FORTUNE Small Business

Finger-lickin' safe

A new biometric security device promises to make PC passwords obsolete.

By Jonathan Blum, FSB contributor

LAS VEGAS -- Wondering if it's time for a bit of the "Mission: Impossible"/Jack Bauer/"24" biometric security thing for your business? You're not alone. Biometric security devices are popular here at the Consumer Electronics Show in Las Vegas. One intriguing item I tested: a nifty little fingerprint scanner from Upek, called Eikon Digital Privacy Manager ($50), that debuted at the show and is due out later this year.

My verdict: The Eikon's slick and can be easy to use, but don't expect it to transform you into a biometric Tom Cruise anytime soon. Using digital riffs of your fingerprints instead of passwords simply ain't movie-star simple.

Upek's Eikon Digital Privacy Manager is easy, but it isn't perfect

Hollywood's romance with retinal, fingerprint, and face scanners aside, biometrics in a real business present serious challenges. Sure, the systems almost magically capture digital samples of body parts, facial features and even veins - I kid you not, Fujitsu has a hand-vein scanner - and then matches that biometric sample to databases of passwords or other data.

But there are issues: The scans can get accidentally corrupted. It is easy to mismatch say, a password to your index finger. And, like any security technology, biometrics can be beaten. In 2002, an one enterprising mathematician named Tsutomu Matsumoto took down several fingerprint scanners using the stuff gummy bears are made from. Not good.

Upek executives bristle at the suggestion that their technology might be vulnerable to hacking. "No system is foolproof," says Brian Degonia, software product manager at the Emeryville, Calif.-based firm. "But we make it practically impossible for our systems to be beaten."

The real question is whether biometric devices are superior to password-based security systems in the real-world office. Upek is betting that its Eikon is just that mainstream security tool.

The Eikon is an elegant little gizmo the size of two sticks of Juicy Fruit gum. Finished in blue metal, the unit plugs into any USB connector and comes with software that matches your fingerprints to your application and Web page passwords.

Installation was easy enough. After scanning in my left-hand index and middle fingers - all very CIA, thank you very much - the Eikon prompted me to enter passwords for my PC, my Web log-on, my Palm Desktop and all the rest.

After about 15 minutes of entering numbers, I was working password-free - mostly. When the Eikon works, it works well. You do save time normally spent logging in with passwords. But I could not get the Eikon to work as I wanted it to. Even after several weeks of testing, I could not reliably scan my finger each and every time.

So my left index finger became sort of a mini-digital deer lick: Swipe. Swipe. Swipe. Swipe. Swipe. (If you've used a MetroCard in the New York City subways, you know the drill.) I really didn't mind. But I know plenty of people who would.

My advice? If you are using good, strong passwords - you know, eight case-sensitive numbers and letters - and you change them regularly, I wouldn't bother with something like the Eikon.

But if you're like most people and the password for every account is your puppy's three-letter nickname, I would say the Eikon is worth some serious consideration.

You can't be too careful online.

Microsoft's four-letter #&!? Word

The Complete Layman's Guide to Cyber Safety Top of page