The integration of a fingerprint scanner into IBM’s new ThinkPad T42 series of notebooks opens the door for a whole host of secure transactions, but some analysts suggest that there are still flaws in the system.
The new ThinkPad incorporates a finger scanner directly into the notebook. The scan is required to gain log-on access to the portable computer and its contents.
IBM’s inclusion of biometric capability into the ThinkPad takes what had been an unwieldy process — requiring a separate device — and positions it for mass adoption. The fingerprint reader is combined with an Embedded Security Subsystem. Earlier uses of biometrics required a separate device to be attached via cable to a PC or notebook.
Using fingerprints to confirm identification has become pervasive in the public sector, according to Kush Wadhwa, director of the International Biometrics Group. Especially since the September 11 attacks, the government has been adopting fingerprinting for airport security, immigration and other functions in which confirming identity is a priority.
“What IBM has done is say, ‘We recognize this industry [biometrics] is growing, that this technology is going to become pervasive in the private sector and, thus, we’re going to integrate it into our core technology,'” Wadhwa told TechNewsWorld.
“It is a way for IBM to differentiate in a highly commoditized market,” Wadhwa said.
As the security technology becomes more commonplace, it will be used for e-commerce, telephony and ATMs, among other consumer-oriented transactions.
Security Gap Remains
But according to Jonathan Penn, an analyst at Forrester Research, IBM’s technology needs to be enhanced before it can become a pervasive security tool.
“Let me just say that what is lacking for now — but I’m hoping IBM will bring soon — is single sign-on (SSO),” Penn told TechNewsWorld. SSO allows a user to access multiple applications using one password or, in this case, fingerprint.
For now,the fingerprint scan allows you to log-on, but then you have to use separate passwords for applications and other secure functions. That makes it more convenient than it is secure, Penn said. “If you’re going to implement strong authentication through fingerprint scans, it would be useful to design that as your “front door” to all other applications, and not keep relying on weak passwords. Once IBM does that, the appeal will be greatly broadened,” he said.
Penn does think the new device will be immediately useful in certain industries. “Healthcare and manufacturing are two verticals where this can bring value to select employees: those who log on to shared machines many times each day,” he said.