The ability to quickly scan and store unique physical information, such as fingerprint patterns, has given rise to proposed applications for use in both expediting and protecting business transactions.

One of the most intriguing technologies to become commercially available recently is biometric security – an umbrella term for technology that uses unique physical characteristics as the basis of identification. A fingerprint, an iris or retina pattern, the shape of the hand, a voice command, or the contours of one’s face, can all be recorded and analyzed for this purpose. The scanned information is matched against information stored in a database and, if the information matches, the identified individual is validated within the system.

Biometric technology seems to have an ever-growing list of possible uses. Perhaps, its most promising application is in the realm of electronic commerce. As more business transactions are conducted over the web, security becomes an even more critical issue, as substantial amounts of funds and highly confidential information are transmitted over the web. Authentication of the persons involved in the transactions lies at the very core of this concern. With biometric technology, the need for passwords, card keys, and picture identification will all be rendered outmoded. In essence, a person’s own body is her or his password. This method of proving identity is especially appealing when one considers that the use of wireless web-enabled devices is becoming the norm. Many experts are predicting that soon casual everyday business transactions, such as paying for lunch at a restaurant, will be conducted over personal web-enabled cellular phones. In fact, devices that combine palm pilot and telephone capabilities are already entering the market. It is, perhaps, only a matter of time before these devices identify their owners through biometric security. Indeed, companies such as Acer and Compaq have already released laptop notebooks equipped with fingerprint scanners.

With regard to e-commerce specifically, Computer Associates International (CA), in collaboration with Data Treasury, has announced an alliance to create and market a biometric system with the expressed purpose of protecting online transactions. CA, which is already known for its eTrust security products, has enlisted Data Treasury for its expertise in the field of authentication technology and its repository of encrypted data. The two companies are now working on an integrated security product that will be conformable to the specific needs of its users. CA noted that the development of the product was in response to overwhelming requests from its customers who, ironically, do not want to be identified.

Other upcoming uses of biometric technology could include authorizing banking transactions, and payment at point of sale. It is even conceivable that biometric technology will eventually render credit cards obsolete. Biometric systems are already in use as identifiers of workers at many airports, and employees of NASA use their face and fingerprint patterns to access servers from their home computers. In addition, the State of New York’s Office of Mental Health uses fingerprint readers to protect access to its automated record system. The state agency stressed that the confidential nature of patients’ information necessitated making the switch to biometric security.

Of course, the scanning of physical traits as a means of identification raises both privacy and legal issues. To quote Richard M. Smith, Chief Technology Officer of the Privacy Foundation, “On the plus side, [biometric technology] potentially offers a great way to protect our bank accounts, credit cards and computer accounts. On the downside, it means we will be instantly tracked in our daily lives, possibly without our knowledge or consent.” With regard to biometric security on the e-commerce enabled cell phones (that are sure to come), Smith agrees that biometric security could be a necessity, but added that the phone itself should store the coded information, not a separate database. In this way, outside party access to one’s personal information will be limited.

Sources: Companies Promise Biometric Security for E-Business
Michael Bartlett
Computer User, Feb. 23, 2001
http://www.computeruser.com/clickit/printout/news/295317360003760000.html

Net Notebooks Offer Biometric Protection
Jamie Fenton
CNN.com, Feb. 2, 2001
http://www.cnn.com/2001/TECH/computing/02/02/biometric.security.idg/index.html

You Are Your Password
Cate T. Corcoran
ECompany, April 2001
http://www.ecompany.com/articles/mag/0,1640,9565,00.html

Gadgets that Spy
Richard Smith
Privacy Foundation, March 8, 2001
http://www.privacyfoundation.org/commentary/tipsheet.html