• United States



by Paul L. Kerstein

Are Biometrics a Secure Answer to Our ID Dream?

Oct 25, 20052 mins
CSO and CISOData and Information Security

The Suraga Bank of Japan is using ATMs that read the pattern of blood vessels in palms to allow customer access to accounts. In Europe, the European Aviation Safety Agency is considering using biometrics and RFID to simplify and speed up check-in for air travel. And stateside, banks are allowing vault access with hand-readers while grocery stores, theme parks and the Statue of Liberty are going with fingerprint identification.

The technology is fast. In January of 2004, the Department of Homeland Security and its United States Visitor and Immigrant Status Indicator Technology system (US-Visit) confirmed the identities of 35,000 people in one day matching fingerprints with biometric information in a federal database.

And it’s secure. Avivah Litan, an analyst with Gartner, argues that biometrics is the most secure form of authentication because it’s the hardest to imitate and duplicate.

But many Americans are still skeptical.

For starters, biometrics are irreplaceable. So the thought that a hacker could steal your fingerprint is particularly creepy. Biometric information is not like a number that can be cancelled, says Nalini Ratha, a scientist with the Exploratory Computer Vision Group. “If it is compromised it is compromised forever.” And how can biometric data be stolen? Well, the information has to be stored somewhere. Is there really such a thing as invulnerable storage?

On another front, privacy advocates worry that if the government collects biometric information, it will be used to track the movements of all American citizens, not just foreign nationals. Big brother is looming.

What do you think? Do the pros of biometric ID outweigh the cons?