At the entrance to "The Vault," the most secure room within the most protected building operated by security services provider Symantec, an iris recognition system stands guard as the last line of defense.
Employees who make it this far have already swiped access cards and entered PINs at the building's main door, and then placed their fingers in a biometric reader to move beyond the lobby. But the high accuracy rate of iris recognition technology, which uses near-infrared cameras to take a picture of a subject's iris and then applies specialized algorithms to encode the image and match it to an existing record on file, makes it an ideal access control choice at this point. After all, this high-security area holds the cryptographic keys to Symantec's certificate authority business, which provides e-commerce security services to many organizations.
"We have to make sure that no individual can compromise those cryptographic tokens, [and] iris recognition has higher accuracy and less likelihood of false positives," says Paul Meijer, senior director of infrastructure operations at Symantec's identity and authentication division.
Symantec's use of iris recognition technology for an access control system in a setting where security requirements are high and cost is no object represents a classic application of the technology. But as prices have come down and the systems have become easier to use, the technology has been slowly gaining ground in more ordinary business settings in industries such as banking and healthcare.
"Cost has perennially been an issue with iris, but this trend is quickly changing," as cameras, recognition algorithms and software have all improved, says Ram Ravi, a research analyst at Frost & Sullivan.
One reason for the rise in innovation that led to those improvements: the 2005 expiration of a key patent on the mathematical representation of the iris that previously limited what competitors could do. Since that time, open standards have been developed, says Patrick Grother, director of biometric standards and testing at the National Institute of Standards and Technology (NIST).
Until relatively recently, iris recognition systems were mostly deployed by governments, not by businesses, partly because they're so expensive. The largest use of iris recognition today is the Unique Identification Authority of India (UIDAI) project. That initiative, recently recognized by the Computerworld Honors Program, includes iris recognition as part of a national ID system designed to help provide social services for 400 million citizens.
The technology is now making its way to the consumer end of the spectrum. "The use of iris recognition in mobile phones is expected to see a considerable uptake," Ravi says.
AOptix Technologies, a maker of identity verification systems, recently released a software development kit for biometric identification technologies for Apple's iOS mobile operating system. That move, combined with the introduction of fingerprint biometrics in the new iPhone 5S and rumors of a biometric application for Google Glass, will serve to increase interest in all biometrics, including iris recognition, says Nandini Bhattacharya, a senior research analyst at Frost & Sullivan. "Apple, AOptix and Google Glass are just the beginning of this trend. Other mobile manufacturers are likely to soon follow," she says.