Who could forget the scene from John Woo's 1993 B-movie "Hard Target," where an imprisoned Jean-Claude Van Damme burns off the skin on his index finger, attaches it to an impromptu mechanical contraption and booby-traps it to hit the scanner at precisely the scheduled time each morning, so that his captors don't notice his escape?
Indeed, biometric identification systems are a bit harder to fool than simply getting the password right. And as this technology advances, so do people's concerns over its true effectiveness.
"Public acceptance of biometrics has been slow to grow, and will continue to be an issue until issues of privacy and security of data have been brought up to a level acceptable by the majority of people," says Isabelle Moeller, general manager of the Biometrics Institute.
The concept of biometric identification systems actually dates back to 1879, when French police clerk Alphonse Berthillon suggested that individuals could be identified through precise measurements of the body.
Argentina was one of the first countries to widely implement fingerprint records.
By 1976, Argentine police were using a system that combined scanned fingerprints with digital processing and radio technology to send biometrical information from the police cars to a central database, in order to track down suspected individuals in Buenos Aires.
Today, fingerprints are used not only for forensic investigation, but also commonly for passports, ID cards, border surveillance, access control, and even shopping.
The German company IT-Werke, specializing in biometric applications, has successfully implemented its digiPROOF system of payment by fingerprint in 120 Edeka stores in Germany. In June 2008, it launched a six-month trial of a similar system in collaboration with the payment processor Equens, in the Dutch supermarket chain Albert Heijn.
One to many
Besides fingerprints, other physiological biometrics include face recognition, iris scan, retina scan, hand geometry, facial thermogram, body odor, hand or finger veins, footprints and palm prints.
Of these, iris scanning is the most accurate -- with an average of approximately 250 distinctive characteristics in an iris, the odds of two people having the same pattern are 1 in 7 billion. And as it is relatively difficult to copy, it's also considered of one the most secure biometrics.
However given the complexity of the process, it's also the most costly, and its accuracy depends on the cooperation of the subject. (For example, criminals have been known to use eye drops to dilate their pupil, thus masking the majority of their iris.)
Conversely, face recognition is technically the least intrusive, as faces can be scanned at a distance by surveillance cameras (although this also poses privacy issues), but its accuracy varies greatly according to light, exposure, etc.
Another biometric identification system currently under development by Hong Kong Polytechnic University's Biometrics Research Center is tongue scanning.
"The tongue shapes of different people are different, and thus the tongue can be used to tell different subjects," says Lei Zhang, assistant professor at the university.
"Our system uses laser scanning to construct the 3-D shape of the tongue. The tongue shape information can be collected in about two-three seconds. Then after feature extraction and matching, the person's identity can be determined."
Other biometric identification systems, which require capturing the subject in action and similarly comparing it to a database of samples, are behavioral. These include voice print, signature or handwriting dynamics (the way a person writes), keystroke dynamics (the way a person types, most often used as an extra layer of security over a password) and gait (the way a person walks).