Putting my finger on the state of biometrics

David Ting
Feb 03, 2012

Dave Kearns recently posted an article from an interview with Upek on the state of things in the world of biometrics, talking how fingerprint readers are now being built into laptops, keyboards and all types of devices at a dizzying pace. [disclosure: Imprivata partners with Upek] It was nice to see Dave addressing the topic of biometrics adoption.

Let's be honest, I spend a good deal of time collecting and vetting these amazing little biometric devices that have proven so valuable to our customers. Years ago working on civil biometrics programs we had large fingerprint scanners that were nothing more than video cameras that used mirrors, prisms and lenses to obtain an image of a fingerprint. Today's sensors that are mounted on keyboards, notebooks, electronic door locks and safes are often direct imaging silicon, low-cost sensors capable of producing high quality images with a very small footprint. Combining biometrics with single sign-on has a strong value prop, as more and more industry and government regulations require two-factor authentication and audit trails for access reporting. Clearly, this last bit is self-promotional as biometrics is right in Imprivata's sweet spot. You have to admit the convenience of using a simple finger swipe or touch to access all the applications you need on a daily basis is huge - especially if you have to repeatedly logon and logoff. And hopefully you always bring your fingerprint with you, unless you're having a very bad day.

Seriously though, the combination of biometrics and single sign-on has a natural synergy. I'll have some more news shortly on the strong authentication front, but in the meantime when you're thinking of using biometrics and SSO, it's important to take into considerations a few things:

  • Ensure high-end image processing technology is embedded into the commercial product you are looking at - there are many solutions out there, and some cost more than they should, so keep an eye out for the balance between cost and system capabilities
  • Look for solutions that limit failure rate, or 'False Accepts' and 'False Rejects.' While it is impossible to guarantee that there won't ever be a false accept, keeping the rate better than 1 in 1 million is important.
  • For most end-users, authentication is something they want to get done quickly so they can get their job done, so identification or authentication speed is paramount. Acceptable time for authentication (where you enter a user name) should be within a second and identification (where you don't enter a username), within 2-3 seconds. Consider the verification speeds of integrated ESSO-biometrics solutions and do head-to-head comparison of the best alternatives
  • Focus on solutions that can handle a wide range of finger image presentation with higher accuracy. Users don't put their fingers at the same angle, position within the senor or swipe the same way as they did during enrollment so having a robust solution that can handle variability ensures user adoption. Test the system to see what finger placements are allowed to gauge the user experience - try placing the finger at a different angle or swipe at different speeds. Test with dry, moist, dirty, or oily fingers (right after you've had that French fry) and above all, try using it by touch alone with your eyes closed.

What do you think about biometrics? Are you using it in your environments? Is it tied to your SSO system? What type of biometrics are you using?

-David