Undergraduate’s Research Transforms Fingerprinting Technology
Lauren Henderson ’19 CpE
Who: Lauren Henderson ’19 CpE
STEM Inspiration: According to a 2018 survey published by the Geena Davis Institute on Gender in Media, Gillian Anderson—Dr. Dana Scully on “The X-Files”—inspired real-life girls and women to pursue careers in STEM. Henderson can relate. Her inspiration to pursue a degree in computer engineering was Abby Sciuto, a forensic scientist on the CBS program “NCIS.” “I was particularly interested in her digital forensics expertise,” says Lauren.
Invention: A two-factor fingerprinting device
- A freshman year cybersecurity project prompted Henderson's interest in fingerprinting. “We learned about the threats related to this widely accepted method of security and identification,” she explains.
- Her background research found that in 2015, for example, in a security breach of the Office of Personnel Management, cybercriminals stole 5.6 million individuals’ sensitive fingerprinting information.
- “Because we are not able to change our fingerprints, it is extremely difficult to reestablish confidence in a true identity after having information stolen,” Lauren says.
- Fingerprints can be reconstructed using readily available 2-D or even 3-D printers.
- Also, because fingerprints are physical and not mental like a password or pin, in extreme cases, victims can be purposely incapacitated or even killed in order to subject their fingerprints to usage or removal.
- Current fingerprinting devices do little to bar security breaches because they are single-factor, meaning that the fingerprint is the only thing required as proof of identity.
The proposed solution: Combine high precision fingerprinting devices with a second form of security, significantly reducing the likelihood of a breach. “Two-factor authorization significantly reduces the likelihood of cyberattacks because obtaining a single factor like a fingerprint would be insufficient to break into a system; you would need both security factors,” Lauren explains.
The challenge: Identifying a single second verification method that would meet a set of criteria:
- Cannot be extracted through manipulation or coercion
- Provides precision equivalent to fingerprinting sensors
- Thwarts potential security breaches using fabricated fingerprints
- Detects when someone is incapacitated
Solved: After researching and discarding the possibility of integrating a keyboard, a humidity sensor or a temperature sensor, Lauren’s conclusive solution was found in an LED pulse oximeter for detecting heart rate and oxygen saturation in the blood.
- Fake or removed fingerprints would be rejected because they have neither blood flow nor pulse.
- Additionally, research has shown a correlation between stress, adrenaline and blood oxygen levels. If heart rate and saturation levels are too low, it may suggest that someone is unconscious, whereas high heart rate and saturation levels may signal a person under duress.
- Blood oxygen levels cannot be fabricated or extracted so integrating an LED pulse oximeter would resolve most security obstacles threatening the success of fingerprinting as an authentication technology.
Next steps: Having addressed issues of software compatibility between the two factors, Lauren sees opportunities to extend her work into existing devices. Many smartphones, for example, already are equipped with fingerprinting sensors and LED pulse oximeters; her algorithms could be integrated to improve their security. “This project is just the start to a whole field of research, one that is increasingly being called upon as technologies grow and breaches in security and cyberattacks become more frequent.”
Today, Lauren is a program manager with Microsoft.