Biometrics Not Quite Ready for the Enterprise

Little yellow sticky notes cling to computer screens throughout American

offices, displaying users’ passwords for coworkers, bosses… and

possibly hackers to see.

The passwords, generally as simple as a relative’s birthday or a pet’s

name, have long been too easy to steal, and they’re just not working

anymore, analysts say.

What’s the solution?

Biometrics and smartcards are the best solution, according to industry

watchers. But don’t throw your password away quite yet. For now, just

keep changing it every few months and rip that sticky note off your

monitor because the biometric industry may need up to five years to work

out all of the kinks.

With passwords continuing to become more of an IT security nightmare,

analysts agree something needs to change because too much vital corporate

information is at risk simply because of weak passwords. Analysts are

looking at smartcards, along with biometrics — authentication techniques

that check a person’s physical characteristics, like a fingerprint or

iris pattern — and some behavioral aspects like keystroke patterns.

”The password is becoming obsolete and hackable,” says Mike Miley, vice

president and chief technology officer for Science Applications

International Corporation (SAIC), a research and engineering company

based in San Diego, Calif. ”You never want to rely on any one identity

anymore.”

With passwords wearing out their welcome, biometrics and smartcards are

next in line.

Biometrics are just further down the road. Analysts agree that smartcards

will be more widely utilized in 2005 than biometrics. But they say the

combination of the two identity verification methods will be the most

effective way to access networks in the next five years.

Smartcards the first step

”The (smartcard) industry is a slowly building industry,” says Earl

Perkins, vice president of security strategies with META Group, an

industry analyst firm based in Stamford, Conn. ”Many computer companies

are starting to install contact or contactless readers for smartcards

right into PCs.”

But credit cards, drivers licenses and other forms of ID are lost

everyday. The smartcard holder, however, will have an easier way to get

their card back, quickly.

”You need an easy way to re-enroll or get a new card,” says David

Fisch, a consultant with the International Biometric Group, LLC, a

biometric security consulting and services firm with bases in New York

and London. ”The template takes random parts of the fingerprint and

stores it so the user can easily get a new one.”

This use of multiple forms of identification is the key to securing

privacy, analysts say.

”Combining something you have, something you know and who you are is

much stronger than anything else,” says Miley.

Richard Fleming, chief technology officer and co-founder of Digital

Defense, Inc., a security services firm based in Dallas, says biometrics

are the pinnacle of authentication.

”You are identifying the individual person by the fact that you know

that this is your thumbprint attached to your warm body. It is a step up

and beyond all other authentication methods.”

Miley says the next five years will see a large focus on identity

proofing, using the combined powers of smartcards and biometrics. He says

the cost of installing biometric tools onto PCs is coming down, which is

greatly due to the U.S. government’s interest in the industry.

”The government is dedicated to testing biometrics for large- scale

deployment,” says Miley, noting that the U.S. is interested in using

biometrics in areas such as immigration and Homeland Security.

With the government pouring money into the research and development of

biometrics, analysts say, the technology will become cheaper and more

widely used by the year 2010.

The Financial Angle

A major driver in the deployment of smartcards this year will be money,

according to industry observers.

While a smartcard with a Simchip will cost a company about $10 to $15, a

biometric devise, such as a fingerprint reader, runs at about $80 to $200

per user, Perkins says. ”When you multiply the (biometrics) costs by 10

or 30 employees, it is just not cost effective.”

Fleming says the high cost of biometrics has been prohibitive.

”Biometrics have been increasingly expensive to date,” Fleming says.

”The security component of IT budgets will increase over the next two

years to 18 months, and will continue to increase after that.”

But Fleming says the cost for companies to install biometrics has already

started to decline, and will continue in the same direction.

Fleming says the biggest challenges for biometrics at this point remain

in infrastructure and levels of standardization.

”People may not want to buy another devise and install it onto their

computer,” Fleming says. ”The industry will have to agree on what kind

of technology to deploy. If users don’t know what to use and when, they

may just decide to do without.”

Miley says while there will always be privacy concerns, the ability to

use biometrics as protection will become commonplace.

”There are lots of efforts now to use biometrics as a way to protect

one’s privacy, not as an invasion of privacy,” Miley says. ”In five

years, we will see biometrics as a primary component of security

management.”

RELATED NEWS AND ANALYSIS

• Huawei’s AI Update: Things Are Moving Faster Than We Think

  FEATURE |  By Rob Enderle,
  December 04, 2020

• Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 18, 2020

• Key Trends in Chatbots and RPA

  FEATURE |  By Guest Author,
  November 10, 2020

• Top 10 AIOps Companies

  FEATURE |  By Samuel Greengard,
  November 05, 2020

• What is Text Analysis?

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 02, 2020

• How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 29, 2020

• Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 23, 2020

• The Super Moderator, or How IBM Project Debater Could Save Social Media

  FEATURE |  By Rob Enderle,
  October 16, 2020

• Top 10 Chatbot Platforms

  FEATURE |  By Cynthia Harvey,
  October 07, 2020

• Finding a Career Path in AI

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  October 05, 2020

• CIOs Discuss the Promise of AI and Data Science

  FEATURE |  By Guest Author,
  September 25, 2020

• Microsoft Is Building An AI Product That Could Predict The Future

  FEATURE |  By Rob Enderle,
  September 25, 2020

• Top 10 Machine Learning Companies 2020

  FEATURE |  By Cynthia Harvey,
  September 22, 2020

• NVIDIA and ARM: Massively Changing The AI Landscape

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  September 18, 2020

• Continuous Intelligence: Expert Discussion [Video and Podcast]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 14, 2020

• Artificial Intelligence: Governance and Ethics [Video]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 13, 2020

• IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI

  FEATURE |  By Rob Enderle,
  September 11, 2020

• Artificial Intelligence: Perception vs. Reality

  FEATURE |  By James Maguire,
  September 09, 2020

• Anticipating The Coming Wave Of AI Enhanced PCs

  FEATURE |  By Rob Enderle,
  September 05, 2020

• The Critical Nature Of IBM’s NLP (Natural Language Processing) Effort

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  August 14, 2020