|
Biometrics. NOT YET UNDER YOUR THUMB
(Financial Mail Via Thomson Dialog NewsEdge)Biometrics NOT YET UNDER YOUR THUMB For years, biometric identification technology has promised to do away with passwords and personal identification numbers simply scan your fingerprint or speak a command, and you would be given access to a system.
But biometrics is still probably some years away from enjoying widespread commercial adoption.
Biometric security technologies, which measure unique physical and behavioural characteristics to determine whether a person has the right to access a restricted space, won't solve all security headaches. That's the view of Standard Bank director of technology Hemmanth Singh.
It has to be 100% safe before we can use it, he says. Right now, it's not, Singh says.
His circumspect view of biometrics is in contrast to the enthusiasm of computer software and hardware developers, who see it as the greatest advance in IT security since the invention of the user name and password.
It's easy to understand the excitement over biometrics, given the limitations of current security systems, especially passwords, which can be compromised easily. By measuring unique characteristics, systems can determine more accurately who is accessing which data.
It is possible to track a user's actions on a corporate network, but it is not possible to be 100% sure that the person logged in is the user who was assigned the identity, says Amir Lubashevsky, director of IT security company Magix Integration.
Human nature adds to the problem of protecting passwords because users tend to change them to easy-to-guess words, such as the name of their spouse, child or pet, Lubashevsky says.
And if passwords are not easy to guess, they are easy to pry out of people. Some users will provide their password to a stranger who says he is from their company's IT department, Lubashevsky says.
Singh agrees that there are limitations to using user names and passwords, but points out that, though biometrics do have some advantages, they also have big drawbacks.
He says the encoding and storing of biometric information the data that describes a unique feature, such as a fingerprint is a challenge, because there are no standards in place to stipulate how such data must be managed and collected. With no set procedures to deal with the data, there is a risk that biometric characteristics will not be matched with the right person, Singh says.
Ultimately, every biometric is reduced to a number, and the number is what we work with, he says. Security can be compromised if this number is recorded incorrectly or duplicated.
Singh points out that even if a common standard is adopted for managing biometric data, the lack of availability of devices that can scan a retina or a fingerprint means it will be some time before biometrics is generally used. A further hassle is what happens if someone loses his or her unique characteristics. Have you seen the fingerprints of bricklayers? They don't exist, Singh says.
The intrusive nature of some biometric scans especially iris scans can be a problem too. But Singh's cautious view of biometrics does not mean he does not see a future in the technology. MTN Banking, Standard Bank's cellphone banking operation, has a voice verification system.
Biometrics could be used in combination with other security systems, where an additional level of security is desirable, such as having a handwriting recognition device that can authenticate signatures.
Biometrics is already finding a niche. Hewlett-Packard and Lenovo have both introduced fingerprint scanners into some of their new PCs, allowing users to log in without a password.
[ Back To Homepage ]
|
Home
Featured Article Archives
eNews
RSS FEED
