MADISON, Wis. (9/28/12)--What kinds of measures will credit unions use to protect their members' identity and information--especially in mobile world? Biometrics has seen some major developments this year that could render passwords, PINs, log-ins and even employee ID access cards obsolete. According to a number of sources, these are already considered passé.
Instead, credit unions should be thinking physically: fingerprints, palms, eyes, heartbeats and even one's feet will be the devices of future access. No longer will it be what one knows (such as those intricate passwords), but rather what or who one is, that will gain access.
Something as simple as getting off on the right foot may mean the difference between access to information or a facility at the credit union. Carnegie Mellon University has teamed with Ottawa, Canada-based Autonomous ID to transform biometrics monitoring into a new field--pedo-biometrics. They hope to create physical "passwords" that require the physical presence of a specific person to unlock access by testing shoe insole sensory system prototypes for a variety of identification uses. BioSoles are special insoles that can recognize individuals based on their unique walk.
Pedo-biometrics could potentially apply in medical diagnosis, forensic science, privacy, security and automation, said Vijayakumar Bhagavatula, professor of electrical and computer engineering, in a university press release in July. Researchers expect the benefits to go beyond security, to earlier detection of medical conditions such as diabetes or Parkinson's disease.
"The continuing threats to military personnel and critical infrastructure and the growing national cybersecurity vulnerabilities demand a new breed of credentialing technology, and what our group has achieved certainly puts a whole new spin on things," said Todd Gray, chairman and president of Autonomous ID.
The new lab will complement work in the use of the iris of the human eye as a "fingerprint" to trap cybercriminals.
Another group, the Biometric Research Group, indicates that the market for residential and commercial security products will reach $25 billion by 2017, with biometrics accounting for $3.5 billion of the market, according to Biometricupdate.com. (Sept. 26). Although the U.S. military and government sector dominate in the current market, the group said it expects commercial space to grow in the field.
Fingerprint technology, which has already got a thumbs' up from some credit unions, is the most established and widespread form of biometrics. It will represent $3 billion of the market in 2017. According to Biometricupdate.com, fingerprint technology is the most economical--a fingerprint lock can cost from $120 to $200 per unit. This technology also has small storage space, reduced power requirements and resists changes in temperature and background lighting. Biometric Research Group anticipates this technology will experience exponential growth.
One credit union using fingerprint technology is $2.15 billion assetService CU, based in Portsmouth, N.H., with 164,000 members worldwide and more than 600 employees. It uses DigitalPersona's U.are.U Fingerprint Readers to secure access to applications and member information. It needed an authentication solution that could simplify and secure access to more than 100 applications and websites employees use each day. The fingerprint allows employees to log in to the network once and acts as a password vault. It has resulted in the near elimination of password-related network and application lockouts and increased productivity, said the credit union in a July press release.
Voice biometrics is another area that is attracting an increasing number of financial institutions worried about data breaches. They turn to voice biometrics to improve security, lower costs and reduce consumers' frustration with the authentication process, says Opus Research Advisory (Sept. 26). Five million individuals are enrolled in systems or services that recognize their voiceprints as unique, personal identifiers. By 2015, this number of "protected" individuals is expected to reach 90 million. Opus noted some companies are turning to voice authentication in the cloud to make it easier to adopt, more scalable and enables pay-per-use pricing.
Last year, Phoenix-based Desert Schools FCU deployed voice biometrics using Finivation Software technology for password re-sets and high-risk transactions (Homeland Security News Wire Dec. 6). It planned to allow members to call its call center and leave a voice mail. The voice biometric software uses a mathematical algorithm to identify and record the member's unique voice characteristics for future reference. After that, the member's voice serves as a password to verify their identity.
The Federal Bureau of Investigation's Biometric Center of Excellence has noted that voice recognition systems are popular for remote authentication because of the availability of devices for collecting speech samples via telephone networks and computer microphones. Employing voice recognition requires no special equipment other than a good microphone, such as the one on a mobile phone, reports Computerworld (Sept. 25).
Waving the palm of one's hand is also being studied as a biometric solution for security. Intel recently demonstrated a palm vein detector in which a researcher waved his hand to log into Windows 7 and view his bank account. When he moved from the computer, it locked Windows and went into sleeping mode. Once the device recognizes the user, that identity tag can be forwarded to any number of accounts securely, from banks to social networks, -mail or business networks (zdnet.com Sept. 27).
And then, there's the heart beat. Intel acquired Israel-based Idesia Biometrics in July. Idesia provides technology through which heart beats can be used to recognize users on computers and mobile devices. Intel is hoping to create a sensor that could go into a smartphone or tablet that could monitor a heart beat.