Enter the world or Fujitsu PalmSecure vein pattern recognition technology

    Today, there are quite a few ways of identifying a person by biometric parameters - by face, voice, handwriting, fingerprints, retina, but most often it is the guard's responsibility to pass proxies, and launching programs requires a password. Moreover, each of these methods has a number of other disadvantages. So, the fingerprint identification procedure is not as convenient as we would like, and face recognition works relatively unreliably. Perhaps only retina recognition has the optimal ratio for the user of false access restrictions for an authorized user and the ability to fake his biometric characteristic.

    It is believed that the “open palm” gesture dates back to the Stone Age, so meeting members of different tribes showed that they did not have a stone in their hand and were not going to fight. The same gesture was the basis of the technology developed by Japanese Fujitsu engineers: to enter the building or launch a program or equipment, simply raise your hand and hold it above the Fujitsu PalmSecure sensor for several seconds. The method of identification of the veins of the palm, taken as a basis, is as reliable as the method of identification by fingerprint, but less often “forgets” the owner, and, as a result, provides the highest percentage of responses.

    Mechanism of action


    The scanner irradiates the hand in the near infrared range and reads the pattern of veins, which are warmer than the surrounding tissues due to the blood coming from the heart. The image of the venous pattern in the palm of your hand is recorded in a 5 MB image containing a temperature of 5 million points. This image is encrypted using the AES algorithm with a resolution of 128 or 256 bits. Through the USB interface, the encrypted file is transferred to a PC, server, laptop or industrial PC, where a biometric template (hash, in other words) of 1 to 3 KB is generated. The biometric template is secondly encrypted using the AES algorithm and is used in all subsequent operations. Such a mechanism does not require the use of additional devices for data storage, which ensures the complete safety of information (unless the scanner itself is stolen).

    For registration, a double scan of the user's palm is performed and a biometric template is created. This operation is one-time and longest - it takes 10 - 30 seconds. The user identification process lasts 1 - 2 seconds.



    Each developer company using the PalmSecure suite receives its encryption key from the developer, Fujitsu. This key encodes a biometric template that is available only to the integrator. In this case, the cipher used to encode information is available only to the company operating the sensor. This approach prevents the risk of potential forgery of patterns by the developer or integrator.

    Degrees of trust


    There are several user recognition scenarios. If a high level of secrecy is not required (note about arrival and departure from work) and the circle of persons is limited, then identification 1: N is used. In this case, the user only needs to scan the hand, and the resulting biometric template is compared with the database stored on the central server. After comparison, the template received from Fujitsu PalmSecure is erased. When identifying thousands of users (1: 1000), this technology gives the likelihood of accidental triggering on someone else's vein pattern (hereinafter referred to as FAR) - 0.0008, and the palm of an authorized visitor may not be recognized in 0.1% of cases.

    Such a method is convenient, but there is a theoretical danger of falsification or erroneous operation. Therefore, for public places (ATMs), especially secret areas in companies and enterprises of increased danger (NPPs), personal identification 1: 1 should be used. With it, in addition to drawing veins, the user must be verified at another level of protection - dial a PIN code, password or attach a smart card. This approach can be used both for access to a room, access to a PC, and for launching a separate application or access to an ATM. It is when using a smart card that a high level of reliability is achieved with maximum user convenience. When using a smart card, two options are distinguished - TOC (Template-On-Card or template-on-card) and MOC (Match-On-Card, comparison-on-card).

    In the TOC version, a copy of the biometric template of the venous pattern of the palm of the owner is recorded on the smartcard chip. The system compares the patterns received from the scanner and smart cards, and this can be done both on the central server and on the local smart card reader. After checking the identity, the resulting patterns are erased.

    In the case of MOS, the biometric template of the palm from the sensor is compared on the smartchip itself (after comparison, the template received from the palm is erased). For this operation, the chip requires 10-13 KB of memory and Java support. Since the information about the biometric template sewn into the smart card does not leave it, this method is the most reliable among the 2-factor methods of biometric identification. However, it is also the most expensive, since strict requirements are imposed on the chip; therefore, it is used only in ATMs, payment terminals, and secret zones of enterprises and state institutions.

    Secrets of Reliability


    The reliability of this access method is explained by both a cryptographic algorithm resistant to hacking and the very location of the veins inside the human body (access to them is more difficult even than to the retina of the eye). In terms of reliability, MOS identification by vein pattern significantly exceeds that of the retina and is the highest in the industry.





    Before launching into mass production in 2005, research on recognition technology using vein pattern was carried out for 20 years; in total, the scanner was tested on 150 thousand people of different ages, sex, nationality and profession. It turned out that the pattern of veins in the palm of people’s hands is as unique as fingerprints - it varies even among twins. Over the course of life, the size of the palm changes, but not the overall pattern of the lines. Delicate Japanese also claim that it is impossible to diagnose a user's illness using a scan - they take care of the secret of their personal lives. As for dirty hands, the scanner is possible, but detailed studies on the acceptable limits of contamination have not been carried out. Overdried or moistened palms, hands of patients with diabetes (which, according to Fujitsu, have a low oxygen content in the blood) are not an obstacle to the operation of PalmSecure. Some problems are with anemia patients (they have constantly low blood pressure), you may need to re-scan or rebuild recognition algorithms. But the narrowing of blood vessels in the user does not cause problems with the scanner.



    Regarding the durability of the sensor coating, the manufacturer considers it sufficient. If the customer wants to strengthen it, then flat glass is not suitable, since it will leave glare and distort the picture, concave or convex non-polarized glass is necessary.
    The power of infrared radiation from PalmSecure is ten times lower than that from a TV remote control - it is harmless and therefore is used in many medical institutions.

    Also popular now: