Designed to improve security
and decrease help desk calls, biometric keyboards
scan your fingerprint and authenticate you from
encrypted fingerprint records in lieu of asking
for a password.
The leading fingerprint scanners work in conjunction
with Microsoft's Windows operating systems and
Novell's Network Directory Services (NDS).
Biometric keyboards instantly obsolete well-known
password cracking programs like NTCrack, John
the Ripper, L0phtCrack, and PWDUMP, all of which
are based on deciphering dictionary attacks.
Biometric keyboards can solve a number of problems
for network administrators: you don't need to
specify password expiration times, since users'
fingerprints never expire, and users won't need
to call the help desk to have their passwords
reset because they forgot them. While passwords
can be exchanged and hacked, fingerprints cannot.
In my experience, management and administration
of user passwords costs a typical IT organization
from US$100 to US$300 per user, but despite that,
you won't find biometric keyboards popping up
everywhere yet. Aside from price--a new keyboard
can run upwards
of US$120 compared to around $20 for a standard
keyboard - privacy concerns about scanning and
storing personal data prevent some companies
from employing the keyboards.
Government agencies, on the other hand, are
embracing fingerprint scanners, because they
are more concerned with protecting their data
than preserving employees' privacy. The looming
Health Information Privacy and Protection Act
(HIPPA) is creating enough buzz about privacy
to entice major healthcare providers to take
a second look at biometric authentication technologies
When integrated with Windows, leading fingerprint
scanner servers extend the operating systems'
Security Accounts Manager (SAM), which is the
database where all passwords or authentication
records are kept.
In fingerprint-scanning devices, the fingerprint
image passes through an extraction algorithm
that hands it off to a matching algorithm. If
the program finds a match, the user is authenticated.
Even if a hacker were to break in and steal the
SAM database, it would be useless without the
actual finger to match it with.
Novell has also developed an authentication
product that interoperates with most leading
fingerprint scanners. Novell
Modular Authentication System provides multi-factor
authentication to NDS and stores encrypted fingerprint
records in Novell's eDirectory.
According to industry analyst Steve Hunt at
Giga Information Group, Novell's architecture
"is superior to most since it is so well integrated
with Novell's NDS eDirectory and Microsoft Windows."
Leading PC makers are starting to offer biometric
authentication tools. Compaq now sells a Biometric
Option Kit that includes a biometric keyboard.
Dell offers biometric keyboards for large custom
orders and is ramping up a program to sell biometric
keyboards on standard orders.
IDC predicts the biometric market to increase
at the same compound annual growth rate (CAGR)
of PKI products, which is roughly
60 percent. Though I think that's probably
optimistic, biometric keyboard growth is on a
steady increase. Today, you can purchase a fingerprint-scanning
integrated circuit from AuthenTec for US$20 and
costs will continue to drop. After technology
hardware devices reach single-digit costs ($9
and below), the speed of their adoption generally
accelerates at rapid rates. I predict biometric
technology will be ubiquitous on all keyboards
within five years.
The undisputed leaders in biometric fingerprint
technology development include Identix, AuthenTec,
and Ethentica, while Cherry Corp. and Keytronic
Corp. lead the way in integrating the technology
uses optical scanning technology to capture and
map out minutia points, or lines of intersection
on your fingertips. The Identix fingerprint scanner
is available as a PC Card or as an external PC
add-on device that plugs into the parallel port,
starting at around US$99. Identix has distributed
more than 2,000 of its fingerprint scanners to
Microsoft for testing and development purposes.
uses a sensor matrix, built into an integrated
circuit, with more than 16,000 location elements
(similar to pixels on a screen) to map crests
and valleys on a fingerprint. AuthenTec's semiconductor
approach can identify fingerprints that are covered
with dirt, make-up, grease, and other scan-blocking
Because it is an actual integrated circuit,
the US$20 AuthenTec fingerprint-scanning product
is more affordably priced than pre-packaged fingerprint
scanners like those sold by Identix. However,
integrating the circuit takes a bit more know-how
than using Identix's pre-packaged PC Card, and
Identix has created pre-packages drivers that
integrate cleanly with Microsoft Windows and
offers fingerprint-scanning products similar
to those of Identix and AuthenTec. Offering both
PC Card form factor scanners (US$179) and USB-based
(US$119) tactile sense scanners similar to AuthenTec's
circuit-based technology, Ethentica fingerprint-scanning
solutions are more expensive than those offered
by Identix or AuthenTec.
One of AuthenTec's leading integrators is a
company called Sense
Technologies. Sense provides complete integration
and support of the fingerprint scanner into a
custom computer time and attendance system on
the wall with a keypad. The system goes for US$5000.00,
can support an unlimited number of users, and
is fully integrated into their network IT infrastructure.
For end-users who want instant capabilities for
laptop authentication, Identix is a better choice.
Corp. produced its first biometric keyboard
nearly three years ago. According to a spokesman
for Cherry, the demand for biometric keyboards
has increased significantly in the last six months.
Top customers include federal agencies and computer
Corp. sells biometric keyboards through resellers
and through an online store. Keytronic's top
customers are also federal agencies, both domestic
and abroad, according to a company spokesman.
European and South American government agencies
are embracing this new keyboard technology faster
than U.S. federal agencies.
If your organization is bogged down with password
administration and security issues, fingerprint
scanners offer advanced capabilities over traditional
password based security. The increased security
you gain through using encrypted multi-factor
authentication prevents users from sharing login
information, and, if installed correctly, can
render stolen laptops useless.
Laura Taylor is the Chief Technology Officer and
founder of Relevant Technologies. Ms. Taylor
has 17 years of experience in IT operations with
a focus in information security. She has worked
as Director of Information Security at Navisite
and as CIO of Schafer Corp., a weapons development
contractor for the Department of Defense.