It doesn't take a palm reader to figure out the future of one of Fujitsu Ltd.'s latest security products. The Tokyo company said on Tuesday it will expand sales of its palm-vein biometric security system outside Japan before the end of this year.

The system, which relies on the pattern of veins inside a person's hand to verify identity, has been available in Japan since the middle of last year and is already in use in some high-profile applications. The Bank of Tokyo Mitsubishi, Japan's third-largest retail bank, began rolling out the system last October and it's available as an alternative to personal identification numbers for ATM transactions in all of the bank's 267 branches. About half of its 3,000 ATMs will have the system by September. Other major national and regional banks have also said they're adopting the system.

The system relies on a scanner that is similar to a digital still camera. This takes a picture of the palm of a user's hand and the image is then matched against a database as a means of verification. The camera works in the near-infrared range so it can detect the veins present under the skin and a proprietary algorithm is used to help confirm identity. The system takes into account identifying features such as the number of veins, their position and the points at which they cross.

This makes for a system that offers a higher level of security than competing technologies including voice print, facial recognition, fingerprint recognition and iris scan, according to Fujitsu.

For this reason it's finding favor in applications where security needs are high, especially those involving money or human lives, said Akira Wakabayashi, director of Fujitsu's biometric business development department, in an interview on Tuesday. In addition to the recent bank ATM deals, the system has also been adopted by the University of Tokyo Hospital for access to some rooms in the hospital that hold patient's records or computers with personal data.

The hospital had previously used a fingerprint-based access system but upgraded because the palm-vein system offers higher security, Wakabayashi said.

Fujitsu says its palm-vein system will incorrectly reject an authorized user about once every 10,000 scans and incorrectly accept an unauthorized user about once every 1.25 million scans. In contrast fingerprint sensors erroneously accept an unauthorized user about once every 100,000 scans, according to Fujitsu. "All companies, including Fujitsu, have a vulnerability on fingerprints," Wakabayashi said.

Worries about the security of fingerprint sensors increased in Japan in 2002 when a local university professor demonstrated how the sensors could be fooled about 80 percent of the time by using a fake finger molded out of gelatin. The professor, Tsutomu Matsumoto of Yokohama National University, also managed to lift traces of fingerprints from a piece of glass and add those to a gelatin finger and fool sensors with about the same success rate.

Because the user's hand doesn't come into contact with the sensor, the palm-vein method is acceptable to people who dislike touching something immediately after someone else, Wakabayashi said. It also doesn't have the criminal connotation of requiring the user to be fingerprinted before it can be used, he said.

The sensor currently used at The Bank of Tokyo-Mitsubishi measures 7 cm (centimeters) by 7 cm. Fujitsu is developing a smaller model that measures 3 cm square. A longer-term project is to shrink the system further so that it can be installed in a mobile phone to act as a verification system for mobile commerce and finance applications, Wakabayashi said.

The company hasn't yet finalized a detailed roll-out plan for international markets beyond its wish to have the system available overseas by the end of 2005.

IDG News Service

• Email
• Print
• Share
  • Slashdot
  • Digg
  • Stumble
  • Reddit
  • Newsvine