Have trouble recalling your passwords or PIN codes? Try using your heart.
That's the suggestion from Tel Aviv-based Aladdin Knowledge Systems, which this week showed off a prototype security system that identifies users based on their heartbeats.
And whether you find that kind of proposition novel or creepy, you're going to have to get used to it. Biometric security systems, which use unique body measurements to verify identity instead of — or in addition to — passwords, are a big business that is growing every year. An industry trade group pegs annual sales at $2.2 billion, and predicts they will hit $6 billion by 2010, as companies add biometric security to everything from ATMs to cell phones.
Numerous players want a piece of the business, including flash memory manufacturer SanDisk , which makes USB fingerprint readers. And shares of Identix went up almost 60 percent in January, when the company announced a merger with rival Viisage Technology to form an identity management juggernaut.
In Aladdin's case, the proposed device looks like a small computer mouse with two metal contacts. When touched for a few seconds — using one finger from each hand, to complete the circuit — the device measures several factors in your heartbeat to record your "biodynamic signature."
The company says the signature includes a combination of electrical signals from the heart and central nervous system. The sensors measure these signals, run them through an algorithm on a computer and create a digital representation of the signature. Aladdin says individual signatures can identify people more accurately than fingerprints, based on preliminary testing.
And because the signature includes both genetic and physiological components, it's not significantly altered by activity — a brisk walk up stairs or a cup of coffee, for example — says Daniel Lange, chief technology officer for IDesia, which designed the device and licensed it to Aladdin. Lange says only a major medical event — a heart attack, for example — would throw the machine off. "With fingerprints, a scratch on your finger might change your reading," Lange says. "Fortunately for us, heart attacks are much less frequent."
But are biometric devices ready for the big leagues? Michigan State University professor Anil K. Jain, who runs the school's biometric research program and has six patents in fingerprint matching, says companies and governments who use the devices need to be careful; like any technology, it is susceptible to both machine and human error, and any biometric database runs the risk of being hacked.
Yet biometrics are gaining acceptance. PC-maker Lenovo has sold more than 1 million biometric laptops with built-in fingerprint readers. Some fitness clubs, like Equinox in New York, now lock down parts of some gyms with eye scanners, so only elite members who pay steep premiums can access them.
The devices are also becoming increasingly exotic. Some biometric shops are now playing with seemingly far-fetched devices that purport to identify people by the shape of their ears, their walk or their smell.
But the most common biometric technology is still the oldest: fingerprinting, which dates back to the 19th century. At almost 44 percent of the market, fingerprints more than double the next-most-common technology — face scanning — according to the International Biometric Group.
Beyond fingers and face scans, other technologies can tell people apart by measuring hand dimensions, scanning irises and retinas, handwriting, keyboard typing patterns and blood vessel imaging. And as phone- and voice-over-Internet Protocol-based business transactions become even more ubiquitous, vocal biometrics may become more popular — a research topic at IBM's human language technologies group.