APACER AH620 Fingerprint Flash Drive. Review

Not long ago we bought APACER AH620 with 4 Gb capacity and fingerprint scanner. Embedded program allows to use password protected USB flash drive for data protection.

The given USB flash drive is compatible with Rohos Logon Key program, which means that Biometric Authorization may also be used to access Windows (2000/XP/Vista). To learn more, please read here…

Device special features:

  • There are two Partitions on the disk: Secure Partition of the USB flash drive, and Open Partition
  • The Open Partition is always accessible (some biometric USB flash drives hide Open Partition with its files and folders while working with Secure One)
  • Partitions’ sizes can be changed with the help of built-in utility – “Resizing tool”. This utility is on the disk that goes as a unit
  • Secure Partition is accessible only after successful fingerprint authentication of the owner or his/her password. The device presents high USB flash drive security

Note: The first time the device had been tested Russian language was set up, by default. Unfortunately, we do not know how to change language into English that is why we have to present to you screenshots in Russian. We apologise for inconvenience.

How the device works:

Upon plugging in the device in “My Computer” window appear 2 disks:

One of them has the sign “Public”, which means that it’s the Open Partition on which you could save and from which you could delete files. For the Secure Partition access you should open the disk with the sign “AP”, and automatically is started up the program for Biometric Authorization (fingerverify.exe).

In the program’s dialog box you could enter a password or run a finger over the scanner. As a result in “My Computer” window instead of the disk with the sign “AP” will appear the disk with the sign “Security”. This is the Secure Partition that is temporarily open.

Also in the taskbar will appear a new icon:

If you click on this icon program’s main window will appear:

To hide the Secure Partition all you need to do is to run a finger over the flash drive’s scanner.

Registering fingerprints:

First you should open the program’s main window and choose “User Settings – Registering Fingerprints”. The following window will open up:

Then choose the finger and follow the instructions in the next window

Setting up a password:

Backup (backdoor) password in order to access the secured drive if you don’t have fingers ready. In order to set up or change the password you should open the program’s main window and then “User Settings – Setting Password”. The following window will open up:

Changing the size:

On the disk you’ll find the utility “Resizing Tool” that will allow you to easily change size of the Open or Secure Partitions. It looks this way:

There should be no problem using this utility.

Apacer Security review

The device description on the manufacturer’s web site and help files do not clearly state the most important things about its security:

  1. Where fingerprint authentication is performed? On the hardware or software part? Obviously the Software part reads authentication configuration from the hardware and it is not protected (how many fingers and which ones are enrolled, is there a backup password).
  2. The same question about which part is making decision about granting access to secured drive?
  3. Is there any attempts limit for Authentication by a backup password? Brute-force attack possibility looks like security vulnerability.
  4. Is the authentication configuration protected? Again, it’ss clear that the Software part not only reads authentication configuration from the device, but also writes it. Is this API protected? On the software level or hardware?

As you see there are a few places where the device security maybe vulnerable. We believe that manufacturer implemented some crucial authentication task on the hardware level to make it more secured.

Search this blog to read more reviews of USB devices with data protection. Visit USB drives category.