Typically when asked about biometrics, our research shows that it is used most heavily in physical access scenarios, in government agencies, and of course, fingerprint scanning for personal computer access, USB drives, etc. Could this be changing soon?
There have been some questions recently about the viability of biometrics in traditional IT environments, and in this context, a recent announcement caught my eye: BT AND HITACHI COLLABORATE TO CREATE A SECURE IDENTITY MANAGEMENT SOLUTION. The press release went on to say that BT and Hitachi Europe "are joining forces to design (an) identity management solution to the financial services market.”
This consists of the BT Unified Trading federation, a cloud-based trust utility for secure identity exchange, and Hitachi's Finger Vein Authentication Engine and technology for biometric security capabilities. The goal of the partnership is to provide a trusted solution for "the secure interchange of identities between financial firms, identity providers and service providers, at the heart of financial services industry."
Apparently Hitachi has been doing some work in this area and developed a technology using the venous network of fingers as a biometric identifier. This approach is designed to enhance security while preserving users' private data via "no trace" biometrics.
The biometric data cannot be accessed without the knowledge of the user, and, according to the vendor, VeinID biometric authentication is highly secure because it is not reproducible, in contrast to fingerprint authentication. This technology can be used in a context of both logical security and physical security.
BT reports that the Unified Trading federation will be "easily accessible by the 15,000+ member sites in the BT Radianz Cloud, the world's largest secure networked financial services community. A key strength to the federation solution is that firms retain responsibility for their own directories, authentication and the attributes they allow third-parties to see. BT Unified Trading federation facilitates the secure exchange of that information. "
Evidian is also integrating the Hitachi VeinID biometrics solution with SSO for use in trading rooms. The company's website included a quote from Alain Bernard, CSO at Natixis, which uses an Evidian/Hitachi solution to reinforce access to the Natixis traders' clusters of PCs with biometrics.
Cloud Federated Identity Management (FIM) + Biometrics --- is this a trend? We will be watching this over the coming months. Let me know your thoughts [email protected]
Posted by By Sally Hudson