Fidelity looks at biometrics to ID clients, employees

Biometrics, the use of IT to verify the identity of a person using human body traits such as fingerprints, voice, face and eyes, is still in its nascent stages. But it is emerging as an alternative for companies to authenticate employees and clients without using passwords.

One of the companies exploring biometrics is FMR Corp., better known as Fidelity Investments, the largest mutual fund company in the U.S. and one of the world's largest providers of financial services, with customer assets of about $1.4 trillion.

About three years ago, Fidelity's top management decided it was time the company explored biometrics and how it could benefit from the use of these technologies. Since then, Boston-based Fidelity has taken some decisive steps toward implementing biometrics tools and learned quite a bit about the challenges associated with the field, according to Sheldon Watson, a senior systems analyst at Fidelity who chairs the company's biometrics steering committee.

For example, Fidelity has learned that privacy concerns are real and are shared by clients, employees and government regulators. "Privacy is one of our main points," said Watson, speaking at the recent Winter 2003 Biometrics Summit, which was organized by Chicago's Advanced Learning Institute.

Consequently, legal, regulatory and social considerations have to be factored in when planning a biometrics project, something which calls for involvement of human resources specialists, lawyers, executives, clients and employees, he said.

To get users to buy into the technology, it's also very important to educate them about the system and inform them of the company's internal policies for storing, using and disposing of captured biometric information, he said. "You need clarity around the purpose and use of the biometric system."

Another important lesson is that even biometrics products that look great on paper can totally malfunction in a real-world setting, so thorough testing is critical in a field where many vendors make promises they later can't keep, he said. For testing, Fidelity has sought help externally and also done product-validation work in-house.

Another challenge the company has had to face is how to integrate its existing Unix and mainframe back-end systems with biometric tools that predominantly run on Windows.

Fidelity also learned during its tests and pilot projects that biometric tools are far from infallible and often get tripped up by factors that are hard to control, a big consideration for a company that has more than 30,000 employees in a wide variety of physical settings throughout the world.

For example, an employee at the company couldn't use a fingerprint reader successfully because his hands shake too much. A facial recognition tool simply couldn't see an employee who has very pale skin, and it malfunctions sometimes because of changes in lighting.

Moreover, companies must take into account that shifting identification systems to biometrics can mean increased costs, not just related to buying the equipment but also to operating it. Transferring a user's biometrics template over a network and storing it is much more costly than transmitting and storing that same user's personal identification number. Likewise, the maintenance and replacement of biometric devices can be expensive.

Currently, Fidelity has several biometrics projects in pilot phases, and one very large project slated for deployment at some point during the second or third quarter of this year, Watson said in an interview after the presentation.


Copyright © 2003 IDG Communications, Inc.

Shop Tech Products at Amazon