The Mother Of All Questions: How Do We Know Youre Really You?
By Ara C. Trembly
Has it ever occurred to you that life as we know it proceeds based on a series of assumptions that, I daresay, none of us tests against reality with any regularity?
For example, when you read this column, you assume that I have written it, because you see my name at the top and that devilishly handsome photo somewhere accompanying the text. But what does that prove?
After all (and I hope Im not dashing any fondly held dreams here) the late Ann Landers column (which also dispenses guru-like advice) is not written by her, unless she has found some way to communicate from beyond the grave. Yet we continue to see her name in print, and we see that vintage photo accompanying her columns in newspapers nationwide.
And while I can assure you–insofar as you believe its actually me assuring you–that I am indeed your one and only tech guru, theres really no way for you to know that for sure without visiting our offices and watching me as I work my guru-like magic. And thats assuming you trust your own perceptionsbut lets not go there.
When you come right down to it, the question is: How do we know–for sure–whom were dealing with in any context? In this era of terrorism, war and electronic pilfering, such a question assumes monumental importance. Fortunately, technology has an answer that, while not 100% foolproof, is about as close as we can get.
What were talking about here is biometrics, which is the use of unique biological features (fingerprints, handprints, iris patterns, voice patterns, retinal blood vessel patterns) to positively identify an individual.
For example, in the 1996 film classic “Barb Wire,” starring Pamela Anderson in the title role, Ms. Wire dons a specially doctored contact lens that “fools” a retinal scanner into identifying her as someone other than her estimable self. How Ms. Wire/Anderson escapes identification via other unique features is indeed a mystery, but it is one that need not concern us here.
In the more recent “Minority Report,” another futuristic film, star Tom Cruise goes even further–actually having his eyes replaced, by a backroom surgeon, with the eyes of another person. In that film, retinal scanners are everywhere, most notably in the form of devices that scan an individual and create personalized advertising for him or her on the spot (and you thought spam was a problem!).
In the real world, criminals have tried all sorts of methods, including the application of acid, to alter their fingerprints in order to avoid being identified and captured.
Such draconian measures aside, however, biometrics offers an accurate and reliable method of identifying individuals. In fact, Computerworld reports that the U.S. government has issued more than six million biometric border crossing cards, which have led to identification of some 250 impostors on the Canadian border.
According to Walter Hamilton, vice president of business development for SAFLINK, a maker of biometric security systems, the border cards provide a reliable means of matching a persons paper identification to his or her unique biometric features. “Its one way to verify that you are who you are,” says Hamilton, who is also an officer of the International Biometric Industry Association.
Biometrics also has interesting business uses, such as making sure those who access critical computer systems are, indeed, who they say they are. With federal legislation now requiring that we keep consumer information secure from unauthorized access, such systems could prove invaluable to insurance and financial services firms.
While biometrics will certainly be helpful at border crossings and for controlling physical access to buildings and other areas, its greatest value to our industry may be in guarding against unauthorized computer use.
Most of us tend to rely on passwords to prevent unwanted systems access, but passwords can be stolen (please dont put yours on a sticky note attached to the monitor) or even discovered by certain “fringe” software programs. Passwords are also often easily guessed (usually the users birthday, spouses name, dogs name, etc.).
Biometric devices, coupled with software, can utilize any number of identifying biological features to ensure that only the proper people are signed on to an agents, brokers or carriers systems at anytime.
If youre worried about costs, youll be glad to know that such devices and software need not be prohibitively expensive. According to SAFLINK, normal password management typically costs a company between $200 and $300 per year, while “biometric solutions” start at around $170.
Howard says pricing of enterprise versions of his companys biometric access software hinge on the number of users on the server. Software protection begins at $39.95 per user for 499 or fewer users, with volume discounts applied as the number of users increases, he explains. A simple desktop version for Windows sells for $49.95 he adds. Maintenance agreements are extra.
The biggest cost of biometric systems, according to Howard, is the hardware, but even there, the prices are not staggering. A stand-alone fingerprint device from SAFLINK sells for an average price of $123, he notes. A typical iris recognition camera sells for $245, not including software that is priced at $50 per license up to 1,000 users, he adds.
While everyone in this economy is cost conscious, these systems seem to be well worth their cost, allowing users to protect information and to comply with new, strict federal legislation on information privacy. The biometric factors that are keys to such systems are “virtually impossible to duplicate,” says Howard.
So even though youre not completely sure that I am who I claim to be–and Im not altogether certain you are who you claim to be–we can at least be reasonably certain that the people who use our interconnected computer systems are there legitimately. In this age of confusion and suspicion, that knowledge is a virtual continent amid wildly churning seas.
Thus, your tech guru–or the entity you ostensibly believe to be your tech guru–suggests that you check into biometric safeguards for your computer systems. Theyre not science fiction, and theyre not just in the movies anymore.
Reproduced from National Underwriter Edition, April 7, 2003. Copyright 2003 by The National Underwriter Company in the serial publication. All rights reserved. Copyright in this article as an independent work may be held by the author.