On The Bleeding Edge

In role reversal, federal agencies leading adoption of biometric technology

• By Vic Berger
• Sep 14, 2009

Federal agencies typically adopt proven, field-tested technologies. Private organizations, on the other hand, are more likely to adopt emerging technologies. So-called lead adopters, officials are cognizant of the risks inherent in new technology adoption, but they are willing to accept those risks in exchange for the very real business benefits, such as cost savings and process efficiencies.

One might expect that federal agencies and private-sector organizations would model these same behaviors in the adoption of biometric technologies. Biometrics is the study of measurable biological characteristics such as facial characteristics, fingerprints, hand geometry, the retina and iris, capillary mapping, voice and signatures.

In reality, a role reversal has occurred. While both public- and private-sector organizations continually grapple with the dual responsibility to bolster information security while using IT to cut costs and improve efficiency, the federal government is leading investment in biometric technologies to further these goals. The private sector is following.

Some of the speed of biometric adoption can be attributed to the 2004 Homeland Security Presidential Directive 12 (HSPD-12). Federal agencies also recognize the business benefits of biometrics. For example, META Group estimates that the average computer user calls the help desk 21 times a year. Each call costs an average of $25. Since an estimated 30 percent of help-desk calls are for password resets, an organization with 10,000 users spends almost $1.6 million per year just for password resets. Compare that to a $50, one-time equipment expense for an integrated fingerprint solution for the same 10,000 users, and add in the increased productivity of the help-desk staff, and the savings become very clear.

Keeping The Lead
When productivity and security improvements are considered, biometrics demonstrates a strong return on investment compared to alternative identity validation methods. While the federal government currently leads the adoption curve, there is room for more adoption. Organizations considering biometrics technology should ask the following questions.

What is the value of my data? If your organization’s value is based upon data and knowledge, that information must be protected. Consider an organization heavily vested in research and development as an example.

How many users do I have? If you have more than 10 users, your organization will reap significant benefits from adopting biometrics.

Do we understand the utility value of biometrics? Beyond security improvements, organizations should calculate the utility value of biometrics, such as improved productivity for IT staff and front-line workers.

When can I most cost effectively implement biometrics? For many organizations, the greatest economies of scale are achieved during a scheduled technology refresh.

Debunking The Myths

Despite the numerous benefits and range of available options, some organizations are still slow to adopt biometrics. While concerns run the gamut from cost to accuracy to user resistance, most of these issues are either unfounded or easily addressed. Some common misconceptions include.

Biometrics are too expensive. The cost of most biometric technologies has dropped 50 percent during the last five years. In addition, the immediate and long-term improvements in productivity and security usually far outweigh the initial technology investment

Biometrics are complicated to install. Biometrics solutions can be installed, configured and administered by existing IT personnel with little training. Many versions simply plug into a USB port and use a very basic software application

Biometrics are not secure enough -- data can be reverse engineered. Reverse engineering a biometric template to a potentially useable state would require a code-breaking supercomputer. The cost and complexity involved in such an effort would be far greater than the value of the data obtained. We may see this scenario in the movies someday, but that’s where it will stay

Biometrics are not accurate. Though no method is perfect, biometrics provide the highest level of accuracy for any validation scheme. Rarely, there may be an inaccuracy, but it errs on the side of exclusion rather than inclusion. While this would cause minor inconveniences, it would not compromise an entire system

As standards evolve and understanding of the benefits of biometrics improves, adoption of the technology should grow exponentially as federal agencies -- followed by the private sector -- embrace identification verification solutions that provide a flexible, cost-effective means of ensuring the security of critical and sensitive information.