BENEFITING FROM AND SURVIVING DEFENSIVE RUINOUS INFORMATION WARFARE

Users are drowning in computer passwords. Let's count them: At the office, they need one to log-on to their computer. They need still another to access their corporate e-mail. Users also need three for separate databases within their company, one for a legal research database (a corporate lawyer), and two to get information on retirement plan and benefits. When they get home, they need a password to log-on to their home computer, and a handful more to use on-line services. Amazon.com and other on-line merchants also require a password to make purchases. To get cash from an ATM, they need their personal identification number.

With as unique a fingerprint as a password, corporations can be sure that a person logging-on to a computer network is who he or she claims to be. As previously discussed in the chapter, you can benefit from and survive defensive ruinous IW by using biometric technology (which uses unique human characteristics such as fingerprint, voice, face, or iris patterns to verify a person's identity), which is making rapid inroads into corporate America. According to Gartner Group, within three or four years about 55% of all corporations will use fingerprint readers or some other kind of biometric device.

The scramble to commercialize biometrics stems primarily from changes in how companies organize their information technology. The 1990s switch to network computing, which moved important data from mainframe computers to servers, increased the flow of information within a company. But in the process, it made that information more vulnerable to theft and tampering. A recent FBI survey found that system penetration by corporate outsiders and unauthorized access by corporate insiders are both on the rise.

Corporate networks are not the only potential commercial application for biometrics. Credit card issuers want to reduce losses from fraud. In recent small tests, MasterCard began using fingerprints as a substitute for a signature. Biometrics holds the ultimate security key to future payment systems. The explosion of e-commerce^[iii] has also created a gigantic need to authenticate the identity of buyers.

The price of biometric devices has plummeted. In 1994, the smallest fingerprint reader sold by Identicator Technology was the size of a telephone and cost $2,000; today it's the size of one sugar cube and sells for $97. In five years, a similar fingerprint reader may cost $13.

It's likely that more than one biometric technology will emerge. Fingerprinting will snag the lion's share in the fast-growing corporate computer network market. But technology using voice identification can be easily integrated into already existing telephone services such as automated call centers that answer queries about credit cards, bank accounts, and benefits. Facial recognition technology also has its advantages. When Mr. Payroll Corp. (now called innoVisions) wanted to automate its check-cashing kiosks in 1997, it chose facial recognition developed by Miros over fingerprinting because of the latter's law enforcement connotations.

The ultimate goal for biometrics manufacturers is to get into the homes of millions of consumers, with the PC being the likely point of entry. About 8% of all new PCs, including some laptops, are already equipped with cameras, a harbinger that facial recognition may eventually play a role on the Web.

But privacy concerns are a big hurdle. Consumers may decide that using a face or a fingerprint as a password will jeopardize privacy more than protect it.

^[iii]John R. Vacca, Electronic Commerce, Third Edition, Charles River Media, 2001.