handheld devices that recognize a user by the image of his/her hand. In the not-too-distant future, anyone in the house could pick up an iOS device — or a remote control, or camera — and have personalized settings queued up just for them.

The patent (which Apple first applied for in 2005) protects handheld devices with one or more “touch sensors” — buttons, touchscreens, or other interfaces — on any of the device’s surfaces. These sensors can take a pixelated image of a user’s hand, match it to a corresponding image on file, and configure the device’s software and user profile accordingly.

It’s a very different use of biometrics than we’ve seen in the movies. Hand and retina scanners have been touted for years as a futuristic gatekeepers to high-security buildings. This is usually a much-embelleshed version of their real-world use by businesses and government agencies for whom secrecy is a big deal. In the wider world, tiny fingerprint scanners have been built into laptops, but they aren’t widely used for the simple reason that they don’t work reliably enough.

But while it might be insufficient for security, biometrics might work just fine for personalization. Suppose my family shares a future-generation iPad that supports multiple user profiles and a version of this sensor technology. When my wife or I pick it up, the mail application displays each of our inboxes separately. When our young son picks it up, only games and other approved applications are available. If a guest or intruder picks it up, a guest profile would make none of your personal information immediately available to them.

Now, an important caveat: the personal profile dimension of this technology would frankly be stronger than the security implications. You could outwit a three-year-old, but not a determined hacker. You could hide a sensitive email from a snooping houseguest, but not a practiced identity or information thief.

This “soft-security” approach may actually be the right approach for technology companies to take with biometrics. Last week the National Research Council issued a report (sponsored by the CIA, DARPA, and the US Department of Homeland Security, among others) on the state of the art of automated biometric recognition security. The report argues that existing technologies as implemented are inherently fallible, and that more research and better practices were needed before they could be relied upon in high-security contexts.

Joseph N Pato, HP Labs distinguished technologist and chair of the “Whither Biometrics?” committee that wrote the report, wrote that we’ve been misled by spy-movie fantasies about palm-and-retina-scanning doors: “While some biometric systems can be effective for specific tasks, they are not nearly as infallible as their depiction in popular culture might suggest.”

Thinking for a moment about Apple’s user-sensitive iPad shows the limitations of biometric recognition systems. What if I put my hands in the wrong place, or can’t get the device to load the proper profile? What if my son grows up and his hands get bigger? Image-based recognition systems have to be probabilistic, with a certain amount of give, or they won’t work at all.

In fact, when the security thresholds are set too high, the committee found that the sheer number of false alarms led users to ignore them altogether — definitely a dangerous result, but one familiar to anyone who’s disabled an uncooperative smoke alarm or software “security feature.” And even in such high-security cases, an individual’s biometric traits can be publicly known or accessed, in much more prosaic and less gruesome ways than the cinematic fantasy of cutting off a hand or pulling out an eyeball.

Nope — the biometric future probably isn’t a world of impregnable security corridors protected by perfect technology that only the perfect hack can defeat. Instead, it’s a media player that (90% of the time) knows your son likes Curious George more than your Office spreadsheets. Actually, that isn’t too bad.

Image via US Patent and Trademark Office

Apple granted patent for handheld that recognizes your hands [Engadget]
United States Patent 7,800,592 (Sept 21, 2010) [USPTA]
Automated Biometric Recognition Technologies ‘Inherently Fallible,’ Better Science Base Needed (Press Release) [National Research Council]
Biometric Recognition: Challenges and Opportunities (Full Report) [National Research Council]

See Also:

• Apple Files Patent for a Smart Bike
• New iPhone Security Patent App: User Protection or 1984 iSpy …
• Apple's Macs Could Gain a Sense of Touch
• Secrecy Power Sinks Patent Case

Authors: Tim Carmody

to know more click here