Enterprises are waking up to biometric technology. This can be explained by the vast array of passwords, PINs and cards that we now have to use to clock in and out, access our accounts, devices, and work and leisure spaces. These passwords are clumsy.
In their place, fingerprint, face, voice and hand biometrics are proving their worth around the world in areas such as access control, computer network and cloud security, password reset, and for clocking on and off in the workplace.
“Biometrics provides the ability to know who did what and when for audit purposes, significantly increasing accountability,” says Elaine Bliss, vice president, product management and marketing, at DigitalPersona.
Before you install the technology, you need to be sure of the business case. Phil Scarfo, vice president, worldwide sales and marketing, Lumidigm, which is involved in biometrics for applications such as time and attendance and access control, explains: “Since commercial and industrial enterprise customers can choose from a variety of authentication technologies, biometrics must provide a compelling return on investment and/or business value.
“Such biometrics must be robust, reliable, accurate and do a better job of answering ‘who?’, which has material benefits over simply answering ‘what do you have?’ By lowering risk and/or losses, improving workflow and reducing operating costs, biometrics and security in general become justified.”
Biometric technologies have come a long way with big advances in ease of use, robustness, cost benefits and accuracy
The desire to minimise the use of passwords, cards and tokens is certainly helping to put biometrics on the map. US-based fingerprint firm BIO-key reports that a hospital used its technology in its ePrescription department to log in more than 250,000 times over a 30-day period. “Imagine typing a quarter of a million passwords,” says Scott Mahnken, BIO-key’s vice president of marketing. “This is an example of the productivity value biometric technology delivers.”
DigitalPersona’s Ms Bliss points to the success that a large UK financial institution has had using fingerprint biometrics to secure access to more than 30 applications its employees log into hundreds of times each day. She says: “The technology has increased user productivity and security by ensuring the identity of the user. Fingerprints cannot be shared, lost or forgotten.”
UK gym group Lifestyle Fitness has installed fingerprint access control pods at its centres. “The new system eliminates non-members accessing our facilities by gym cards being passed from members to non-members,” says Gordon Hall, managing director of the group’s owner, Competition Line. “It is a much fairer system as it means that everyone there has paid.”
And in Brazil, Banco Bradesco is putting palm-vein authentication from Fujitsu to good use. According to Fujitsu’s Akira Wakabayashi, director, PalmSecure Business Development Division, the bank has seen fraud cases fall to zero since it implemented the technology in 2007.
Biometric technologies have come a long way over the past decade with the industry reporting big advances in ease of use, robustness, cost benefits and accuracy. “Fingerprint readers today are much more advanced in terms of security than they were five years ago,” according to biometric access control firm ievo. Accuracy and enrolment rates have also improved. For example, Lumidigm claims that its multi-spectral imaging technology gives a read rate of close to 100 per cent on the first attempt.
Furthermore, cost benefits are improving. According to voice recognition firm VoiceVault, a typical password reset call to a help desk will cost an organisation about US$30, which can make using a biometric option very appealing.
“The advances in biometric technology have enabled fingerprint readers to be integrated into many access control systems, including turnstiles and pods,” says ievo. “This allows for a professional look. Today, fingerprint readers can even be manufactured in a variety of colours. It seems there are no limits to how to make fingerprint readers in sync with your building.”
Etienne Veber, executive vice president and chief commercial officer at Swedish firm Precise Biometrics, adds: “Mobile applications and the introduction of biometric/smart card-enhanced cases significantly increase security in the remote work environment. I can now securely access my emails, encrypt documents and browse websites because my mobile device can read my smart card credentials and also authenticate that it is me with my fingerprint through the smart casing.”
A cursory glance at biometrics on the internet can give you quite a confusing impression of the technology as there are plenty of misconceptions about it and its applications. Is it the answer to all security problems? Or perhaps another step towards Big Brother-style controls?
So what does the industry suggest companies considering rolling out the technology should look for? “People should ask about the types of algorithms used by different companies, and consider the environmental and social factors that their system is expected to operate in,” says Mr Veber.
“The most important things are interoperability and stability,” concludes BIO-key’s Mr Mahnken. “Most organisations host different devices and this issue has grown with the popularity of BYOD [bring your own device]. Equally, companies cannot predict what devices will be important in the future, so don’t allow your technology decisions to paint you into a corner.
“Also consider stability. You’ll find that some rather recognisable company names and brands have entered and exited an industry that has still not reached its maturity. You’ll be best served if you can pick a company with diverse capabilities and a lengthy history of exceeding customer expectations.”