Digital security

Precise Biometrics' Precise 100 MC smart-card reader supports the DOD Common Access Card.

The Sony FIU-710, known as the Puppy, is a standalone reader that connects via USB.

Fingerprint recognition devices gain in popularity for authenticating users

Tightened security after Sept. 11 has accelerated agencies' exploration of biometrics, but a trend toward greater use of the devices had begun long before the terrorist attacks.

Researcher International Data Corp. of Framingham, Mass., which late last year surveyed the market, said worldwide biometrics technology sales were $118.8 million in 2000 and projected that they would increase by 50 percent over each of the next five years.

'Software platforms that support a heterogeneous mix of biometrics, tokens and smart cards promise to boost security, reduce cost and improve convenience,' said industry analyst Chris Christiansen of IDC's Internet infrastructure and security software services.

'Simultaneously, physical security and surveillance technologies are coalescing with both hardware and software authentication technologies,' he said.

Biometrics covers such technologies as fingerprint, voice, iris, facial, hand geometry and even handwriting and signature recognition, the latter involving the angle and pressure with which a pen or stylus is used.

But the overwhelming majority of current biometric applications make use of fingerprint recognition.

Fingerprint scanners come in a variety of formats, from standalone devices to readers built into keyboards and mice. They are unobtrusive, inexpensive and, essentially, they work.

The two basic technologies used in fingerprint scanning are optical readers, which have proved to be durable, and silicon readers, which tend to be faster but are best suited for small devices such as cellular phones and personal digital assistants.

Their downside is that the technologies can be slow or stymied by workers with dirty fingers or latex-gloved hands. It's also important to place your finger correctly on the scanner and to avoid movement during a scan.

Ultra-Scan Corp. has introduced a new approach to finger print scans - ultrasonics, which refers to high-frequency sound waves most commonly identified with pregnancy monitors that can create an image of a fetus or with submarine sonar systems that use sound to paint a picture of the sea floor.

Ultra-Scan uses ultrasonics for fingerprint scanning and has demonstrated accuracy levels that approach 100 percent - beyond the capability of even the best optical technology.

The company claims ultrasonics can see through dirt, ink, even newsprint from the morning paper, making identification very accurate and speeding the flow of employees or passengers. The company also says such devices can be operated with no attendant, making it an ideal solution for remote locations.

Backups needed

Regardless of the type of fingerprint reader you choose, the technology is best used in conjunction with other security systems.

'From a technology point of view, biometrics are a crucial technology; they are a big piece of a complex puzzle,' said John Schneider, Ultra-Scan's president and chief technology officer.

'Fingerprints are the best biometric because they are unique to every human,' said R. Terren Dunlap, chief executive officer of Ultra-Scan. 'Once an airport employee is enrolled, within a minute or two, his fingerprint would become his key to enter whatever areas of the airport he is authorized for. The system would log every entry and exit. It can't be stolen, and one can't lose it or leave home without it.'

Ultra-Scan's FingerPunch, which works with virtually any smart-card reader, operates in a combined system that can read, match and authenticate a cardholder by comparing the fingerprint to the biometric data embedded on the card.

Beyond access control in a critical location such as an airport, federal building or military installation, biometric access can also protect computer networks from unauthorized users.

One starting consideration for IT managers is what, exactly, you wish to protect, said Paul Ardoin, product marketing manager for Secure Computing Corp. of San Jose, Calif., whose network security software works with fingerprint systems.

'What are you trying to protect? If you're just trying to protect your own laptop, there are a number of devices that'll lock down your own system,' Ardoin said. 'We protect access to applications and network systems such as VPNs; we protect network access as opposed to local access.'

Secure Computing's software, called SafeWord Premiere Access, 'hooks into applications. We manage users and authorization policy for accessing these applications,' Ardoin said.

By using multiple technologies, he said, you can enhance security beyond fingerprint data, which he said could have its drawbacks. The data used in fingerprint recognition ultimately is binary - scanners identify points in a fingerprint pattern rather than an entire fingerprint - so a breach of that data can happen, he said.

'All the biometric vendors claim they have ultimate security and encryption. You can change passwords, issue new certificates, but you run out of fingers if fingerprint information becomes compromised,' he said.

Moreover, another factor is where the given data is located. Ardoin favors fingerprint readers such as Sony's FIU-710 - also known as the Puppy - that stores security information on a local device such as a desktop or notebook computer, as opposed to transmitting such data over a network to a central server. The SafeWord software, he said, would guard access to the network and a central host.

But such a setup might not work in every situation. In the case of building or area access, where dozens or even hundreds of stations might be required, having a local database of every fingerprint could become prohibitive in terms of cost and maintenance. A networked solution is a better answer there.

Fraud control

Tom Moore, of Sagem Morpho Inc. of Tacoma, Wash., whose software products work with fingerprint systems in the accompanying chart, said integrated fingerprint recognition systems can go a long way toward boosting security.

He said Sagem software is being used in Nigeria with 60,000 terminals for voter registration - and to avoid fraud - in elections to be held in that country next year.

'This technology can be easily transferred to the United State for access control for airports or to implement a national standard for driver's licenses,' Moore added.

The company also provides terminals to the Public Benefits administrations of both Texas and New York.

The use of fingerprint identification, Larson said, 'has virtually eliminated fraud' in the programs in both states.

What should IT managers look for when buying biometric access systems? Moore said technology and service are factors.

'What's the accuracy you can expect, and what kind of support do you get from the vendor?' he said. 'In terms of accuracy, find out what the company is saying about false accuracy and false reject readings.'

While technologies, and their uses, continue to evolve, the growth in the overall market is clear, said Steven Andriole, a senior consultant with Cutter Consortium in Arlington, Mass.

'Just three short years ago, it was difficult to get funding for early-stage biometric companies, and the biometric marketplace was flooded with what appeared to be redundant products and services,' he said. Now, 'demand is growing dramatically, and the ever-so-important price-performance ratios are beginning to ease in favor of performance, giving biometrics a chance to develop.'

'Within a few short months, we will routinely begin to see fingerprint scanners built into keyboards as authentication options, as well as their entry devices,' Andriole predicted. 'And although fingerprint recognition looks the most promising, it's important to understand the strengths and weaknesses of each of the primary biometric technologies.'

Mark A. Kellner is a free-lance technology writer in Marina Del Rey, Calif. E-mail him at mark@kellner2000.com.

Related Articles

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above