XML may bring biometrics into the mainstream

29/03/2002 Written by By Jon Surmacz

(IDG) — Verifying that you really are who you say you are isn’t like it used to be. An ID badge or pass­word is no longer enough.

Con­sider the ris­ing pro­file of bio­met­rics, the prac­tice of ver­i­fy­ing one’s iden­tity based on a phys­i­o­log­i­cal or behav­ioral char­ac­ter­is­tic, such as fin­ger­prints, hand­writ­ing or reti­nal scans (see “Face time,” link below).Fram­ing­ham, Massachusetts-​based Inter­na­tional Data Cor­po­ra­tion says the world­wide bio­met­rics tech­nol­ogy mar­ket reached $118.8 mil­lion in 2000, and will increase over the next five years at a com­pound annual growth rate of 50 percent.

As more bio­met­ric devices come to mar­ket, how­ever, the indus­try must grap­ple with how to for­mat data so that it can be effi­ciently sent to and from dif­fer­ent devices and shared among many appli­ca­tions. One way to do that is to use XML, an author­ing lan­guage that allows pro­gram­mers to describe data on the Web. XML is increas­ingly pop­u­lar in B2B appli­ca­tions, and now it may be on its way to bio­met­rics.

The Bil­ler­ica, Massachusetts-​based Orga­ni­za­tion for the Advance­ment of Struc­tured Infor­ma­tion Stan­dards (OASIS) recently announced that its mem­bers have formed a com­mit­tee to pro­vide XML stan­dards for bio­met­ric data. The XML Com­mon Bio­met­ric For­mat (XCBF) will be designed to work with the Com­mon Bio­met­ric Exchange File For­mat (CBEFF) — the cur­rent generic stan­dard for bio­met­ric data. In Jan­u­ary 2001, NIST, in con­cert with the National Secu­rity Agency, pub­lished its CBEFF guide­lines.

“This is an exten­sion of exist­ing tech­nol­ogy cou­pled with recent U.S. stan­dards in bio­met­rics cou­pled with extended exist­ing tech­nol­ogy to use XML markup,” says Phillip H. Grif­fin, chair of the OASIS XCBF tech­ni­cal com­mit­tee and pres­i­dent of Grif­fin Con­sult­ing. “We’re open­ing up bio­met­rics infor­ma­tion to be trans­ferred in the XML space.”

XML stan­dards will help incor­po­rate bio­met­ric data into smart cards (see “Get smart,” link below), radio fre­quency iden­ti­fi­ca­tion (see “McDonald’s puts hot tech­nol­ogy in con­sumers’ hands,” link below), and even cell phones, says Grif­fin. XML will enable these devices to access data­bases through the Web, which will make ver­i­fi­ca­tion faster and more accu­rate. Grif­fin says XML stan­dards could be ready within one year, but fig­ur­ing out how to encrypt the data could delay the project.

Cathy Tilton, chair­man of the BioAPI Con­sor­tium, says the cou­pling of BioAPI, CBEFF, XCBF and X9.84 will pro­vide com­pa­nies with bet­ter authen­ti­ca­tion and ver­i­fi­ca­tion tools that can be used for every­day online trans­ac­tions, not just high-​tech air­port scan­ners.

“Peo­ple still think of bio­met­rics as ‘Star Wars’ or ‘James Bond’ kind of stuff,” Tilton says. “It’s much more mun­dane than peo­ple think. It has uses at the desk­top level. Stan­dards drive the tech­nol­ogy to become more of a com­mod­ity item.”