Slashdot Mirror

← Back to Stories (view on slashdot.org)

Vein Patterns to Verify Identity

Posted by samzenpus on from the look-inside dept.

JonN writes "Fujitsu Ltd. will start selling a biometric security device next month that relies on vein patterns in the hand to verify a user's identity, it said today. The palm-vein detector contains a camera that takes a picture of the palm of a user's hand. The image is then matched against a database as a means of verification. The camera works in the near-infrared range so veins present under the skin are visible, and a proprietary algorithm is used to help confirm identity. The system takes into account identifying features such as the number of veins, their position and the points at which they cross."

16 of 293 comments (clear)

  1. Anybody else see "Demolition Man"? by nokilli · · Score: 5, Insightful

    Biometrics sounds great, right up until the point you run into the desperate dude who is willing to take out your eyeball -- or in this case remove your hand -- just to be able to access whatever it is that is being protected by biometrics.

    So who is this really good for?

    Wouldn't you rather give up the memorized password rather than your eye or your hand?

    But then, how does your employer look at this.

    He doesn't give a shit about your body. He just wants to protect corporate assets. From his point-of-view, it is statistically less likely that he'll lose such assets were biometrics used over passwords.

    Just remember that when next you go to ask for the raise, and your boss is making you authenticate to the company's grid using biometrics.

    1. Re:Anybody else see "Demolition Man"? by plover · · Score: 4, Interesting
      Well, to an infrared vein scanner that works entirely by imaging the heat given off by your circulating blood, a severed hand will be every bit as valid as one made of wood.

      Not that I expect the bad guys to be smart enough to know this up front (so we might still be losing a few hands to some idiots) but the entire technology functions as a liveness detector.

      --
      John
    2. Re:Anybody else see "Demolition Man"? by Felinoid · · Score: 4, Interesting

      3 answers.
      1. The tubes for the computer were designed to be used this way. The hand is intended to pump blood and once it loses pressure it colapses and becomes fairly disfunctional.
      2. A pump designed to handle pumping water into a hand is pritty complicated technology. At this point your better off using some sort of electronic bypass system like the devices used to trick slot machines into giving you a "win"
      Maybe a heat patern "copy" using a heat emitter fake hand. Then you need only scan the original to have a key that works forever.

      3. The results won't be the same. The water will leak heat more than blood will and heat up the surrounding tissue. The sensor will get a blur and probably give a negitive.

      --
      I don't actually exist.
    3. Re:Anybody else see "Demolition Man"? by KronicD · · Score: 5, Insightful

      Your comment is valid and raises the point that biometics should be used as part of a three factor identification system.

      1) Something you know (password/login)
      2) Something you have (token, keycard, secureid, proxy card etc)
      3) Something you are (biometric)

      This allows for duress passwords as well as the use of biometics to increase the strength of an authentication system, rather than replace it completely.

      --
      "Those who would give up Essential Liberty, to purchase a little Temporary Safety, deserve neither Liberty nor Safety"
  2. Palm readers by plover · · Score: 4, Funny
    Please wait while we read your palm ... hmm ... your cat-5 line is very long, and is getting crosstalk ... oh, yes ... your gullibility line is quite full ... umm, hm ... I forsee many postings in this thread ...

    That'll be $25.00 please.

    --
    John
  3. Yeah, but.... by croddy · · Score: 4, Funny

    Yeah, but can it tell my fortune?

  4. Paranoia... here we come... by Chmarr · · Score: 4, Funny

    "Please insert hand for vein identification"

    "Hand invalid. Third attempt failed. Hand retained."

  5. What about... by Anonymous Coward · · Score: 5, Funny

    My hairy palms, you insensitive clod.

  6. Credit Card? by Kaorimoch · · Score: 4, Funny

    This could get amusing. "Honey, can you swipe your arm for these groceries? My arm credit limit is a bit low this month." When you get robbed in back alleys, the drugged up crims rip off your arm and take it to the ATM to pull out all your money. I'm sure the "cost an arm and a leg" jokes are coming.

  7. In short... by eznihm · · Score: 4, Informative

    This is somewhat novel and cool because:

    a) there need not be any physical contact twixt the biometric reader and the individual - unlike with fingerprint scanners - defintely more hygenic

    b) as a previous poster mentioned, it doesn't work if the hand is severed

    c) fingerprints may be scarred, burned, or otherwise mutilated

    I mean, if you're gonna put people through biometric authentication, you might as well do it right, right?

    --
    -- i drop mine in braille so you blind cats can read me
  8. Veins not very constant by theufo · · Score: 5, Informative

    It is not uncommon for the smaller bloodvessels to simply disappear and appear over time to facilitate changes in energy consumption. A tiny inflammation can also cause the surrounding vessels to change themselves quite significantly. Wouldn't want to be denied my own money suddenly.

  9. Re:Excessive by plover · · Score: 5, Insightful
    What makes you think biometrics are better? Systems can be fooled.

    Just like any other computer-based biometric system, it only starts with a scanner. Once you get past the handwaving (pun intended) it turns into bits and bytes, just like any other security token, such as a password. These systems will have weaknesses, it's the nature of systems. Look at all the components: palm reader camera, imaging software, algorithms to reduce a hand-print to a series of numbers, a database full of those numbers, a database full of "rights" to be granted based on those numbers, a signal to the turnstile or electric door lock to let you in, and networks and wires interconnecting all of those pieces.

    To a bad guy, a wedge into any single component listed above might be enough to send "ACCESS GRANTED" to the door lock.

    Yes, the same is true of any security system of any sort -- but for reasons I can't fathom, biometric-based security systems seem to give a higher "sense" of protection to the executives writing the checks.

    At least this one won't be fooled by Jello.

    --
    John
  10. Re:Modern medicine is based on the idea of samenes by Nos. · · Score: 4, Insightful

    I find it worrisome that the verification of something as personal and important as someone's identity is based on something as common and repeatable as the pattern and layout of veins.
    I haven't done the research, but I doubt this is any more "repeatable" than fingerprints, or for that matter DNA.

  11. Why this won't work. by rincebrain · · Score: 4, Insightful

    I've met quite a few people who have nonstationary veins; that is, veins that they can move around, that twist under their fingers and stay in their new position, etc.

    How will this system handle these?

    --
    It's only an insult if it's not true.
  12. to all the "chop off the hand" people by SuperBanana · · Score: 4, Insightful

    Well, I see we've already got a few people posting "zOMG my hand's gonna get chopped off".

    Here's a pop quiz. How's a device that uses near-IR to see active blood vessels going to work....

    ...on a hand with no blood pressure, and no hot blood flowing through it? Seems to me a cut-off hand would be virtually worthless within seconds; the veins would become the same temperature as the rest of the hand, and collapse due to lack of blood pressure.

    --
    Please help metamoderate.
  13. Biometric security idea of the week. by RyanFenton · · Score: 5, Insightful

    This time, it's the translucent map of the hand.

    Problems with this idea?

    1. Injury or other causes of restricted bloodlow will change the pattern. People may be wearing a watch or carring a bag which may change the net translucent image of the hand for some time.

    2. No mention if this is 3-d imaging, or multiple-perspective scanning of some sort - but if it's just a 2-d single image, then another source of the 2-d image could be used as fake ID. In the case of 3-d imaging, fakes become more difficult - gummy hands are a lot less common than gummy bears. Still - there has to be a basis for pattern-recognition in the complex mess that makes up a human hand/palm, and that basis can be exploited. A rubber glove with ink on the palm, flipped inside-out may do the trick, or something similar.

    3. This equipment... will it be cheap? Will it require large databases and further security for that data? How much cheaper will this be than other security methods? Cost more than most things will likely determine the impact of a biometric technology. Just having another identification scheme won't help that much, if it can only be used in already-secure or expensive scenarios.

    Biometrics are a great idea, and some very cool implementations - but they always seem to involve a lot of false negatives/positives (none have solved both), and are fairly expensive relative to their unreliability. They certainly haven't been a replacement for most standard security schemes. How is this scheme different?