Security risk posed by laptops with fingerprint readers: using e-services without entering a PIN

Laptops with fingerprint readers (particularly by Hewlett Packard, i.e. HP) may pose a security risk where e-services – for instance, the Internet Bank – can be accessed and used for confirming activities and transactions without entering ID-card PINs.

Such situation is caused by the software needed to use a fingerprint reader, for instance, HP ProtectTools Security Manager in the case of HP, which automatically saves PIN1 and PIN2 after the first use.

Even though this may seem convenient at first, for the purposes of security, each authentication and signing performed with an ID-card must be conducted using PINs.

There are three ways to continue using your ID-card securely:

A: Use a card reader with a PinPad.
Information on card readers supported by ID-software can be found on the smart card reader information website.

B: Remove HP ProtectionTools Security Manager from your computer.

C: Make sure that the ‘Log user on automatically’ box is not checked under ‘Windows Security Properties’.
If the box is checked, uncheck it. Click ‘OK’ in order to apply the changes.