Latest Reuters story about MSFT and biometrics:
"PALO ALTO, Calif. (Reuters) - Microsoft Corp. (MSFT.O) Tuesday took a major step to support biometrics, the security technology that uses fingerprints and eyeballs as an alternative to passwords to verify a computer user's identity.
"The company acquired biometric authentication technology from I/O Software Inc. and said it will begin incorporating it into its Windows software as early as this summer.
"Biometrics have long been promoted as a more secure and convenient alternative to passwords, social security numbers or even mothers' maiden names, which can be hard to remember and may easily fall into the wrong hands. Industry experts say Microsoft's move could be pivotal in helping to speed widespread adoption.
"'This is very, very big news for the industry,' said Raj Nanavati, a partner at the New York-based International Biometric Group consulting firm. He said Microsoft will help raise the profile of biometrics as a practical security solution and help encourage universal standards.
"Biometrics is currently a fragmented industry consisting of a multitude of companies making products that read all sorts of physical characteristics from fingerprints to eye irises, face geometry or voice. Some companies also read signatures or even key stroke dynamics -- the force and speed at which a person types on a keyboard -- to verify identity.
"Unlike passwords, it is virtually impossible for so-called biometric keys to get into the wrong hands, since the fingerprint is a literally part of the individual user's hand. But while many computer users would happily swap a long list of passwords for a simple fingerprint reader, such biometric technology has until recently been prohibitively costly.
"Microsoft said its decision to embrace this security solution was made partly in response to growing consumer demand. Along with being perceived as simpler and more secure than passwords, many companies believe biometrics will save them money in the long run.
"'Corporate help desks spend a lot of time resetting employee passwords,' said Shanen Boettcher, lead Windows product manager at Microsoft. 'There are lots of offices with lots of sticky notes with lists of passwords on them. It's both an inconvenience and a security breach.'
"Microsoft says it plans to offer biometrics support to users of its Windows 2000 software by this summer and will fully incorporate the security into Windows in the future.
"'One of our main goals is to draw the roadmap to enable a platform for both hardware and software companies to build applications (to support biometrics).' said Boettcher.
"Even with the new support from the world's largest software maker, it could be a long way until biometrics is adopted broadly. Critics say the industry still needs to decide on the best means to verify a person's identity, and questions remain over the accuracy of analyzing a fingerprint or a face via computer.
"The biometrics industry, which by some forecasts, was projected to be a $1 billion a year market by 2000, is still just a fraction of that size. Although some corporations are now using biometrics, the biggest users are certain niche markets like prisons and law enforcement agencies, which are increasingly using computers instead of ink to read and record fingerprints.
"A potentially major hurdle for the private sector will be converting the thousands of Internet Web sites, which now rely almost exclusively on passwords to admit members. Even the biggest backers of biometrics say it could take years until all the Web sites on the Internet are sold on the concept."
============
I'm kind of taken with Stockman17's conclusion on Yahoo that MSFT plans to offer the BAPI interface this summer, with the I/O SecureSuite much further down the road. That can yield an interesting result, and I wonder whether Microsoft has considered this: First, if IDX is already BAPI-compliant (as I hear through the grapevine), then MSFT's first move will accelerate the adoption of IDX readers and BioLogon in the PC base, and confer first mover advantage. That would complicate MSFT's efforts in a couple of years to standardize SecureSuite. Second, if MSFT is just trying, via its early BAPI adoption, to let numerous software and hardware makers work on the present Windows platform, that will also complicate standardization. The effect, intentional or not, may be to prevent I/O from the real prize: SecureSuite within Windows, and force them to settle for simply licensing BAPI to MSFT.
Another issue is the level of demand for the higher function BioAPI versus the less complex, but already completed, BAPI. What I hear is that IDX believes the end users prefer a higher function API to a less sophisticated API. It's going to be very interesting to see this play out. Remember, we're only dealing in the PC market here -- wireless will be an entirely different ballgame, and IDX seems to hold a greater advantage there both in hardware and its MOT alliance. |
