Biometric Authentication in a Digital World

System builders extend reach of biometrics as authentication technology for digital rights management

There are also challenges associated with the more James Bond-esque biometric options, such as eye scanners. These detect and measure tiny differences in each person's eye coloring and design. Unlike in the movies, however, current eye scanners don't scan the retina at the back of the eye. Instead, they scan the iris, the colored ring around the central pupil. Unfortunately, the iris expands and contracts with ambient light, so getting two identical scans of a person's iris is tricky. Lighting conditions, distance from the sensor, temperature-even alcohol consumption-can all affect the size and color of someone's iris. For all these reasons, biometric eye scanners are limited to clean, well-lighted places such as office lobbies.

There's no question that biometric control options are taking off in embedded solutions, but they're not appropriate for every application.

Matt Wagner, product marketing manager for security and wireless at Palo Alto, Calif.-based Hewlett-Packard, said, "Based on our past experience, the uptake [for fingerprint sensors] was slow, but looking forward, better authentication is seen as critical. We think embedded encryption chips and smart cards are the best near-term opportunity."

Smart cards have the advantage of high-volume, low-cost production; still, they're not much more secure than passwords.

Kelan Silvester, a platform security architect for Intel, Santa Clara, Calif., is more optimistic. "We think the time has come for fingerprint sensors," Silvester said. "Passwords are running out of gas and don't solve the problem by themselves. A lot of the work at this point is just marketing and encouraging people to use the technology."