Business Innovation Homepage > Governance

Given the high level of risk associated with information security breaches — and the rising number of potential threats — it’s becoming increasingly important to have mechanisms in place to ensure that only authorized users can gain access to systems, networks and applications.

How can organizations be truly sure of the identity of a user? One of the more effective ways to prevent unauthorized access is to deploy biometrics technology.

Biometrics, which includes a wide assortment of security mechanisms such as fingerprint recognition, voice verification, retina scans, facial recognition, iris recognition, hand geometry and signature verification, has been around for years. Government agencies in particular have been deploying various types of biometric security for a long time. But the technology has been somewhat slow to move into corporate environments. One of the biggest hindrances has been the relatively high cost of biometric products. Other concerns are the reliability of systems and user privacy issues.

But demand for biometric security products is expected to grow steadily in the coming years. A market and industry report this year by the International Biometric Group LLC, an independent integration and consulting firm focused on biometrics, estimates that annual worldwide biometric industry revenues will increase from $3.01 billion in 2007 to $7.41 billion in 2012, driven by government identity management programs, as well as private-sector initiatives. Asia and North America are expected to be the largest global markets for biometric products and services.

“Some growth is spurred by government-based projects, such as border-control programs,” says Gerry Gebel, VP and service director, identity and privacy management service, at Burton Group. But Burton Group does not see a lot of uptake in the commercial enterprise market, Gebel says.

“For most people, biometric systems are still a strange technology that may be resisted due to perceptions,” Gebel says. “In particular, people are concerned about the privacy of their biometric data and [how] closely they can be tracked if biometric technologies are deployed in large scale.”

Nevertheless, some biometric systems, such as fingerprint readers, are finding there way into IT security applications. “Fingerprint technologies are the most common and most suitable for authentication when combined with another authentication factor, such as a smart card,” Gebel says. “This technology continues to reach a broader audience, since fingerprint readers are now available on a number of laptops and other mobile devices.”

In the meantime, efforts are under way to develop standards for biometrics technologies. The National Institute of Standards and Technology (NIST) says it has intensified its work in biometric standardization in recent years. Biometric standardization activities are being led by the InterNational Committee for Information Technology Standards and the International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) Joint Technical Committee, according to NIST.

“Many government and commercial applications, including homeland security and the prevention of ID theft, are requiring strong personal verification and identification applications,” NIST says on its Web site. “These requirements include high performance, interoperable systems and standards-based biometric technologies that are capable of rapidly determining an individual's claimed or true identity.”

Click here for more Governance articles