Do not say goodbye to passwords yet - Microsoft Fingerprint reader lacks the basic security features. Read more.Microsoft Fingerprint Reader optical scanner does not encrypt the fingerprint image while transferring it to the computer.
The unencrypted user fingerprint image could be stolen using sniffers that monitor such traffic.
Once the fingerprint image was sniffed, it could be used by attackers to make it appear as if the victim were authenticating onto a PC or a Web site using the Fingerprint Reader.
This Fingerprint theft security hole was first reported by Mikko Kiviharju at a recent Black Hat Europe conference.
Microsoft also recommends using password instead of Fingerprint Reader for protecting sensitive data such as financial information or for accessing corporate networks.
Download Mikko Kiviharju paper
Source: Researcher hacks Microsoft Fingerprint Reader