Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Security Technology

Vein Patterns to Verify Identity 293

JonN writes "Fujitsu Ltd. will start selling a biometric security device next month that relies on vein patterns in the hand to verify a user's identity, it said today. The palm-vein detector contains a camera that takes a picture of the palm of a user's hand. The image is then matched against a database as a means of verification. The camera works in the near-infrared range so veins present under the skin are visible, and a proprietary algorithm is used to help confirm identity. The system takes into account identifying features such as the number of veins, their position and the points at which they cross."
This discussion has been archived. No new comments can be posted.

Vein Patterns to Verify Identity

Comments Filter:
  • by nokilli ( 759129 ) on Thursday June 30, 2005 @01:04AM (#12948268)
    Biometrics sounds great, right up until the point you run into the desperate dude who is willing to take out your eyeball -- or in this case remove your hand -- just to be able to access whatever it is that is being protected by biometrics.

    So who is this really good for?

    Wouldn't you rather give up the memorized password rather than your eye or your hand?

    But then, how does your employer look at this.

    He doesn't give a shit about your body. He just wants to protect corporate assets. From his point-of-view, it is statistically less likely that he'll lose such assets were biometrics used over passwords.

    Just remember that when next you go to ask for the raise, and your boss is making you authenticate to the company's grid using biometrics.
    • by plover ( 150551 ) * on Thursday June 30, 2005 @01:08AM (#12948279) Homepage Journal
      Well, to an infrared vein scanner that works entirely by imaging the heat given off by your circulating blood, a severed hand will be every bit as valid as one made of wood.

      Not that I expect the bad guys to be smart enough to know this up front (so we might still be losing a few hands to some idiots) but the entire technology functions as a liveness detector.

      • Or they just force your ass over to the scanner with a gun to your head, Solid Snake style.
        • by Blastrogath ( 579992 ) on Thursday June 30, 2005 @01:17AM (#12948318)
          >Or they just force your ass over to the scanner with a gun to your head, Solid Snake style.

          they can do that with a password, or keys, or almost anything else. I can't immediately think of anything that doesn't work with, other than well armed guards willing to perforate the hostage.

          • they can do that with a password, or keys, or almost anything else.

            With a password you can have emergency passwords that trigger an alert. Maybe they don't grant you access. Maybe they grant you access but there's an alarm going off in an office somewhere.

            Harder to do with biometrics. Hmmm. Left hand good, right hand bad.
            • by KronicD ( 568558 ) on Thursday June 30, 2005 @03:09AM (#12948631) Homepage
              Your comment is valid and raises the point that biometics should be used as part of a three factor identification system.

              1) Something you know (password/login)
              2) Something you have (token, keycard, secureid, proxy card etc)
              3) Something you are (biometric)

              This allows for duress passwords as well as the use of biometics to increase the strength of an authentication system, rather than replace it completely.
          • by QuantumG ( 50515 ) <qg@biodome.org> on Thursday June 30, 2005 @02:19AM (#12948507) Homepage Journal
            With a password you can actually deny an agressor access. They'd have to torture you until you gave it up. For opening a door or something pointless like that you'd give up your password in a heartbeat, but let me tell you about a little system called deniable cryptography. Suppose you work for the NSA. You're given a laptop on which you are required to encrypt any work which is deemed sensitive (and seeing this is the NSA, let's just say that everything is sensitive). You are instructed to encrypt documents of different security grades under different passwords. No system is prescribed for the grading of documents, you're just told you should use at least three.

            So now what happens when the bad guys grab your laptop and take out the rubber hose? I say you won't tell them a single password. How can I say so with such certainty? Well suppose after being beaten for an hour you decide to give up the least sensitive material on the laptop. In fact, this isn't even NSA material, it's just some emails you received from your girlfriend. So you give them your first password, say 'tulip'. The bad guys run to their cryptoanalyst guys and give over the password. They discover that it does indeed provide them with something intelligible. But they don't find anything of value, as you intended. Looking at the remaining space on the harddrive they notice that there is a heck of a lot left, so they send their low brow associates back to get another password from you.

            After another hour of torture you might give up another password. And after another hour you might give up another password. But every time you give up a password you're just guarenteeing more extensive torture. Every time you give up a password the cryptoanalyst guys say there is more data on the disk. When you get to the end of your list of passwords you're really screwed because as far as the cryptoanalysts are concerned, all the free space on your disk is potentially more top quality intelligence. It is impossible for you to convince your captors that they have all the passwords for the laptop. So you will eventually die in their hands or, worse yet, the torture will go on indefinitely.

            In summary, deniable encryption ensures that it isn't in your interest to give up a single password. You're better off claiming that it was some dude's laptop you stole on the way to where you got jumped.

            • With many systems, it is not actually possible to be sure that there is something on the drive. It can be made to look like empty space quite easily. Therefore there is no certainty on the bad guy's part that there is anything more to find after you've yielded the first password.

              I'm impressed that you lasted three hours of professional torture, however. ;)
            • It can store a list of PIN codes protected by a single unlock PIN code. When you enter the wrong unlock code you just get the list populated with the wrong PIN codes.

              That's why crooks usually take you hostage in your appartment while their accomplice goes to the ATM. When the codes work, you lose, when they don't, you lose in a different and probably even less pleasant way :(
            • by iabervon ( 1971 ) on Thursday June 30, 2005 @11:16AM (#12951018) Homepage Journal
              Knowing that, why wouldn't you just give up all the passwords at once? This would put you in exactly the position you'd be in if there was only one password; you don't have anything further to give them, and there's more randomness on the disk.

              Actually, the smart thing would be to have a hard drive full of boring documents, and have a hidden directory full of porn, with all the important stuff steganographically added, encrypted, to the porn. That way your captors will have a reasonable explanation of every bit on the disk from the start, and you can just say that you don't take secret documents out of the office.
          • by Peyna ( 14792 ) on Thursday June 30, 2005 @03:16AM (#12948656) Homepage
            Getting someone's live hand over a scanner doesn't require a person to consciously divulge any information.

            So, it is a lot different than getting a password out of someone. I can beat you all day and you'll never tell me the password. I can knock you unconscious and drag your limp body over to the scanner and place your hand on it without your help.
        • I suspect the system will be used credit card style and try to avoid any real cash transactions.
          So i don't think any criminal is going to get a gun , drag you to a scanner and purchase some things when they can just as easily point the gun at the shop owner and order them to hand over their goods gratis.
      • an infrared vein scanner that works entirely by imaging the heat given off by your circulating blood

        Infrared [wikipedia.org] uses a different part of the spectrum; you're thinking of thermal imaging. Taken from this article [com.com], this is how the Contactless Palm Vein Authentication System works:
        "It works using infrared light to scan for hemoglobin, which provides oxygen to cells in the body, the company said. Reduced hemoglobin absorbs near-infrared rays, so on the image it shows up as black, with the rest of the hand colore

    • Realistically speaking, how much is it worth to you to secure your company's assets? At retail locations, conventional wisdom says "give the dude the money, because it's not worth it."

      Would you lose a body part?

      I think the answer would be "Heck No!"

      What would the court say? Isn't using biometric security putting life and limb of the employees in jeopardy?

      That would be an interesting case for a judge and jury.
      • I don't think you're going to find this equipment in stores that bare the "less than $50 after dark" and "employees do not have safe combination" type signs. That being said, this might be nice in some applications...
        • single sign on and never having to change passwords every 90 days
        • No more keys for your front door... unless you have cold winters like we do... I don't want to hold my hand in front of a camera at -40C
        • No more PIN numbers, or signatures for verification for bank and credit cards
    • Uh, what? (Score:4, Insightful)

      by Bill_Royle ( 639563 ) on Thursday June 30, 2005 @01:23AM (#12948340)
      That's the dumbest argument I've heard all evening.

      The "desperate dude who is willing to take out my eyeball?" Why wouldn't he just leave it in your head and just piggyback through? Or bring you along to access that "protected" stuff?

      Sure I'd rather give up a memorized password instead of an eye or hand, but again this is a question of severity. I don't believe you go from demanding a password to cutting out an eye without things other than biometrics being a critical factor.

      Your employer may not give a shit about you, but most employers do. The liabilities of employees getting hurt is much of the reason that many employer-offered health plans have increases every year. I doubt that any employer will be nonchalant when one of their employees come to work with only one hand.

      There's nothing wrong with an employer implementing biometrics, if it's an at-will company. It's up to the employee as to whether that proposition is acceptable.
      • There's nothing wrong with an employer implementing biometrics, if it's an at-will company. It's up to the employee as to whether that proposition is acceptable.

        Geez, what company do you work for? Ours always come to us with An Idea they want us implement - something which we tell them is really dumb, painful and generally bad. They go "uh-huh" and force it through anyways. Then they come back to us afterwards whinging and whining about how dumb, painful and generally bad The Idea is, but by that time

        • I'm not saying that employers doing this are always making the right decisions when they go forward with ideas. Having to maintain a bad idea isn't any fun - but that still doesn't negate the reality that you are choosing to accept those circumstances.

          I know it's not that easy to just walk, but at the same time - if you aren't enjoying your job or the company you are in, you *can* go somewhere else.
    • Wont work (Score:2, Informative)

      by tanveer1979 ( 530624 )
      When you are alive, your veins are full of blood. When somebody cuts your hand, it will change the impression. So the test will fail. The best method will be to combine this with a scanner which detects blood flow. No blood flow and it means its a fake hand :).
      • Forget blood flow - according to TFA it's reading the vein pattern in infrared, so unless the hand is really, really fresh, it ain't gonna have the same print. Just keeping it warm won't work, because that'll be warm-all-over, not a warm-vein-pattern. I suppose the would-be hand-thief could drag along one of those artificial heart machines and hook it up to the severed wrist, but even that would be difficult to get right...
    • Biometrics sounds great, right up until the point you run into the desperate dude who is willing to take out your eyeball -- or in this case remove your hand...

      The cut-off-the-hand-to-defeat-a-biometric-scanner approach is a typical Hollywood interpretation of a clever way to compromise biometrics.

      Biometric systems that are worth using to protect assets of any value test for what is called "liveness" to make sure that someone's hand (or body part of choice) hasn't been severed to bypass the system.

    • One other thing that can be bad about biometric only interfaces that is rarely discussed is that it doesnt allow for whats called in the industry as duress codes. Say for example you are a security guard that has a gun pointed at your head and your being force to give access to someone.

      If you have a password/PIN then most security panels allow for a dual PIN and duress code for a user. The regular PIN just opens the door. The duress PIN will open the door and trigger a silent alarm. No one gets hurt, bad
    • Is that if I have access to data worth enought aht someone would mutalate me for it, they'd also be wiling to beat the shit out of me for my passowrd. In that situation I'd probably remember our second ammendment and remember that I can arm myself, and do so. I'd also remember that blood vessles colapse and thus look different when there's no boold in them, and remember that that they'd probably know that and just force me at gunpoint to get them what they wanted. Additonally I'd remember that biometrics in
    • In Australia, if you as an employee lose a hand or eye or worse due to negligance (eg failure to provide a safe working environment), your employer could be fined and/or go to jail. So even if an employer doesn't care about his/her employees in an emotional sense, they are sure to care about their wellbeing for other reasons.

      Unfortunately, like the US (as seen from my armchair :) our negligence laws are getting such that you have to take the stupidity and lack of common sense of other people into account.
    • I'm so tired of hearing the "dude who is so desperate, he's willing to take your eyeball" type argument. If someone is that desperate, he's more likely to off you and rob you than worry about using your eyeball to hack your accounts. Generally the desperate folks are the strung out drug users, not wanting to come down again. They don't put this much forethought into their crimes.

      Now the professional hacker (cracker for those who still insist on the distinction) don't want to get their hands dirty. They pre
  • by plover ( 150551 ) * on Thursday June 30, 2005 @01:04AM (#12948271) Homepage Journal
    Please wait while we read your palm ... hmm ... your cat-5 line is very long, and is getting crosstalk ... oh, yes ... your gullibility line is quite full ... umm, hm ... I forsee many postings in this thread ...

    That'll be $25.00 please.

  • by croddy ( 659025 ) on Thursday June 30, 2005 @01:07AM (#12948275)
    Yeah, but can it tell my fortune?
  • Excessive (Score:2, Insightful)

    by adam.conf ( 893668 )
    I guess more biometric sensors are always better -- but at a point, doesn't it seem excessive? I guess I'll be able to sleep easier tonight knowing that if I'm killed in my sleep and my murder spreads my bodyparts across the county, I can still be indentified by the veins in my hands. Thank God.
    • Re:Excessive (Score:5, Insightful)

      by plover ( 150551 ) * on Thursday June 30, 2005 @01:17AM (#12948317) Homepage Journal
      What makes you think biometrics are better? Systems can be fooled.

      Just like any other computer-based biometric system, it only starts with a scanner. Once you get past the handwaving (pun intended) it turns into bits and bytes, just like any other security token, such as a password. These systems will have weaknesses, it's the nature of systems. Look at all the components: palm reader camera, imaging software, algorithms to reduce a hand-print to a series of numbers, a database full of those numbers, a database full of "rights" to be granted based on those numbers, a signal to the turnstile or electric door lock to let you in, and networks and wires interconnecting all of those pieces.

      To a bad guy, a wedge into any single component listed above might be enough to send "ACCESS GRANTED" to the door lock.

      Yes, the same is true of any security system of any sort -- but for reasons I can't fathom, biometric-based security systems seem to give a higher "sense" of protection to the executives writing the checks.

      At least this one won't be fooled by Jello.

      • "Yes, the same is true of any security system of any sort -- but for reasons I can't fathom, biometric-based security systems seem to give a higher "sense" of protection to the executives writing the checks."

        Well, if one could ever get the biometric part to work - it should for many applications.

        The biometric signiture should be no different from a password once scanned - so it can't be less secure. But, if the scanning was reliable, then it's something that you do not have to worry about someone writing
  • by Chmarr ( 18662 ) on Thursday June 30, 2005 @01:09AM (#12948280)
    "Please insert hand for vein identification"

    "Hand invalid. Third attempt failed. Hand retained."
  • by Anonymous Coward on Thursday June 30, 2005 @01:09AM (#12948281)
    My hairy palms, you insensitive clod.
  • by Kaorimoch ( 858523 ) on Thursday June 30, 2005 @01:10AM (#12948286) Journal
    This could get amusing. "Honey, can you swipe your arm for these groceries? My arm credit limit is a bit low this month." When you get robbed in back alleys, the drugged up crims rip off your arm and take it to the ATM to pull out all your money. I'm sure the "cost an arm and a leg" jokes are coming.
  • While some factors, both genetic and external, may lead to the divergence of form in venal positioning and number, the chance that two people have similar (if not identical) veinous patterns is not small.

    Medicine is based on the supposition that human beings are, at a very basic level, extremely similar to each other. This allows us to give generalized prescriptions instead of having to perform meticulous measuring and experimentation to determine the correct level of drugs to give to a person.

    Even Da Vi
    • I find it worrisome that the verification of something as personal and important as someone's identity is based on something as common and repeatable as the pattern and layout of veins.
      I haven't done the research, but I doubt this is any more "repeatable" than fingerprints, or for that matter DNA.
      • I haven't done the research, but I doubt this is any more "repeatable" than fingerprints, or for that matter DNA.

        You're not the only one. Who says fingerprints aren't "repeatable"?

        Fingerprints as legal evidence are basically 'grandfathered' in--they're accepted because they're accepted. If you tried to introduce fingerprinting as a new technology--and had to prove each was unique and that you could make a positive ID based on this--you'd never get it in front of a jury.

    • Even Da Vinci noticed that many measurements of human bones were precisely measurable using the Golden Ratio. Humans, and most of Nature, is perfectly balanced so as to result in a great homogeneity across the species.

      Da Vinci obviously never travelled to Iowa. Seeing someone with both arms or legs the same length is like seeing a double-rainbow. It's something you tell your grandkids about while they stare in disbelief.

  • In short... (Score:4, Informative)

    by eznihm ( 552487 ) on Thursday June 30, 2005 @01:15AM (#12948306)
    This is somewhat novel and cool because:

    a) there need not be any physical contact twixt the biometric reader and the individual - unlike with fingerprint scanners - defintely more hygenic

    b) as a previous poster mentioned, it doesn't work if the hand is severed

    c) fingerprints may be scarred, burned, or otherwise mutilated

    I mean, if you're gonna put people through biometric authentication, you might as well do it right, right?
    • fingerprints may be scarred, burned, or otherwise mutilated

      Really? What about heart disease, varicose veins, some kidney problems, arthritis, reumatic disorders of all shapes and forms?

      While veins are clearly less volatile compared to fingerprints and face for a 0-40 age group, their validity is likely to decrease sharply after that when all of the above sets in.

      So IMHO this is good only for an employee identification. Especially in a country with very low rates for all of the above (Japan). If it is de
  • by gardyloo ( 512791 ) on Thursday June 30, 2005 @01:15AM (#12948308)
    ...hot chicks telling me they have to hear me say "passport".
  • by theufo ( 575732 ) on Thursday June 30, 2005 @01:16AM (#12948315) Homepage
    It is not uncommon for the smaller bloodvessels to simply disappear and appear over time to facilitate changes in energy consumption. A tiny inflammation can also cause the surrounding vessels to change themselves quite significantly. Wouldn't want to be denied my own money suddenly.
    • I worked for a firm that serviced a high school.
      This (privately-owned) high school had an access control system based on those biometric devices that measure your hand and fingers. Their problem was that the students' hand measurements varied wildly in the course of the year...
      To solve it I made the access control program, from time to time (once a week IIRC), to substitute the reference measurements for the last-good measurement. This way, gradual changes were incorporated to the database, well, gradually.
  • by Hannah E. Davis ( 870669 ) on Thursday June 30, 2005 @01:17AM (#12948319) Journal
    Since I switched from biology to computer science before learning anything about human anatomy or the circulatory system, there's a fairly good chance that I'm going to sound incredibly stupid here... but... what happens if you cut yourself really badly and the body basically has to rewire a few of those veins? Will you be locked out of the system?

    Also, since the camera is presumably looking at the heat coming from the veins, would this mean that if you lost circulation to your hand for whatever reason (extreme cold, medical condition, etc.), that would also cause the device to reject you?

    • I'm sure if you were injured to the point where your bloodflow was significantly altered, you'd probably be able to get a note from your surgeon to give to your Info Security department requesting a "change of veins" scan.

      Maybe you can convince the door guards that the giant pus-oozing gauzeball wrapped around your hand is causing the scanner to fail, so they'll just buzz you in anyway.

  • by mikeophile ( 647318 ) on Thursday June 30, 2005 @01:22AM (#12948335)
    Really now, how difficult can it be to fool one of these. It seems all it would take is:

    1. Remove the IR filter from a 3 megapixel or higher digital camera.

    2. Photograph the hand with and without a low pass IR filter.

    3. Print a mirror image of the first photo on an acetate sheet.

    4. Take the same print and print the other side with IR visible inkjet ink [hp.com] from the second photo.

    5. Fool scanner.

    6. Profit?

    • Have the scanner image the arm from 2 different angles. A real arm would have a 3D vein pattern; you can't get that out of a printer.
    • But looks really cool in movies.

      Anything that can be imaged can be reproduced to the accuracy of the imager. Hence, biometric security is like a social security number: it might be unique to you, but you can't change it ever* and if someone gets a hold of it, you're screwed.

      *I am aware that in extreme situations you can change your SSN. afaik, This capability was designed to address that point, however the address space of SSNs is not that sparse and the cost of changing the number is too high. (in bot
  • Some day in the very near future there will be a way to easily duplicate fingerprints, vein prints, retina prints, or whatever.

    Current solution: change password or revoke key.

    Solution for the future: slice your finger off and hope they can someday regrow you a new one with a new fingerprint.

    Do we really want to slice hands/arms and eyes off too? Biometric ID has NO solution if the thing you're testing against becomes compromised.
    • > Some day in the very near future there will be a way to easily duplicate fingerprints, vein prints, retina prints, or whatever.

      Some day in the very near future, there will be biometric scanners that can tell the difference between real/live and fake/amputated body parts. The fact that there are not many now is mostly due to the fact that nobody wants to pay for them. People seem to think that spoofing is not an issue. But it is, or will be. As biometrics are increasingly used to protect things of valu
  • by rincebrain ( 776480 ) on Thursday June 30, 2005 @01:35AM (#12948386) Homepage
    I've met quite a few people who have nonstationary veins; that is, veins that they can move around, that twist under their fingers and stay in their new position, etc.

    How will this system handle these?
  • by SuperBanana ( 662181 ) on Thursday June 30, 2005 @01:48AM (#12948420)

    Well, I see we've already got a few people posting "zOMG my hand's gonna get chopped off".

    Here's a pop quiz. How's a device that uses near-IR to see active blood vessels going to work....

    ...on a hand with no blood pressure, and no hot blood flowing through it? Seems to me a cut-off hand would be virtually worthless within seconds; the veins would become the same temperature as the rest of the hand, and collapse due to lack of blood pressure.

    • False negatives... (Score:2, Insightful)

      by Gopal.V ( 532678 )
      Biometrics are worthless if just about anybody from your family doctor to your massuese can fake it. Fake fingerprints are perfectly possible - if you think otherwise read faking fingerprints [www.ccc.de]. Vein patterns are safer because they are less likely to be left around your surroundings and they need a working fluid supply. Also an unconcious man cannot give you his password, but his biometrics are still perfectly valid.

      The real problem here is the false negatives. Suppose I switch from typing to writing for a

      • As a former lab rat...
        Veins roll and move a lot.. That's why they give/take blood in locations where the vein tends to be a bit more anchored, like the elbow.. a joint with only 2 axis, veins close to the surface, and by holding your arm a certain way you can shift where the veins are so they're in the same spot every time.

        Biometrics that read veins are worthless, unless you're going to 'etch' a microscopic pattern into the vein with a laser. And then it's not really biometrics, is it? You've just writte
  • by RyanFenton ( 230700 ) on Thursday June 30, 2005 @01:57AM (#12948445)
    This time, it's the translucent map of the hand.

    Problems with this idea?

    1. Injury or other causes of restricted bloodlow will change the pattern. People may be wearing a watch or carring a bag which may change the net translucent image of the hand for some time.

    2. No mention if this is 3-d imaging, or multiple-perspective scanning of some sort - but if it's just a 2-d single image, then another source of the 2-d image could be used as fake ID. In the case of 3-d imaging, fakes become more difficult - gummy hands are a lot less common than gummy bears. Still - there has to be a basis for pattern-recognition in the complex mess that makes up a human hand/palm, and that basis can be exploited. A rubber glove with ink on the palm, flipped inside-out may do the trick, or something similar.

    3. This equipment... will it be cheap? Will it require large databases and further security for that data? How much cheaper will this be than other security methods? Cost more than most things will likely determine the impact of a biometric technology. Just having another identification scheme won't help that much, if it can only be used in already-secure or expensive scenarios.

    Biometrics are a great idea, and some very cool implementations - but they always seem to involve a lot of false negatives/positives (none have solved both), and are fairly expensive relative to their unreliability. They certainly haven't been a replacement for most standard security schemes. How is this scheme different?

    • by __aaijsn7246 ( 86192 ) on Thursday June 30, 2005 @02:27AM (#12948536)
      There has been some work to prevent the use of fake fingers in biometric devices. One I have read about is checking the resistance of the object placed on the scanner to be sure it matches the known resistance of skin. Resistance can be forged of course, but it is an extra layer in the system.

      Some systems have been so weak that you can simply breathe [i.cz]on them to cause moisture condensation - which in turn causes the device to believe the last finger has been placed on it again!
    • The big thing about biometrics is it's another way to verify access. There are three basic ways to identify yourself:

      1) Something you have. This would be a key, a smartcard, an access ID, whatever. It's a physical token issued to those that should be allowed access.

      2) Somethink you know. A password, a PIN, a secret handshake, etc. It's a verification procedure that is stored (hopefully) in your mind.

      3) Something you are. Your fingerprint, thermal skull image, vein print, whatever. It is an actual measure
    • Biometrics are a great idea...

      Why? Because they are convenient?

      Imagine 15 years down the road when biometrics are everywhere and the algorithm for storing the data on your identitycard gets broken or the database containing the match patterns gets hacked. How are you going to change your 'password'? How, exactly, are you goint to prove are 'you' when the somebody elses ID-card says that they are 'you'?
  • by ndansmith ( 582590 ) on Thursday June 30, 2005 @02:06AM (#12948473)
    Biometrics are still so far from reliable. Hopefully this whole effort will not be in vain.
  • I'd assume the level of detail required to differentiate one person's vein layout from another would be pretty high, so would problems not be caused with this (and indeed other similar biometric solutions) due to injuries, even small ones.

    I don't know about you guys, but the amount of times I've cut or bruised my hands, let alone bone breakages is quite high. I assume all these injuries, even the more minor ones would cause a change in the exact layout of your veins... especially after surgery to repair

    • The veins in my hands are rather large. The larger veins being over 1/3" . I can easily glide them around an inch side to side. (My girl did this last week actually and I couldn't get it back in position for an hour... felt so creepy)

      So I could see problems. Though I would imagine it's looking at the palm side surface more. Veins (mine anyway) don't tend to move much there.
  • it's just a tool (Score:2, Insightful)

    by Khashishi ( 775369 )
    You guys are all overreacting -- as if this will be the end all be all of identification.

    This won't be used solely except perhaps for minor barriers to entry. You don't need to worry about some guy having the same vein pattern as you, since the chance that this guy is also trying to defraud you is pretty small. A criminal might share a pattern with some other people, but how is he going to find out which people he matches without some inside access to the system?

    You people worried about not reading due to
  • by l3v1 ( 787564 ) on Thursday June 30, 2005 @03:21AM (#12948663)
    My main problems with almos all biometrics identification & recognition systems for public use is that
    - none of them works good enough (see below)
    - if you combine multiple biometrics to raise the efficiency they will become exponentially more inconvenient and expensive, and still not being 100%
    - very many biometrics can be falsified and there probably are levels where even cutting a hand isn't a big deal to get to the information; in cases when you need the hand/finger/etc. alive there's kidnapping and remember, one doesn't have to interrogate the fella, just to take him

    Ok, so about efficiency. If you care to dig a bit deep and read research regarding different types of biometrics, you'll easily find quite high numbers on %. There's two things one has to constantly keep in mind:
    - most if them give those high % only in specific working conditions
    - if you read one biometrics works at 9x%, always think on the reverse: e.g. how many real people does that 100%-9x% mean in the real life like airports with multi-million guests a day ? even 99% goodness means 10000 from 1mil. people falsly angered and that's a lot

  • Retinal scanning, iris photography, finger prints, hand vein scanning. When will they produce a biometric scanning system which is based on things the bad guys won't cut off or cut out to get into the secure facility?
  • who have cybernetic hands, because ours were severed in a climactic showdown with our evil fathers, you insensitive clod!
  • With a latex bag of spaghetti bolognaise.

    "My name is Louie, my password is my Mumma's Special with extra garlic."

  • I was told by a blood drawer at my HMO, that veins can drift around a bit under the skin.

    as for a severed hand... water heated to 99 degrees with a pump that matches heart speeds.

    which made me think... what if the system rejects too high of a heartrate?, man holding a gun to your head boosts your pulse quite a bit I suppose... better for the company if the door stayed closed...

  • ...and a proprietary algorithm...
    I'm sorry, any time I read the word "proprietary", my /.-brainwashing tells me that such an algorithm is probably broken (either in design or implementation).

    It seems to be that an open (as in beer) algorithm that can be critiqued and improved would be a business advantage to the company who brings it to market. If they are worried about competition, then build a better product. And in the wonderful USA, I'm sure they can patent the method of extracting identity from vein-
  • The problem with biometrics is that it has become too much of a buzzword and bandwagon to jump on. Were at the stage similar to the Internet in 1999 when everyone was 'getting on-line' because everyone else was and a whole load of sites popped up that had no content or purpose. The police have historically used biometrics for years because they have a very good reason - when you arrive at a crime scene its likely that someone has left allot of evidence in the form of finger prints and possibly DNA, the poli
  • by Bloater ( 12932 )
    How does it cope with sticking plasters (Band-aids for the Americans)?
    • Most likely it detects features - intersections, splits, thickness etc, then compares against database to achieve "satisfactory" match, say, 50%, with "match" counting with positive score, "mismatch" counting negative and "no match" counting as 0. This way even if a large part of the surface is damaged or obscured, the rest is taken into account, the match may be worse but most likely satisfactory - surface of the bandaid is counted as "no match". But if someone else tries to identify, even small number of
  • ...that this is a vein [sic] attempt at proof of identity.

    They must have been vein [sic] thinking their idea was this great.

    Badump-crash

    Thanks folks, I'll be here all week, don't forget to tip your waitress!
  • We're currently adopting a little one born with no arms or legs.

    Yes, I know there will be all sorts of lovely exceptions made. And if there are any humans involved, he'll be pretty memorable ... I just wonder sometimes with all this biometric talk how many additional challenges will be placed in front of him.

  • They're overlooking another major problem: genetics

    My family noticed decades ago that the veins in the back of my hand have the exact same pattern as my mother's. My sister's is the same, although shifted up, and my brothers shifted down (same branch layout, just moved closer to the wrist).

    If the back of the hand can be identical, why not the palm?

You are always doing something marginal when the boss drops by your desk.

Working...