Product Watch: IBM Replaces Passwords With Palm-Vein Biometrics In Single Sign-On

Fujitsu's PalmSecure LOGONDIRECTOR is integrated with IBM Tivoli Access Manager for Single Sign-On

With a wave of a palm, an end user can now sign onto all of his enterprise applications: IBM and Fujitsu have joined forces to replace passwords in IBM's single sign-on product with biometric technology from Fujitsu that scans a user's palm vein patterns.

The offering combines IBM Tivoli Access Manager for Single Sign-On and Fujitsu's PalmSecure LOGONDIRECTOR biometrics software. The goal is to eliminate password management challenges and the threat of lost or stolen passwords, the companies said.

Palm-vein biometrics uses near-infrared light to capture palm-vein patterns in a person's hand, which serves as their identity to the systems. A user would hold his hand over a small scanning device attached to his computer that reads the pattern and matches it to a database of preregistered users. Unlike fingerprint scanning, palm vein is contactless, meaning the user doesn't touch any devices and risk leaving behind a "footprint" fingerprint that could be accessed or stolen.

"We've seen lots of concerns with fingerprint technology, especially with the H1N1" scare, says Jim Preasmyer, director of sales and business development for Fujitsu Frontech North America's Advanced Technology Group. "With contactless technology, you don't have to touch anything."

Like iris-scanning, this form of biometrics is less prone to false-positive and false-negative readings than fingerprint scanning. "Iris is still too invasive for some people," Preasmyer says. "And palm-vein technology [provides more] ease of use."

IBM and Fujitsu say this form of biometrics ultimately saves on manpower and costs of help-desk support in lost passwords.

"A typical organization spends hundreds of dollars per employee per year on lost passwords through help desk support," said E.K. Koh, program director for single sign-on, IBM Tivoli software, in a statement. "IBM's work with Fujitsu replaces archaic password structures with a single path of access that resides in the palms of the employees' hands, and can be managed more efficiently saving companies thousands of dollars in IT support while protecting critical organizational data and information."

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author(s)

Kelly Jackson Higgins, Editor-in-Chief, Dark Reading

Kelly Jackson Higgins is the Editor-in-Chief of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise Magazine, Virginia Business magazine, and other major media properties. Jackson Higgins was recently selected as one of the Top 10 Cybersecurity Journalists in the US, and named as one of Folio's 2019 Top Women in Media. She began her career as a sports writer in the Washington, DC metropolitan area, and earned her BA at William & Mary. Follow her on Twitter @kjhiggins.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights