« World's smallest flash drive — 'washer and dryer safe!' | Home | GettaGrip Musclephone »

December 11, 2008

Why palm scanning is the new fingerprinting


It's quite simple, actually: you don't have to touch anything.

I can say from experience that every time I put my right index finger on the little glass window of my hospital's Pyxis machine to check out drugs for a case, I wonder just what's on that little window after scores of people have done the very same thing earlier that day.

Yo, joe — you're supposed to clean the window off with a little sterile wipe before you put your finger on it.

Yeah, right — maybe you'll help me find those wipes, which disappear early in the morning and never get restocked.


Kim Thomas's November 25,2008 Financial Times article has the details, and follows.

    Identity revealed in the palm of one hand

    Most of us are familiar with the need to prove our identity, whether to access a computer network, liaise with our bank or get into a place of work. But the most common proofs, such as passwords or smartcards, are susceptible to error or fraud. Now some organisations are looking at biometrics systems, which identify individuals by a unique physical trait, such as fingerprints.

    Take the hospitals run by Carolinas HealthCare System, a US healthcare provider, which attends to thousands of patients a year. As in most hospitals, it needs to identify accurately and easily all the patients who come through its doors. If a patient named Steve Jones is admitted, the hospital needs to be sure that the doctors see the electronic medical record for the right Steve Jones, and not one of the potentially many other Steve Joneses on a system that holds 2m patient records.

    "As with any healthcare institution in the world, we struggled with identifying patients at the point at which they arrived at our facility...Even for someone with a fairly uncommon name, we would have a whole list of possible candidates on our database," says Jim Burke, director of information services at Carolinas HealthCare.

    Until two years ago the hospitals checked the patient's address and asked to see a form of identity, such as a driving licence, but there was still a 1 per cent error rate whereby about 10 patients a day were misidentified. Carolinas HealthCare addressed the problem by introducing a technology from Fujitsu that had only been used in cashpoint machines in Japan: palm-scanning.

    This is one of the most promising of a number of new technologies that can identify people through a biometric indicator. Many of us know about fingerprints and iris recognition, but fingerprinting is not totally reliable and iris recognition can feel intrusive.

    The technology works by using near-infrared light to take an image of the unique vein patterns in someone's outstretched palm - similar technologies can also be used with the back of the hand or a fingertip. The technology stores the image as a biometric number. The next time the patient is admitted to hospital, their hand is scanned and matched to the biometric identifier, which is connected to the patient's electronic record.

    The system has several advantages over other biometric technologies the organisation considered, says Mr Burke. Tests of fingerprint, thumbprint and handprint technologies found they all required the patient to touch the device, which meant cleaning it with an anti-microbial or alcohol-based agent in between each use. Palm scanning is different: "The patient never actually touches the device - they hold their hand about 50mm above it," says Mr Burke. In addition, in tests the palm scanners "had the best accuracy of any device we had ever tested". With 250,000 people enrolled on the system, there has not yet been a single case of misidentification. Also, registration time has been halved.

    Ant Allan, a research vice-president at Gartner, the IT analyst, believes palm-scanning has great potential, not just because of its accuracy but because it is not dependent on having the right environmental conditions, such as being clean and dry, which can be the case with fingerprint readers. The downside, he says, is the price: palm scanners cost hundreds of dollars, while fingerprint readers can sell for under $100. This makes palm scanners more suitable for use by large numbers of people.

    Biometrics are also increasingly used to prevent deliberate misidentification for fraud.

    The construction industry's time-and- attendance system is susceptible to such fraud, says Simon Fance, project officer at the UK Biometrics Institute: "With the old clock card-based system, somebody can take a piece of paper off you and clock you in, even though you are not around." Now some construction companies have switched to fingerprints. The US Graduate Management Admission Council uses fingerprinting to stop stand-ins taking its tests on behalf of others, says Mr Fance, adding that GMAC is planning to introduce palm scanners.

    Nigel Jones, director of Cyber Security Knowledge Transfer Network, set up by the UK government to promote research, says the full potential of such technologies has not yet been recognised. He says too many people have become "bogged down" in the association between fingerprinting and crime. "It has distracted us from looking at the research that is going on in biometrics - the idea that you can identify individuals across many technologies is both interesting and ignored."

    A new report by Cyber Security KTN on the gap between research in UK universities and application of the technology reveals that research is under way into a wide range of biometric technologies, including gait and footstep recognition and even otoacoustic emission - noises emitted by the human ear in response to audio stimulation.

    Other technologies are already commercially available, if not yet widely used. Mr Allan points to face-recognition software from Sensible Vision, used for logging into a computer network: the user simply sits in front of a camera attached to their PC. "You can set up the system so it can continue to check the identity of the person in front of the screen, and if they move away from the screen, it can log them out," he says.

    Carolinas HealthCare believes biometric technology has put it ahead in patient safety. The organisation now plans to use the scanners to identify unconscious patients brought into A&E, who are normally treated in most hospitals as new patients.

December 11, 2008 at 12:01 PM | Permalink


TrackBack URL for this entry:

Listed below are links to weblogs that reference Why palm scanning is the new fingerprinting:


You have to treat these "new technology" manufacturer claims with some skepticism. The palm readers at Carolinas hospitals do not work effectively with the palm held above them. The hospitals had to make support plates for the hand that must be sterilized after each patient. See http://www.sciencedaily.com/videos/2007/1009-high_tech_patient_id.htm for more details and a video of the system in action. Unlike long-proven iris and fingerprint technologies, the accuracy of palm reading has not been validated by NIST. The palm readers are also not capable of finding a patient record in a large database (one-to-many searching) and therefore add an additional validation step rather than shortening the ID process. The better-known biometrics are improving rapidly in cost and function. Our company, Eye Controls, just released the second generation of its SafeMatch iris ID system that uses a $149 camera to instantly log-in staff or locate a patient record without further information, and with no physical contact. These systems are available and in clinical use today, and overcome all of the issues mentioned in the other comments.

Posted by: Evan Smith | Dec 13, 2008 9:58:22 AM

@ 6.02*10^23: I dunno, I didn't see that episode, are we talking about the same thing here? The tech behind this one isn't skin surface features, but the optical pattern of your subcutaneous veins, visible via infrared. I'm unclear how a plaster mold w/ latex would capture that...it would work for old fingerprint tech, definitely, but not this IR vein imaging, unless you're saying that they somehow image someone's hand in the same way, painted IR opaque paint in the same delicate pattern on their own hand or a fake, and then are covering that with latex?

Posted by: johnjohn | Dec 11, 2008 11:32:08 PM

"The patient never actually touches the device - they hold their hand about 50mm above it," says Mr Burke.

Uh, Mr B, here in the US we are still backwards enough that you should restate that as "about two inches," OK?

And yeah, Mythbusters - and other venues - have shown that most of these can be fooled rather easily if you have access to the original in some form. But that access may not be so easy.

And I hope there is a manual bypass for "patient has no hands or is heavily bandaged."

Posted by: teqjack | Dec 11, 2008 5:57:10 PM

I got a better idea. How about we just put a microchip in the back of the hand, or, if necessary, some other part of the body that is not prone to accidental traumatic removal- like, say, the forehead.

I don't know if it's the Mark of the Beast or not but it seems inevitable and it creeps me out.

Posted by: Lilorfnannie | Dec 11, 2008 4:38:00 PM

Dude, I don't know what's wrong with your materials management, but I'd lodge a complaint with the stocker's manager and demand an increase in the par levels for those wipies.

(s) Mary Sue, who's going to go back to making sure her doctors have their supplies now.

Posted by: Mary Sue | Dec 11, 2008 3:44:19 PM

The Mythbusters already cracked this - it may be fine to ID patients, but as a security system it is easily beaten with a cast of the hand, latex mold (very, very thin), some spirit gum and a little saline sprayed on the body-temp "hand."

Posted by: 6.02*10^23 | Dec 11, 2008 2:19:24 PM

The comments to this entry are closed.