My point exactly.
Who are the potential users for layered or multiple biometrics? More than likely, the military. Not a coincidence that NRID was commissioned for this by DoD.
Why not civilian uses (despite the Diebold pilot)?
(1) No need for the additional security. Biometrics sells itself as the most secure, and simplest, methodology. What message is sent when there are two or more biometric authentication methods in one application?
(2) Why would Oracle or Computer Associates sell a biometrics solution that is not uniform? It would drive up transaction costs for a not-yet-accepted technology, at least in terms of inconvenience to the user, and be harder to explain. As we know, Oracle is not selling a multiple biometric system for intranets. I doubt anyone else will, either.
(3) What about preexisting multiple biometric methods on one server? Doesn't HAAPI solve that problem? What problem? Where are there multiple biometrics on a common server or network outside of the State Secret arena? There are barely biometrics anywhere right now. It's not like HAAPI will solve problems of an installed base, since there is no installed base.
(4) Why is Diebold going with voice/retina layering? (And why didn't they need NRID to do it?) In the ATM area, there are special security concerns that the already installed cameras can help alleviate. They may also have climate problems in the north regarding fingerscans, although you'd think it shouldn't be too serious. (I also prefer to think they didn't use a very good fingerscan company for their early pilot. Say, SACM.) I suspect that in order to make the retinal scan avoid false rejects yet still be part of a reliable system, they had to loosen standards and then needed the fallback of the voice recognition technology. Overall, I think a single biometric ATM (or other civilian system) would be preferable to this pilot approach.
In summary, I think NRID has hit a single with this product, not a home run, assuming that it is not overtaken technically by a competitor, and may find limited governmental uses. But not commercial uses. |
