I have a multi-factor web authentication server, that in addition to regular passwords uses fingerprints for user authentication.
Can anyone think of a security flaw in the following scenario:
I have Resource Server that hosts valuable resources, the resource owner must provide his fingerprint to an authentication server to grant access to his/her resources.
Securing the fingerprint data is critical. Before the user can use the system. He must install a web browser plugin. During the plugin installation the plugin connects to the authentication server and obtains a digital certificate from the server (a server public key).
Now when the user goes to the resource server webpage he types his username/password and the web page asks him to scan his fingerprint. Then, the web browser plugin connects to the fingerprint scanner and triggers the scanner to scan the user's fingerprint.
The plugin gets the fingerprint from the scanner and encrypts it using a randomly generated 256 AES key and then encrypts this AES using the authentication server public key.
Then the plugin returns a JSON object containing the encrypted fingerprint and the encrypted AES key. Next a Java script from the resource server login page using AJAX send the JSON object to the resource server. The resource server forwards the JSON object to the Authentication server.
The authentication server decrypts the AES key using its private key and then uses the recovered AES to decrypt the fingerprint data. Finally, it compares the received fingerprint data with the stored fingerprint template and returns the result to the resource server. Based on the result the resource server denies or grants access to the user.
The fingerprint templates on the authentication server are stored in an encrypted database using a 256 AES Key.