With a wave of a palm, an end user can now sign onto all of his enterprise applications: IBM and Fujitsu have joined forces to replace passwords in IBM's single sign-on product with biometric technology from Fujitsu that scans a user's palm vein patterns.

The offering combines IBM Tivoli Access Manager for Single Sign-On and Fujitsu's PalmSecure LOGONDIRECTOR biometrics software. The goal is to eliminate password management challenges and the threat of lost or stolen passwords, the companies said.

Palm-vein biometrics uses near-infrared light to capture palm-vein patterns in a person's hand, which serves as their identity to the systems. A user would hold his hand over a small scanning device attached to his computer that reads the pattern and matches it to a database of preregistered users. Unlike fingerprint scanning, palm vein is contactless, meaning the user doesn't touch any devices and risk leaving behind a "footprint" fingerprint that could be accessed or stolen.

"We've seen lots of concerns with fingerprint technology, especially with the H1N1" scare, says Jim Preasmyer, director of sales and business development for Fujitsu Frontech North America's Advanced Technology Group. "With contactless technology, you don't have to touch anything."

Like iris-scanning, this form of biometrics is less prone to false-positive and false-negative readings than fingerprint scanning. "Iris is still too invasive for some people," Preasmyer says. "And palm-vein technology [provides more] ease of use."

IBM and Fujitsu say this form of biometrics ultimately saves on manpower and costs of help-desk support in lost passwords.

"A typical organization spends hundreds of dollars per employee per year on lost passwords through help desk support," said E.K. Koh, program director for single sign-on, IBM Tivoli software, in a statement. "IBM's work with Fujitsu replaces archaic password structures with a single path of access that resides in the palms of the employees' hands, and can be managed more efficiently saving companies thousands of dollars in IT support while protecting critical organizational data and information."

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.