can just fake the results of the checkup itself. And if they're up to this level of fuckery it's probably a short distance to where they just imprison or kill you, so having your prints faked is the least of your problems.
  2. If the goverment is well-meaning they don't want to store fingerprints because they're not needed and they'd just be storing highly sensitive personal information that, if ever breached, could be used for all kinds of shenanigans. The best way to protect data is to not have it in the first place.
  3. The goal of these systems is to log and attest the checks, not the fingerprints. They document the fact that at a certain time and location the checksums for a set of biometrics did or did not match some reference checksums. They don't care what those biometrics mean, or what the result of the check being passed or failed means, or what the actual biometrics are (we're talking about fingerprints here but there's lots of biometrics that can be used).
  4. Storing actual biometrics would take a lot more space and add complexity. The checksums are much smaller and simpler.