FEBRUARY 23, 2006 (NETWORK WORLD) - University of Buffalo researchers say they have put their fingers on a way to improve security of wireless handheld devices and Web sites.

The findings could also help eliminate the need to remember a dizzying array of passwords and aid forensics specialists, according to Venu Govindaraju, a University of Buffalo professor of computer science and engineering, and director of the school's Center for Unified Biometrics and Sensors (CUBS).

The research specifies how big a keypad sensor needs to be and how big a fingerprint image should be, as a key shortcoming of biometric systems now is that sensors often only can take partial fingerprints, Govindaraju says. Enabling more complete fingerprinting will let companies better gauge the level of security they can provide, he says.

"For the first time, we have determined the minimum surface area required for fingerprint scanning in order to achieve a level of security that is roughly comparable to the security achieved with a six-letter password," Govindaraju said in a statement regarding the researchers' Automated Partial Fingerprint Identification algorithm.

The algorithm also takes into account the fact that even a legitimate fingerprint doesn't always look the same due to the way a person presses on a pad or because of moisture or other factors. The researchers' work has been published in the journal Pattern Recognition, and a patent has been filed on this technology.

Concerns about fingerprinting in biometrics was raised recently on a security panel at the Demo 2006 conference. Universities are a hotbed for network security research these days. Among recent advances are those in the use of "photonic decoys" to thwart hackers and "active cookies" to foil phishers and pharmers.