Password: Your Fingerprint
Please
Ray Van Eng (09/25/96)
Carolyn, a Canadian, is returning home to
Vancouver after a 5 day business trip to company headquarters at New York
City. She is a frequent International flyer and has done this many times
before.
- The plane is running a little late, but it has
managed to arrive at the Vancouver International airport just before midnight.
She is anxious to get home and meet with her two small children, Tom and
Mimi, who may still be up in bed waiting to give mom a hug.
As usual, there is a long lineup of people waiting
to get through Canada Customs. She used to have to stand in line just like
everyone else. But this time, armed with a newly minted smart card from
the airport authority, Carolyn just whisk through the crowd, stop at an
ATM lookalike machine, insert the card and then place her palm flat on
a pad.
The computer goes to work and find that her palm
and fingerprint readings conform with the information found on the card.
The machine issue her a receipt and Carolyn simply hand that to an attendant
and proceed to walk through the exit gate. Home free. No Customs agent
questioning and searching through her baggage.
Carolyn is one of about 1500 people who have signed
up with a new service known as CANAPASS Airport. Currently, Vancouver is
the only Canadian city offering this service to 'low-risk' frequent International
travelers without previous criminal records.
This type of bio-medical authentication system which
relies on unique bodily features such as fingerprints or back of the eye
(the retina) topology as a positive way to identify an individual is being
applied to everyday situations. Its use may even become commonplace on
the Internet where security and unauthorized access is a very big concern
among businesses.
The National Registry Inc. (NRI) is providing fingerprint
image identification technology to GridNet, a national networking provider
who would in turn sell the service to Bell Atlantic Corp. and BellSouth
Corp., who are in the business of offering Internet access to various Internet
service providers.
The NRIdentity Personal Authentication system can
be easily incorporated into any Microsoft Windows PC to provide authentication
services for the open Internet or corporate Intranet access.
Everytime, the PC user wants to logo onto the Internet
or a private corporate web site, he or she would have to place his/her
fingers on a NRI Keyboard Scanner as a way to input the 'password'. The
biometric data collected by the scanner is encrypted and sent over the
network to the server which will compare that with the individual's fingerprint
record stored on a database.
GridNet claims that the combination of its Security
Gateway Services, which featured fault-tolerant, fully redundant, relational
database host computers, and the NRIdentity Personal Authentication system
will set a new standard for the Internet/Intranet industry by offering
the corporate administrator a very cost effective way to identify a log-on
user with a very high degree of reliability and sophistication.
In short, a corporation no longer has to implement
an expensive dedicated private network in order to ensure the same high
degree of data integrity obtainable now with the GridNet and NRI system
over a virtual private network now enabled by using the public Internet
for such connection services.
John Gustafson, president and CEO of NRI stated,
"Biometric identifiers ensure positive user authentication because
they cannot be lost, stolen or compromised. The accuracy and user-friendliness
of finger image identification make it the biometric methodology of choice
for positively identifying individuals."
Ok. But is biometric identification systems such
as the one that NRI touted 100% fail-safe? Some scientist seems to suggest
that nothing is totally foolproof.
Kevin McCurley, of the Sandia National Laboratories
in New Mexico declared on his web site that most biometric identification
systems has to be adjusted to control error probabilities. "Set the
systems to be too sensitive, and many legitimate users will fail to be
identified. Set the systems to be too lax, and too many illegitimate users
will be accepted. There is usually a tradeoff."
E-Mail
-
© Copyright Ray Van Eng 1996 - 1999. All rights reserved.