Myth busters: Biometrics and mobility experts separate fact from fiction

There are dozens of biometric companies clamoring for attention after recent breaches like Target, Home Depot and JP Morgan Chase. The attack on password authentication is in full swing but corporations haven’t fully embraced the idea of replacing passwords with biometrics just yet.

Last week the teams at Good Technology and EyeVerify paired up with biometrics industry analysts at BiometricUpdate.com to review myths around biometrics for corporations focused on their mobile workforce. In this blog, we’re going to dig deeper into a couple of the myths addressed during the webinar. If you missed the webinar, you can access the entire recording HERE.

Scaling the Password Wall

Passwords are a necessary evil administrators have to put up with, right? Wrong. A common myth addressed during the webinar was biometric solutions are unable to scale for organizations because of their diverse needs. Passwords are the most common form of authentication used today because they can be managed across any device type without special user or administrator education. Biometrics on the other hand varies in modality and often times can be portrayed as difficult to implement because it requires user acceptance and education. The missing link is a strong platform like Good Dynamics to deliver a trusted authenticator like EyeVerify’s Eyeprint ID™ for Good. Together, users can conveniently and securely access their corporate resources to the delight of administrators and their mobile workforce.

POLL RESULT

During the webinar, we asked the participants to give us a view into their concerns surrounding mobile access and authentication and the results below display visible trepidation. Over 60 percent of the respondents showed a high or very high level of concern for mobile authentication.

Question 3 no title

 

 

 

 

 

 

 

Money, money, money

Biometrics can be cost effective? Believe it. In the webinar the myth that biometrics weren’t cost effective was easy to debunk. When evaluating a biometric solution you want to look the implementation process, future upgrades, and user experience outside of raw costs. It’s true many biometric solutions can require substantial investments due to expensive hardware required, but that doesn’t mean all biometrics are out of reach. EyeVerify is unique in providing a software-only solution that can deliver advanced authentication on your existing device. There’s a smartphone and/or tablet in the hands of nearly every employee in nearly every industry today. And whether corporations embrace BYOD programs or mandate corporate devices to access critical business resources they are able to do so conveniently, securely and privately through taking a selfie.

Organizations detest when a technology solves their unique business need, but requires them to upgrade or change their service every time their hardware changes (ex: an employee gets a new tablet and their case with a smart-card reader isn’t compatible). EyeVerify makes it simple. It’s as easy as downloading an application. Which means device agnostic, easy to implement, and happy users who can separate their personal and corporate lives with one device.

Clear as mud?

So we’ve talked about scalability and cost effectiveness but what about options? Maybe you want to be able to use strong or two-factor authentication for every app your workforce touches or maybe just for a few apps that access sensitive information. That’s where the Good Dynamics platform comes in. If any organization wants to deploy Eyeprint ID for individuals, user groups, or application types they have the option to customize their configuration based on their individual needs. And because EyeVerify’s integration is at the platform level it makes it possible to support a large ecosystem of third party apps. 

POLL RESULT

So is the world officially ready for biometrics? Not just yet. But our webinar poll results do indicate organizations are warming up to the idea. We asked attendees how much confidence our session gave them as they consider employing biometrics and their results show 40 percent are either very confident in biometrics or they are ready to try it out for themselves.

Question 4 no title

 

 

 

 

 

 

 

 

Be sure to visit our friends’ blogs from Good Technology HERE and BiometricUpdate HERE to see what other myths were discussed.

 

Of course, if you want to give Eyeprint ID for Good a try in your environment, request your own trial here: https://community.good.com/gd-app-details.jspa?ID=978854

EyeVerify Looks Ahead with Introduction of Eyeprint ID™ v2.0

Major Breakthrough in Biometric Mobile Security at the Speed of a Selfie

SAN FRANCISCO, 3 November 2014 – EyeVerify Inc., creator of Eyeprint IDTM, the patented biometric technology that eliminates passwords on smart devices, today unveiled EyePrint ID v2.0, a significant breakthrough in biometric security technology that provides highly accurate, fast and even more convenient mobile identity protection on smartphones and tablets. Watch video.

The new version of Eyeprint ID, which is being formally unveiled at Money 20/20 in Las Vegas this week, features a natural, seamless user experience with an incredibly fast authentication time for smart devices, as fast as 800 milliseconds, which is instantaneous from a users’ perspective.

Toby Rush, CEO and Founder of EyeVerify said, “Mobile users and content providers alike are looking for secure, convenient and private measures to protect their phones and valuable data. People and companies are embracing biometrics replacing passwords on mobile devices. The latest version of Eyeprint ID is the fastest, most secure and most affordable option available.”

EyeVerify’s patented Eyeprint ID technology uses built-in cameras in today’s mobile devices to image and then pattern match the blood vessels in the whites of users’ eyes for highly accurate, fast and convenient mobile identity protection. EyeVerify is the only company to offer this highly secure and scalable approach to identity verification that requires no additional hardware and eliminates the need for passwords.

Currently in final beta, Eyeprint ID v2.0 will be commercially available in early January 2015 across iOS and Android devices and apps. Eyeprint ID is currently deployed to enterprises through Good Technology™, to banks throughout Australia via The System Works Group and will be available for AirWatch Secure Content Locker customers later this year. EyeVerify is providing Eyeprint ID v2.0 demos at Money 20/20 in Las Vegas at 10:30am PST on November 5 at the Aria at the Starvine 10.

It’s been a busy 2014 for EyeVerify. In addition to international implementation of Eyeprint ID, in August (as reported in the Wall Street Journal) the company announced the completion of its Series A equity funding round of more than $6 million with participation by companies including Qihoo 360 (NYSE: QIHU), Samsung (OTN: SSNLF), Sprint (NYSE: S) and Wells Fargo (NYSE: WFC). In April, EyeVerify won Best of Show at Finovate 2014.

 

Until now, eye biometrics have been confined to highly-guarded military compounds or Hollywood sci-fi. Cyber-threats such as the Heartbleed bug, Shellshock, the recent Dropbox breach and ongoing password hacking, combined with rapid improvement in front-facing smart device camera quality and the wild popularity of selfies on social media have fostered an environment where consumers are embracing secure biometric mobile security like Eyeprint ID. For more information about Eyeprint ID v2.0, visit EyeVerify.com.

###

About EyeVerify Inc.

EyeVerify Inc. is the creator of Eyeprint ID™ – transforming an ordinary selfie into a key that protects your digital life. Eyeprint ID is a highly accurate biometric technology for smart devices that delivers a password-free mobile experience with convenient, secure, private authentication. This patented solution uses existing cameras on mobile devices to image and pattern-match the blood vessels in the whites of the eye.

Fireworks

The magic move: looking up and to the left

The world has a lot of surprises in store for the person who glances at the right time, but it’ll be no surprise when Eyeprint ID unlocks your phone with no more than a look.

Check the time.

NASDAQ is up.

Those are some cute shoes.

Pete got a haircut.

The tomatoes look ripe.

What is the dog eating?

You have thoughts like these, right? They take almost no time, so we don’t dwell on these notions, but we have them hundreds of times a day. And they spring from an action no greater than a glance.

 

It’s a flick of your eyes to the wall, to the TV, to your co-worker, to that woman on the train. We do it all the time and almost effortlessly.

 

Which is why it’s so amazing that this insignificant movement of the eyes now holds a near-magical power for our mobile security. Looking up and to the left is all you need to do to unlock your phone with Eyeprint ID.

 

It’s not what you’re looking at that matters – it’s that flash of your eyes that shows your phone that you’re really you. But why not get some bonus “looking” in?

 

Line up your phone, check out the world to your left and you’re in. Who knows what sort of amazing things you might see? Here are some possibilities:

 

Uncle Sam on stilts …

Uncle Sam

 

 

 

 

 

 

 

A llama chewing …

Llama

 

 

 

 

 

 

 

 

 

Maybe a dog riding a tricycle (Olden Days users only) …

Dog on a tricycle

 

 

 

 

 

 

 

 

 

 

Your kid jumping off a dock …

Dock jumping

 

 

 

 

 

 

 

Some parkour …

Parkour

 

 

 

 

 

 

 

Fireworks!

Fireworks

 

 

 

 

 

 

 

or Mario running a race.

Mario

 

 

 

 

 

 

 

There might be some good things happening on the right side of your visual field, but why risk it? Just witness all the great things that happen when you glance up and to the left. Most importantly, you get simple, secure access to all the great stuff on your device. Eyeprint ID uses the unique pattern of veins in the whites of your eyes to make sure that you – and no one else – get access to your device.

 

So you’ll unlock the world of possibilities inside your device. And when you glance up and to the left, who knows what else you might see?

 

To learn more, contact us at sales@eyeverify.com

 

Photo credits

Flickr users Marla Showfer, Martin Cathrae, National Media Museum, Stefano Corso, Ben just Ben, Howard Ignatius and smcgee

Girl looking up (1)

Change is like magic when you know where to look

Amazing new technologies pay off for people who put in the time – in the case of Eyeprint ID, all one minute of effort. Change can feel hard, even when it’s easy. Climbing into a new car for the first time, it takes a few minutes to figure out how the headlights or the wipers go on. Is the parking brake in the center console or down by your foot? Setting up the DVR was hard – from those cables to the settings – but now it’s easy for the whole family to record and watch shows. Even Facebook was kind of tricky at first for some of us. Anyone else try to comment on a friend’s baby pics and accidentally post on your mom’s timeline? Just me? Some learning curves are steeper than maybe we think they should be for us, and the harder those first steps, it seems, the more vital and easy the habit becomes.

 

Even the glance it takes to unlock Eyeprint ID can prove a little tricky for some people at the very beginning. Now as training goes, learning to look up and to the left is not so bad. But people are different. Some folks can sink eight pool balls in one shot. The best IT ninjas we know can set up a cluster and RAID in a matter of hours. There’s probably even someone out there who has learned to juggle chainsaws while debugging code. But maybe these same talented people might have trouble – just at first – keeping their eyeballs centered on their phone’s camera and then looking to the left. Yet if they are so-inclined, even these users can put in the literally minute of practice to improve their looking skills to overcome this limitation. Once they have mastered this trick, they can successfully harness the biometric power of the blood vessel patterns in their eyes. And then it feels a little bit like magic.

 

Most people have it down after two tries. And your colleagues, friends and family will find it incredibly easy. Try it out now: download the app on the iTunes Store (http://bit.ly/eyeprint-ios) or the Play Store (http://bit.ly/eyeprint-android). Train it with your own Eyeprint, then invite others to try to break in. It is just so easy; people will be amazed by the simplicity – not to mention the security.

 

Change can be a pain, but it can pay off – and the effort-to-win ratio usually isn’t has high as it is for Eyeprint ID. The big prize: Poof! – no more passwords. Remember how you felt after you figured out your Tivo or got your wifi network set up? How about what it was like after you spent some time with your first smartphone or finally used Facebook to schedule an event? It’s a safe bet you barely think about those first few hours or minutes of figuring things out. At some point beyond your training, you probably wondered: How did I live without this? Just wait till your eyes are the only keys you need for a digital toolbox. The “password poof” is less than a minute away.

 

 

To learn more, contact us at sales@eyeverify.com

 

 

blog-thumb

Good Technology taps EyeVerify’s Eyeprint ID to solve the Complex Password Problem for Good’s Enterprise Customers

Big news happening for @Eyeverify and #biometrics during the opening keynote on the main stage of the Good Exchange event in New York City. Good Technology CEO, Christy Wyatt and VP Product, Nigel Thompson announced that EyeVerify’s Eyeprint IDTM is now commercially available to all Good customers. Good Technology and EyeVerify have fully integrated Eyeprint ID, so that users of the Good Dynamics Secure Mobility Platform, Good for Enterprise and other Good solutions can just “flip a bit” to enable biometrics for authentication, eliminating the password.

IMG_9163

 

Good Technology has been a leader in providing secure mobility solutions for the most security conscious IT professionals. It’s no coincidence that Good Technology is one of the very first to kill the password with biometrics, through a simple, safe and secure deployment of Eyeprint ID via their new Trusted Authentication Framework.

 

In the past, IT professionals had few desirable choices for strong, multi-factor authentication in the enterprise mobility arena. The easy to use options were not secure at all, and the highly secure options were a nightmare for end users, creating large compliance problems and oceans of end-user pushback for IT. Many people refer to this as The Complex Password Problem, which is the perfect way to think about it. Onerous password policies can push the level of security up at the expense of usability. Short and simple passwords create a gaping security hole. Since the Eyeprint is equivalent to a 50 character complex password that the end user never has to remember, enter or change – it provides the solution to what should really be known as, Password Hell.

 

Today’s press release from Good Technology has a nice summary of Good Dynamics, “The Good Dynamics Secure Mobility Platform integrates app containerization, mobile application management (MAM), an enterprise app store and mobile device management (MDM), simplifying the creation of secure mobile apps and the ongoing management of apps, data, and devices.” It’s easy to see why the safety, simplicity and security of Eyeprint ID are a great fit for enterprises using Good Dynamics.

 

When enterprises are deploying secure apps, they need an authentication solution that is software-only, so that bulky, inconvenient and expensive hardware options can be a thing of the past. They also need fingerprint level accuracy or better; Eyeprint ID is the only software-only biometric that can provide this. Most of all, enterprises need an approach that provides both ease of use and high security, instead of being trapped in the painful trade-offs between the two.

 

Here at EyeVerify, we are big fans of Dr. Nicko van Someren, Chief Technology Officer at Good Technology. As our technology and product teams have worked closely together in recent months with Nicko and his team, as well as other colleagues at Good, we have been extremely impressed. We are very bullish on the rollout out Eyeprint ID + Good, and looking forward to talking with Good customers and everyone in the marketplace about how to make Eyeprint ID work for their enterprise.  Click here to read the official press release. 

 

Current users of Good Technology can purchase or turn on a 30 day free trial today from www.eyeverify.com/good

 

ellen

“Selfie” your way to security

Lots of people are holding their phones up to their faces. Maybe they’re taking selfies, or maybe they’re on the road to liberation from passwords.

We love turning our cameras on ourselves, and thanks to front-facing lenses on smartphones, it’s easier than ever. We’ve taken to it so eagerly that – maybe you’ve noticed – it’s kind of a craze and even has that cutesy name, “Selfie” named word of the year; Could the Eyeprint be next?.

squirrelBut like any fad, the selfie suffers from hyper-exposure and people calling for a swift end to the trend. But we say it’s not so bad. OK, you don’t have to use the word, but what’s the point of having a front-facing camera if you can’t get a pic of yourself hanging out with some wildlife every now and then?

 

 

 

 

 

 

 

 

beyonceAnd you know what’s less fun than taking a selfie? Remembering 20 passwords. Go ahead, try it out right now. Decide whether you’d rather type two dozen weird strings of numbers, letters and symbols or if you might just rather look at your phone’s camera for two seconds. Because that same front-facing camera that lets you take a picture of yourself in front of Beyoncé also powers Eyeprint – the password replacement.

 

 

 

 

 

 

 

This is a real choice – you could already be using your selfies to let you into your secure accounts – and keeping everyone else out. And not just once a day. It could be every time you turn your phone on or access any number of your secure accounts.

Of course, the heart of the Eyeprint is the veins in your eyes. Accessing it is as easy as a selfie: get your smartphone in close, wait for the buzz, look up to the left, buzz again — your phone is unlocked.

You may see a lot of people around you taking what look like selfies. But it’s easy to see how they could actually be using the latest and greatest biometric security technology. Let’s look at some examples.

ellenHere’s a bunch of movie stars taking what would soon become the world’s most-shared selfie. But it could just as easily have been Bradley Cooper quickly unlocking his bank account with the Eyeprint to see if Zach Galifianakis had paid back that $10 he borrowed on the set of The Hangover.

 

 

 

 

 

 

popePope Francis continued to win hearts when he paused for a group selfie with a crowd of youths at the Vatican. But it’s easy to imagine that the amazingly hip pontiff was actually logging into his online gaming account to show off his own latest video game high scores.

 

 

 

 

 

ortizWhen the World Series Champion Boston Red Sox visited Washington D.C., David Ortiz brushed off the official White House photographer to pop his own photo with the president. A “Big Papi Selfie,” the commander-in-chief declared. Nice souvenir, but the slugger could just as easily have been unlocking his Airwatch Secure Content Locker to drop in some photos of the White House visit so he could gloat later to his rivals on the New York Yankees.

 

 

 

kangarooThere’s a lot more to Australia than kangaroos (such as Australian actor Lincoln Lewis, the human half of this pair), but we’ll just go ahead and admit that we can’t really resist a selfie featuring a marsupial. And these guys are actually in a great place to celebrate biometric security, since Brisbane-based The System Works Group (TSWG) is now including Eyeprint ID in its mobile banking app. So while we’re thinking up “shrimp on the barbie” jokes, this pair could be securely watching their dollars roll in via NetTeller Mobile Money. And they have even more reason to be comfortable in front of a smartphone camera, since the word “selfie” was coined in the land down under. Thanks a lot, mates!

 

 

So all those people you see holding their phones for selfies? They might be doing a little more than capturing the moment. They could be freeing themselves from those silly lines of numbers, letters and symbols that used to make us feel safe. The selfie is way more than a passing fad – it’s our secure ticket out of Password Town.

To learn more, contact us at sales@eyeverify.com

 

Photo credits

www.viralnova.com

ABC

L’Osservatore Romano

Getty Images

Instagram user linc_lewis

Eye-closeup-heartbleed

Stop the bleeding! Password fatigue is turning into password madness.

As if you didn’t already have enough reasons to hate your passwords, a programming mistake meant that almost everyone was supposed to change them or risk everlasting doom.  You have to ask: Why are we still using these things?

Remember last week when you were supposed to change a boatload of your passwords to set your mind at ease? If only all your web services had been using Eyeprint, your weekend could have been a little less stressful.

The Heartbleed OpenSSL bug capitalized on a problem with program design that allowed hackers to get at sensitive user information. It’s not clear how many people had passwords stolen, but once the mistake was fixed on servers, security experts suggested that everyone change their passwords. And the fallout was so widespread and noteworthy that the bug got its own logo.

Thus began the ridiculous and time-consuming task of figuring out which services use Open SSL, visiting each of their sites, and then figuring out one by one how to meet the password change requirements. It seemed like an endless and pointless navigation across the entire Internet to protect yourself – all because someone forgot to check some code. It was the best (OK, worst) illustration we’ve seen of password fatigue. That’s the weariness you feel because you have to remember a big list of passwords and then when you have to change them all because someone broke the Internet.

And that’s if you’re one of the people who took the time to do it; plenty of people may not have had the time and are just sitting ducks with potentially compromised security.

But if you’re anything like us, as you logged in to secure your Gmail, Facebook and Tumblr accounts, you thought, “There has got to be a better way.”

Sure is. Biometric security like the Eyeprint is already here and ready to protect information. Industry heavyweights are already working together to set standards for strong authentication. These will usher in the age of biometrics and do away with passwords as we know them.

For users, it will mean that access to everything could be as simple and frictionless as literally looking at a smartphone. No more coming up with “low-security” passwords for throwaway sites and more complicated “super-secure” codes for banking and communication services. By the time you’ve converted to Eyeprint software, doing the password dance will seem like fixing the wheels on your covered wagon.

No one can pull your Eyeprint from a server, because the software doesn’t send out that information, explains EyeVerify CEO Toby Rush. “Since your Eyeprint never leaves your device, it cannot be compromised in transport or in the cloud,” he said. And that’s not true for most other biometric security software.

Some people are already reaping the benefits. Users of AirWatch mobile device management software can have the peace of mind that comes with using Eyeprint security.

So will Heartbleed be the wakeup call to dump passwords? Or are people going to have to become victims of theft in huge numbers before we decide to make our lives simpler and more secure?

It could be so easy: bring your phone in for a close-up selfie, wait for the buzz, eyes up left, another buzz: you’re in! Password fatigue and Heartbleed are out.

To learn more, contact us at sales@eyeverify.com

 

Sources

http://www.zdnet.com/blog/perlow/heartbleeds-lesson-passwords-must-die/15793

http://globalnews.ca/news/1263581/heartbleed-may-lead-to-more-security-audits-advanced-security-services/

http://www.forumsys.com/api-security/how-to-fix-openssl-heartbleed-security-flaw/

http://fidoalliance.org

 

Photo credits

David Castillo Dominici / FreeDigitalPhotos.net

http://heartbleed.com

Todd Hall / flickr (original image modified)

Unique reflections and movements.

How could biometrics be used for the better delivery of health?

By: Riddhiman Das

According to a 2006 report from the Institute of Medicine, 1.5 million people were harmed by medication errors; similar studies indicate that 400,000 injuries occur yearly in hospitals as a direct result of medication errors. A large majority of these errors are pharmacy misfills.

The most common prescription errors were due to the pharmacist putting someone else’s medicine to the customer, mostly due to mis-identification of the patient. Other common errors involved the pharmacist putting the wrong prescription medicine in the pill bottle, or putting the right medicine in the incorrect dosage in the pill bottle, or mislabeling the medicine with the wrong instructions.

In addition to damaging a patient’s health, or even causing death to the patient, due to receiving the incorrect medication, the societal losses due to such errors include the imposition of increased health care costs to everyone due to the medicine being given makes the recipient sicker, not healthier, and in return, causes medical costs to rise for everyone.

While a 2002 legislation by the FDA requiring bar code scanning for all patients at hospitals has reduced medication errors by 86% in the nine years since the law – these kinds of incidents resulting from medical errors are still too common to ignore, especially in situations when the patient does not have a bar code. This is often the case when getting re-fills for medications; recent reports indicate that pharmacists estimate a 10% error rate in medication re-fills.

One of the major issues hindering the healthcare industry from delivering more accurate healthcare is a seamless method of identification of patients that works consistently and reliably. In an ideal situation, such a method for biometric identification would be relatively inexpensive to deploy at a larger scale, so that the cost of such a method would not prevent patients from being able to always identify themselves; even when they are not admitted as a patient in a particular hospital.

Healthcare institutions have evaluated a wide variety of technologies to help solve this problem, and biometric technologies for identification have been one of the main areas of active research in hospital and pharmacy management. Such experiments have shown that traditional biometric technologies do not work effectively in such situations.

We believe that modern biometric technologies could be applied in this domain to significantly reduce errors that arise from patient mis-identification.

The latex gloves worn by many healthcare professionals have made the widespread application of fingerprint enrollment and authentication quite challenging. It’s also been shown that frequent hand washing causes dry skin which causes many commercial fingerprint sensors to not be able to authenticate correctly, in a reliable and consistent fashion.

Other biometric technologies like retina scanning and iris scanning are still really expensive and inconvenient, which reduces their applications to mostly blocking insecure transactions, instead of facilitating secure, authentic transactions.

Over the last five years, smartphones are also becoming more commonplace in healthcare. Medical professionals will often use text messages and similar instant messaging communication media to communicate with each other about patient status. Even tablets are starting to become more prevalent – medical schools now provide students tablets to use as textbooks and to round on patients. With this increase in the use of mobile technology, comes the increased risk for HIPAA compliance issues.

As smartphones are outselling feature phones in the United States, it’s not just healthcare workers that are using them – more and more patients are coming to hospitals and pharmacies with a smartphone or tablet in their pocket, and pharmacies and hospitals are getting on the smartphone bandwagon by coming up with customized apps as well.

This increased prevalence of smartphones among patients and healthcare professionals along with the dire need of the healthcare industry as a whole of a simple, yet secure and reliable way of identifying a patient receiving a particular course of treatment or medication presents unique opportunities. The next phase of healthcare information technology would benefit greatly by focusing on tying these two trends together to provide a cohesive solution.

The big question is, is there already a way to tie these two recent trends together to provide a security and identification solution that is scalable, inexpensive and significantly better than all current technologies? Learn more in my next post.

 

http://c.ymcdn.com/sites/www.acpm.org/resource/resmgr/timetools-files/otcmedsclinicalreference.pdf

www.cnn.com/2010/HEALTH/03/15/bronx.clinic.iris.scan/

www.futurist.com/articles-archive/retinal-scanning-reversed/

www.emrandhipaa.com/emr-and-hipaa/2012/11/01/retina-scanning-vs-iris-recognition-in-healthcare-best-technology-seen-at-ahima/

http://www.marylandinjurylawyer.net/pharmacy-misfills-and-medication-errors.html

http://www.myfoxdc.com/story/22821212/fox-5-investigates-medication-mistakes-that-can-kill#axzz2xVL9whjb

http://www.securityinfowatch.com/article/10473265/hospitals-can-finally-put-a-finger-on-biometrics

http://www.ober.com/publications/2046-are-your-mobile-devices-hipaa-compliant-practical-steps-ensure-compliance

Unique reflections and movements.

Coming soon to Wikipedia: the Eyeprint explained

Soon, people who want to learn more about the technology behind the Eyeprint will be able to find information on the world’s most popular encyclopedia. But until then, here’s a preview of the Wikipedia article awaiting approval. These things change a bit during the approval process (and afterward, when anyone can edit), so don’t be surprised if it looks a bit different when you visit the entry.

Eye vein verification is a method of biometric authentication that applies pattern-recognition techniques to video images of the veins in a user’s eyes.[1] The complex and random patterns are unique, and modern hardware and software can detect and differentiate those patterns at some distance from the eyes.

Introduction

The veins in the sclera — the white part of the eyes — can be imaged when a person glances to either side, providing four regions of patterns: one on each side of each eye. Verification employs digital templates from these patterns, and the templates are then encoded with mathematical and statistical algorithms. These allow confirmation of the identity of the proper user and the rejection of anyone else.

Advocates of eye vein verification note that one of the technology’s strengths is the stability of the pattern of eye blood vessels; the patterns do not change with age, alcohol consumption, allergies, or redness. Eye veins are clear enough that they can be reliably imaged by the cameras on most smartphones. The technology works through contacts and glasses, though not through sunglasses. At least one version of eye vein detection uses infrared illumination as part of the imaging, allowing imaging even in low-light conditions.

History

Dr. Reza Derakhshani at University of Missouri, Kansas City, developed the concept of using the veins in the whites of the eyes for identification. He holds several patents[2][3] on the technology, including a 2008 patent for the concept of using the blood vessels seen in the whites of the eye as a unique identifier.

Uses

Eye vein verification, like other methods of biometric authentication, can be used in a range of security situations, including mobile banking, government security, and in healthcare environments.

EyeVerify, a Kansas City, Kansas, company, markets eye vein verification with a system called Eyeprint.[4] In 2012, EyeVerify licensed the technology developed and patented by Derakhshani. And Derakhshani now serves as chief science officer of EyeVerify.

Advantages

  • Eye vein patterns are unique to each person
  • Patterns do not change over time, and are still readable with redness
  • Works with contacts and glasses
  • Resistant to false matches

 

Disadvantages

  • Phone must be held close to face
  • Not supported on devices without cameras, nor on older smartphones

 

See also

 

References

1. Patent 8,437,513 http://patft.uspto.gov/netacgi/nph-Parser?Sect2=PTO1&Sect2=HITOFF&p=1&u=/netahtml/PTO/search-bool.html&r=1&f=G&l=50&d=PALL&RefSrch=yes&Query=PN/8437513

2. Patent WO2006119425 http://patentscope.wipo.int/search/en/WO2006119425

3. EyeVerify www.eyeverify.com

numb3rs

At the movies: A better tomorrow with Eyeprint

How movies and TV shows have been freaking us out about biometrics and why everything’s going to be OK thanks to EyeVerify.

EyeVerify’s Eyeprint technology is on the cutting edge, but the imaginations of movie and TV writers have been ahead of the real world for years. They dreamed up consumer biometrics before they were out of the lab and even before the new technologies were developed.

Yet, for some perverse, box-office driven reason, TV and film producers love to portray biometric security as part of nightmare scenarios. From elective surgery to gruesome, eye-gouging assaults, they have envisioned the worst cases of what using our eyes as digital keys could bring.

Happily, these situations are pretty much impossible and ridiculous. Let’s take a look at a few — what happened in the movie or TV show and why it’s pure fiction.

Demolition Man (1993)

What happens in the movie:

Futuristic super-criminal Simon Phoenix, played by a dyed-blond Wesley Snipes, aims to escape a highly secure prison. He escapes his restraints, then gruesomely scoops out the warden’s eye, impales it on a fountain pen and tricks the scanner by waving it around and making pretty much everyone squirm in their seats. Yikes!

Watch Clip 

Why they should have used the Eyeprint:

Luckily for us, and sadly for future super-criminals, this strategy is not going to work. Eyeprint technology can detect whether the eyes it is scanning are live or not. Not even a set of extracted eyes waved around on fountain pens — and not even a cadaver with its eyelids held open — would have the proper kind of movement and liveness to pass muster with Eyeprint software.

Sorry, Mr. Phoenix, Simon says you’d stay in jail.

demolitionman

 

 

 

 

 

This scene quickly became so infamous that a floating eyeball was a major feature of the Demolition Man pinball machine.

 

The Avengers (2012)

What happens in the movie:

Super-villain and Norse trickster god Loki uses a holographic imaging device to transmit a facsimile to his associate. Loki brutally slaps this thing onto a petrified German doctor, and the sound effects make it sound pretty awful (Plus, why are there spinning blades!?). The henchman, Agent Clint Barton, has a separate device that projects a live video hologram of the victim’s eye. Barton holds the image up to a scanner, which unlocks a door, allowing him to make off with some precious iridium.

Watch Clip

Why they should have used the Eyeprint:

The first problem here is that this hologram is monochromatic and would be easily detected as a video projection. But let’s assume that Loki could arrange for technicians back on his world of Asgard to upgrade him to a full-color eye hologram scanner. Yet even a full-color hologram would not reflect light in a way that Eyeprint software would recognize as a live, valid eye.

Looks like Loki would just have to continue enjoying the party in that dapper suit.

avengers

 

 

 

 

 

 

 

 

 

 

While EyeVerify does not claim to withstand all technology used by Norse gods, in this case, Loki would be out of luck.

 

Numb3rs (2006)

What happens on the show:

A team of burglars breaks into a secure laboratory at CalSci University and then tricks an eye scanner. They don’t have an authorized person, and they don’t even have an authorized person’s eye. But they do have a laptop that transmits an encrypted code corresponding to the eye of an authorized person. The CalSci system registers an actual eye scan and unlocks security bolts, allowing the burglars to hustle away a valuable and potentially dangerous machine.

Why CalSci should have used the Eyeprint:

David Krumholtz’s character, Charlie Eppes, explains that the security system doesn’t actually “read” the eye, but identifies in the image of the eye a series of nodes and lines. The system treats the image of the eye like a map of a constellation, measuring distances from one node to another. It then uses algorithms to create a code just for that eye.

And while that’s solid mathematics, Eyeprint software goes several steps further. It has built-in foils to confound this kind of attack. Even the most sophisticated burglar would have no idea exactly which parts of the Eyeprint to select for his fake code. All of that encryption happens inside EyeVerify’s secure software.

These burglars would be heading back to class.

numb3rs

 

 

 

 

 

 

At CalSci, someone has also installed an incredibly burglar-convenient plug right next to the eye-scanning device, which allows the thieves to connect the laptop directly to the scanner. EyeVerify has never supported a burglar plug in its software.

 

Minority Report (2002)

What happens in the movie:

Tom Cruise as John Anderton is on the run after being implicated in an upcoming murder. But in the world of 2054, eye-scanning technology is everywhere, from offices to stores to billboards. He can’t go anywhere without being recognized. So he finds an unsavory doctor with a spare set of innocent eyeballs and gets a transplant. That lets him get around the city, but to get back into his secure headquarters and to prove his innocence, he has to keep his old eyes with him — in a plastic sandwich bag.

Watch clip.

More security with the Eyeprint:

Of course, as an audience, we’re rooting for Capt. Anderton, but he would have to find another route to vindication if the Eyeprint were in use. His new eyes would work at The Gap and for all those advertisements, but he would also have to settle for all the access of his eye donor, Mr. Yakamoto. Capt. Anderton’s eyeballs probably would not last too long outside a body, especially getting jostled around in a plastic baggie. Even if they did hold their ball shape, the white parts that contain the EyePrints would begin to discolor, making them unreadable and unauthorizable.

Even if he couldn’t clear his name, with his new eyes John Anderton could easily enjoy Mr. Yakamoto’s selection of assorted tank tops from The Gap.

Minority_Report

 

 

 

 

 

These terrifying spider robots force Capt. Anderton to take off his bandages a little early, but their scans indicate he’s the innocent Mr. Yakomoto and not a fugitive.

 

The Simpsons Movie (2007)

What happens in the movie:

Russ Cargill, head of the Environmental Protection Agency, tries to have his eye scanned to get access to the White House. When neither eye works, he holds up to the scanner a 20-eyed mutant squirrel. With all those eyes, one of them has to work — and it does! Soon, Director Cargill is in the Oval Office, presenting options to contain Springfield to a cartoon version of President Arnold Schwarzenegger.

Why the cartoon White House should have used the Eyeprint:

Whatever system the cartoon federal government is using, it is clearly far too permissive if it allows woodland creatures into the West Wing. EyeVerify doesn’t claim perfection, but in an independent lab at Purdue University, Eyeprint software did not more than one unauthorized user out of 50,000 attempts.  So with Eyeprint, Cargill could stroll into secure areas he’s authorized for, even without bringing along his disturbing animal specimens.

simpsons

 

 

 

 

 

Despite the impeccable record of EyePrint software, it’s worth noting that it is not currently supported for mutant, squirrel or cartoon eyes.

 

To learn more, contact us at sales@eyeverify.com

 

Sources

http://forensicmd.files.wordpress.com/2009/12/early-postmortem-changes1.pdf

http://www.kumj.com.np/issue/4/276-277.pdf

http://eyeverify.com/wp-content/uploads/2013/08/White-Paper-Third-Party-Verification-of-Eyeprint-Accuracy.pdf