Skip to Content Skip to footer
Welcome to the Kensington site. We've directed you here based on your current location.

Suggestions

  • No Suggestions

Site Pages

Chevron Icon

Security at your Fingertips

Fingerprint scanners come in flexible designs, are easy to enroll and deploy, and require little or no maintenance.

Kensington VeriMark™ Setup Guides

 

Verimark™ FAQs

  • 1. Biometric acronyms used:
  • 2. What is Match-on-Host?
  • 3. What is Match-in-Sensor?
  • 4. How does our biometric fingerprint reader work?
  • 5. Why is a biometric fingerprint reader useful?
  • 6. Reasons to consider biometric fingerprint authentication:
  • 7. Can I let multiple users sign in to one Windows account and register different fingerprints?
  • 8. What happens if I lose my VeriMark™ Fingerprint Key? Can anyone steal my fingerprint data from it?
  • 9. What is FIDO?
  • 10. Which browsers support the FIDO framework?
  • 11. What is the difference between FIDO and FIDO2?
  • 12. What is the difference between Windows Hello and Windows Hello for Business?
  • 13. What technology is used to secure my biometric information?
  • 14. What’s the difference between Kensington’s Biometric Solutions?
1. Biometric acronyms used: Chevron Icon
  • 2FA: Two-Factor Authentication
  • AD: Active Directory
  • BIPA: Biometric Information Privacy Act
  • CCPA: California Consumer Privacy Act
  • CTAP: Client to Authenticator Protocol
  • CTAP2: Latest generation of CTAP
  • FAR: False Acceptance Rate
  • FIDO: Fast Identity Online
  • FIDO2: Latest generation of FIDO
  • FRR: False Rejection Rate
  • GDPR: General Data Protection Regulation
  • GPO: Group Policy Objects
  • MDM: Mobile Device Management
  • MFA: Multi- Factor Authentication
  • OTP: One-Time Password
  • PIN: Personal Identification Number
  • TPM: Trusted Platform Module
  • U2F: Universal 2nd Factor Authentication
  • UAF: Universal Authentication Framework
  • W3C: World Wide Web Consortium
  • WebAuthn: Web Authentication
2. What is Match-on-Host? Chevron Icon
  1. Identifies the user by making a match with a known and secured “template” or record of the user’s fingerprint.
  2. The functions performed in software include identification of fingerprint characteristics, creation of a secure biometric asset (the fingerprint template), storage of the asset, and matching a newly created fingerprint template with the one stored on the device. The host system also provides the security required to protect the integrity and privacy of the fingerprint data.
3. What is Match-in-Sensor? Chevron Icon
  1. Isolates fingerprint operations away from the host OS in the sensor itself.
  2. Even if the host is completely compromised by a successful attack of any type or origin, it is extremely difficult to force the matcher to generate a false positive result, replay an old result, or in any other way alter or manipulate the match result. This ensures that an identity-authentication subsystem will remain secure even under a worst-case scenario.
4. How does our biometric fingerprint reader work? Chevron Icon
  1. VeriMark™ Fingerprint readers work by creating several templates using ridges and valleys on a finger. The information is then processed by the device's pattern analysis/matching software, which compares it to the list of registered fingerprints.
5. Why is a biometric fingerprint reader useful? Chevron Icon
  1. Fingerprint authentication replaces the use of passwords, SMS, and code verification. It is one of the fastest and most secure methods of authentication.
6. Reasons to consider biometric fingerprint authentication: Chevron Icon
  1. Unique to every user: A fingerprint consists of unique features such as ridges, valleys, and minutiae points that are unique to an individual. It is practically impossible to replicate a fingerprint, and it never changes with time unless there is an unusual occurrence.
  2. Loss proof: Users often mis-type or forget their PINs.
  3. Security: All biometric data is encrypted and digitally signed using strong 256-bit Advanced Encryption Standard (AES) and Transport Layer Security (TLS) technologies.
  4. Speed: PIN authentication may take longer, and it is possible to enter the wrong code, whereas fingerprint recognition is a seamless, near-instant process.
  5. Easy setup: With most services, users simply have to register their fingerprint once.
  6. User experience: Allows users to log in or authenticate in an easier, faster, and more secure way.
7. Can I let multiple users sign in to one Windows account and register different fingerprints? Chevron Icon
  1. Yes, one Windows account can register more than one fingerprint including those of multiple users — up to 10 fingerprints in all.
8. What happens if I lose my VeriMark™ Fingerprint Key? Can anyone steal my fingerprint data from it? Chevron Icon
  1. Your fingerprint data is safe. You can log in to your Windows account through your regular password or PIN as a backup until you are able to replace or find your VeriMark™ Fingerprint Key.
  2. For U2F login, you can still use your regular password with OTP phone messages to log in to your Google, Dropbox, and other accounts.
  3. VeriMark changes your fingerprint image/file into an encrypted file through a secure algorithm so that it can be stored in your laptop’s settings. Because of this, you can purchase a replacement VeriMark™ Fingerprint Key and pick up right where you left off.
9. What is FIDO? Chevron Icon
  1. FIDO is a “standard” technology term, such as “Wi-Fi” or “Bluetooth.” It works on any web browser and on all your devices, including smartphones, desktop or laptop computers, tablets, and smart watches. FIDO makes logging in to your online accounts much easier, while keeping your info safe from hackers. You can find more information about FIDO here: https://fidoalliance.org/
10. Which browsers support the FIDO framework? Chevron Icon
  1. Currently, Internet Explorer, Edge, Google Chrome, Mozilla Firefox, and Safari are supported. Please see our support page for browser limitations: https://www.kensington.com/software/verimark-setup/
11. What is the difference between FIDO and FIDO2? Chevron Icon
  1. FIDO: Provides strong authentication using Universal Authentication Framework (UAF) and Universal 2nd Factor (U2F). U2F devices use the public encryption key scheme to protect your account. The private key is stored exclusively on the U2F device and never leaves it, which makes it much more secure than SMS- and time-based 2FA methods.
  2. FIDO2: The updated and upgraded version of its original specifications. Featuring easier adoption of secure, passwordless authentication for a wide range of online services and user devices. The main component of FIDO2 is Web Authentication (WebAuthn), developed in collaboration with the World Wide Web Consortium (W3C). WebAuthn is a set of standards and web application programming interfaces (APIs) that can add FIDO-based authentication to supported browsers and platforms.
12. What is the difference between Windows Hello and Windows Hello for Business? Chevron Icon
  1. Windows Hello is targeted toward the individual consumer, it replaces a PIN used on your personal device. Devices using Windows Hello are normally not joined to a domain.
  2. Windows Hello for Business can be configured by GPO or MDM and uses a PIN backed by asymmetric (public/private key) or certificate-based authentication. By eliminating the use of hashes, the security is increased. To use this asymmetric key mode, you need to use Azure AD or implement a Windows Server 2016 domain controller (or later).
13. What technology is used to secure my biometric information? Chevron Icon
  1. Synaptics Technology (SentryPoint ® end-to-end security)
  2. SentryPoint ®: A suite of security features for the Synaptics fingerprint sensor solution.
  3. SecureLink ™: Enables a strong TLS 1.2 (communication channel encryption)/AES-256 (data encryption) from the sensor to the host.
  4. PurePrint®: Anti-spoof technology. Detects real fingers from fake fingers.
  5. Match-in-Sensor ™: Technology whereby the fingerprint template is securely matched on the fingerprint sensor silicon itself. This limits the data transfer to the host as a simple “yes/no” communication. Even then, the match result is encrypted.
  6. Quantum Matcher ™: The chip features a 192 MHz processor, a hardware accelerated matcher.
14. What’s the difference between Kensington’s Biometric Solutions? Chevron Icon

We are here for you!

Get Support