Biometrics lock down portables

Upek president Alan Kramer argues that fingerprint access can lower security costs

IT Week: As Upek's founder, how do you describe its security products?

Alan Kramer: We aim to take complexity out of biometric fingerprint technology and integrate it into intelligent buttons. The Upek sensor recognises the user's fingerprint and ensures a device can only be operated by authorised users.

Where is this technology used?

Upek's scanners are used in laptops and handheld electronics, such as cell phones, Flash drives and PDAs, as well as a range of access solutions like door locks. Our customers include IBM [now Lenovo], Fujitsu in cell phones, Sandisk for USB Flash drives and Symbol for industrial PDAs.

Why is demand for biometrics expanding?

The big driver is growth in handheld electronics. People are carrying more devices with important data on them, so there is a need to improve security. Berkley University recently had a laptop with student records stolen, and a survey in Chicago found that over 100,000 [phones or PDAs] are left in the city's cabs every six months.

Do passwords solve this problem?

Passwords aren't secure enough. You should change passwords and use different passwords for every account, but while firms want staff to do that, it is inconvenient and many don't follow policy. Fingerprint biometrics provides a high level of security and a high level of convenience for end-users.

What makes fingerprints more effective than other biometric measures?

Speech recognition is low cost, but security is poor, while iris recognition is expensive and more inconvenient. Fingerprint sensors are very secure and low cost.

So, what is the price?

The cost is dropping rapidly. An IBM laptop costs an extra $50 [£28] for fingerprint security and we [believe] it will end up being just $20 [£11].

What about reliability?

Customers' tests found the sensor surpasses a 99 percent success rate, so you have to scan twice less than one in 100 times. You would also have to swipe over 10,000 random fingerprints before you found another that matches yours. The bigger challenge was robustness, but we've made significant improvements.

How is this technology managed?

We recently moved into client and server software so we can deliver tools that let managers assign access and password policies. Most of our business is selling to hardware builders like IBM, but as deployments get larger an important part of the value proposition is to give firms central management capabilities. The IT manager can decide from a central station which employee

fingerprints are authorised for which machine. The management is taken out of the hand of employees.

Are there benefits beyond security?

The firms that are developing good security policies are finding a growing problem with password management. One study estimated the cost of password-based security is in the range of $3,000 per employee per year in lost productivity and support costs. An alternative technology [biometric security] that costs one percent of that is very attractive.

About Alan Kramer

Alan Kramer is president of biometric security firm Upek.

Previously, he was vice-president of STMicroelectronics' TouchChip business unit.

He has also worked for AT&T Bell Labs, Intel and HP.