[2 / 0 / ?]
Quoted By:
Reading your palm, for security's sake
Biometric tech making its way into the consumer market but flaws exist
A woman scanning her palm while borrowing a book, without the need for a library card, at a public library in Japan.
NEW YORK - They are not taking any chances at Barclays. Stating an account number and other bona fides is not enough to get to your money at the British bank's wealth and investment management service.
As an additional safeguard, a program analyses customers' voices when they call in, to make sure they match a voice print on file.
At some ATMS in Japan, the machine scans the vein pattern in a person's palm before issuing money.
And, since September, people have been using fingerprint sensors on their iPhone 5s to unlock their devices or to shop at the iTunes store.
These are the three examples of biometrics systems, which have long been the province of border control, military surveillance and national intelligence.
Now these systems are rapidly moving into the consumer mainstream to unlock laptops and smartphones or as a supplement to passwords at banks, hospitals and libraries.
But the technology also comes with a host of troublesome issues about its vulnerability to hacking and misuse.
The stakes can be high when inherently personal biometric data is hijacked, said Mr Bruce Schneier, a security expert and author of Liars And Outliers: Enabling The Trust That Society Needs To Thrive.
"If someone steals your password, you can change it," he said. "But if someone steals your thumbprint, you can't get a new thumb. The failure modes are very different."
Despite these concerns, the technology is making its way onto the office desktop - and the laptop too. A new Fujitsu laptop, the Celsius H730, released recently in Japan, can be ordered with a choice of biometrics: a finger-print sensor or, for an additional US$116, a palm scanner instead. To unlock the computer, you hold your palm over the sensor, and the software checks your vein pattern to make sure you are the authorised user, said Fujitsu spokesman Joseph Dean.
Biometric devices can identify vein patterns in the finger, the back of the hand or the palm, said biometrics expert Anil K. Jain from Michigan State University.
The technology works quite well, he said, adding that "it's difficult to forge because the vascular patterns are inside the body". The veins are revealed by a harmless infrared light.
Palm scans are gaining the most traction in the vein-reading market. Professor Jain said. Identifying features include thickness of the veins and the angles and locations where they intersect. Some systems combine fingerprints and finger-vein patterns.
A different biometric, voice printing, is offered by Nuance Communications to many customers including Barclays. The voice print is based on about 100 characteristics including pitch and accent, said Mr Brett Beranek, a manager at Nuance.
Voice prints, even if stolen, will not lead to identity theft, he said.
"If someone did compromise the database, there's nothing they could do with it," he added. "We are not storing people's voices, but the characteristics of their voice."
Consumers should not expect that biometric technologies will work flawlessly, Prof Jain said. They can be a good solution, balancing convenience with security, but they are not foolproof.
For example, people could be barred by a fingerprint mismatch from access to their smartphones or bank accounts.
"There could and will be situations where a person may be rejected or confused with someone else," said Prof Jain.
NEW YORK TIMES
Biometric tech making its way into the consumer market but flaws exist
A woman scanning her palm while borrowing a book, without the need for a library card, at a public library in Japan.
NEW YORK - They are not taking any chances at Barclays. Stating an account number and other bona fides is not enough to get to your money at the British bank's wealth and investment management service.
As an additional safeguard, a program analyses customers' voices when they call in, to make sure they match a voice print on file.
At some ATMS in Japan, the machine scans the vein pattern in a person's palm before issuing money.
And, since September, people have been using fingerprint sensors on their iPhone 5s to unlock their devices or to shop at the iTunes store.
These are the three examples of biometrics systems, which have long been the province of border control, military surveillance and national intelligence.
Now these systems are rapidly moving into the consumer mainstream to unlock laptops and smartphones or as a supplement to passwords at banks, hospitals and libraries.
But the technology also comes with a host of troublesome issues about its vulnerability to hacking and misuse.
The stakes can be high when inherently personal biometric data is hijacked, said Mr Bruce Schneier, a security expert and author of Liars And Outliers: Enabling The Trust That Society Needs To Thrive.
"If someone steals your password, you can change it," he said. "But if someone steals your thumbprint, you can't get a new thumb. The failure modes are very different."
Despite these concerns, the technology is making its way onto the office desktop - and the laptop too. A new Fujitsu laptop, the Celsius H730, released recently in Japan, can be ordered with a choice of biometrics: a finger-print sensor or, for an additional US$116, a palm scanner instead. To unlock the computer, you hold your palm over the sensor, and the software checks your vein pattern to make sure you are the authorised user, said Fujitsu spokesman Joseph Dean.
Biometric devices can identify vein patterns in the finger, the back of the hand or the palm, said biometrics expert Anil K. Jain from Michigan State University.
The technology works quite well, he said, adding that "it's difficult to forge because the vascular patterns are inside the body". The veins are revealed by a harmless infrared light.
Palm scans are gaining the most traction in the vein-reading market. Professor Jain said. Identifying features include thickness of the veins and the angles and locations where they intersect. Some systems combine fingerprints and finger-vein patterns.
A different biometric, voice printing, is offered by Nuance Communications to many customers including Barclays. The voice print is based on about 100 characteristics including pitch and accent, said Mr Brett Beranek, a manager at Nuance.
Voice prints, even if stolen, will not lead to identity theft, he said.
"If someone did compromise the database, there's nothing they could do with it," he added. "We are not storing people's voices, but the characteristics of their voice."
Consumers should not expect that biometric technologies will work flawlessly, Prof Jain said. They can be a good solution, balancing convenience with security, but they are not foolproof.
For example, people could be barred by a fingerprint mismatch from access to their smartphones or bank accounts.
"There could and will be situations where a person may be rejected or confused with someone else," said Prof Jain.
NEW YORK TIMES
