Biometrics is not the silver bullet some would have you believe.
The choice of what technology to use in order to bolster access control in business warrants serious consideration – especially given the undeniable track record of the application of password protection and the increasing interest in biometric technology.
This is the view of Liam Terblanche, CIO at Accsys, a national supplier of payroll, HR, time and attendance and access control solutions. He believes the fact that passwords have been around for so long is quite understandable.
“The principle of using passwords to control access has been with us for centuries. As with any evolutionary process, the good stays while the bad is replaced by something better. Anyone with a reasonable level of intelligence (or a password bank) has the ability to remember words, be it names, ideas, verbs or passwords.”
Passwords are also inexpensive control mechanisms that do not require technology for storage or retrieval. “Passwords can be changed when a threat of discovery or fraud is suspected. And most importantly, a user can minimise the risk of exposure by having a different password for different uses.”
Biometric technology cannot simply replace passwords in all applications without some serious thought. “The most important reason I do not see biometrics replacing all password applications in identity and access management is because of the permanence of biometric characteristics. If someone can hack a network and discover my password, I can simply change it. But if that same person hacks into data traffic, already an existing technology and intercepts my fingerprint templates, what then?”
Terblanche says it is important that the market is not influenced by hype and understands the true significance of biometric technology and the real advantages it offers within specific environments and under the right conditions to address key requirements, including access control.
Biometric solutions require technology and infrastructure to store and retrieve your biological identity traits (fingerprints, iris profiles, voice templates, etc). The absence of a universal biometric modality (one biometric technology that can be used by everyone) means that standardisation is still a long way off. Some people simply do not have fingerprints. Glaucoma and other eye defects and diseases make the use of iris scans non-universal. Facial occlusions, including wearing a Hijb or Niqb have been shown to impede the success of face recognition, for example.
“We are still a few years away from centralising one shared platform that will replace the use of passwords in a global environment,” Terblanche says. He adds that biometrics is being constantly developed and is now being used in a number of creative ways, most notably to control access to companies and to address issues such as buddy clocking, the fraudulent practices of time theft and its impact on resources within the HR environment.
“Mounting evidence suggest that more decision makers are seeing biometric-based technology as a credible, cost effective and more secure access control infrastructure,” he says.
© Technews Publishing (Pty) Ltd. | All Rights Reserved.
printer friendly version