GMAC is the international organization of business schools that owns and administers the GMAT exam, used by almost 2,000 business schools worldwide as part of the admission process. In consideration of the guarantees taken by GMAT to protect privacy, the CNIL authorized GMAC's use of the new PalmSecure biometric device to authenticate the identity of individuals taking the GMAT. In the near future, data collected from this device will be used to match candidate information across a central database that includes biometric data from individuals sitting for the exam at other test centres around the world.
The GMAT exam is currently the only examination that utilizes the new PalmSecure palm vein identification technology. PalmSecure features a near-infrared light that captures a palm vein pattern, generating a unique encrypted biometric template that is matched against the pre-registered candidate's palm vein pattern, thus ensuring the test taker is that candidate. It offers a highly reliable form of authentication because it utilizes no trace technology, no image is ever stored, and the data cannot be read by other devices. The CNIL noted in its approval, "It is not likely to be captured without the knowledge of the person concerned and therefore presents very little risk for the civil liberties and fundamental rights of the individuals."
"We want to express our appreciation to the CNIL for reinforcing, in its decision, our commitment to leadership in protecting personal data and complying with international data privacy laws," said David A. Wilson, president and CEO of GMAC. "We want to ensure the highest level of security to protect the interests of schools and of honest test takers."
Wilson noted that leading business schools around the world have relied upon the GMAT as a proven predictor of a candidate's academic success for five decades. "The CNIL's action in granting approval for the collection of biometric data only to the GMAT exam reflects the importance of the high priority we place on vigilant security."
In 2005, GMAC notified the CNIL of other security measures under the Data Protection Act to protect the GMAT exam against fraud, including audio-visual recording in the test room and photos of candidates. However, France and some other countries did not accept the collection of fingerprints, which was also a part of GMAT exam security measures. GMAC then began a search for alternatives to fingerprinting that would comply with international data privacy laws. The CNIL received a letter of support for the value of the palm vein technology in guaranteeing the security of the test from the HEC School of Management in Paris.
GMAC will now implement PalmSecure and file requests for its use with other European countries. Portugal has already authorized it. GMAC expects to use the PalmSecure technology in all test centers by the close of 2009.
The Graduate Management Admission Council (www.gmac.com) is a nonprofit education organization of leading graduate business schools worldwide dedicated to creating access to and disseminating information about graduate management education. GMAC is based in McLean, Virginia, with a European office in London. The Council owns the Graduate Management Admission Test (GMAT), used by approximately 4,600 graduate management programs at some 1,900 business schools around the world to assess applicants. The GMAT -- the only standardized test designed expressly for graduate business and management programs worldwide -- is now available at more than 450 test centers in 110 countries. For more information about the GMAT, go to www.mba.com.