Remember when we were all told how great fingerprint authentication was? And then as it went it actual use, it suddenly turned out to be much easier to fake (or fail) than first thought? Aaaah, those naive days of yore...
Now Hitachi is kicking off a full release of their contact-less finger vein authentication device and SDK right around the world. Apparently finger vein pattern is "impossible to counterfeit because the vein is inside the body". Even iris-scan biometric data can, apparently, be acquired without the knowledge of the individual. Surely in future this idea of "knowing consent" could be defeated by chopping off the finger and setting up some funky bloody pumping system to keep it 'alive' for the biometric check? Y'know, like in the movies!
How does it work?
In operation, the process of data collection is based on a contact-less principle. Light penetrates through the finger using a light-transmission technique to allow the detection of the structure of the vein pattern.
The vein pattern is image-processed and uses a special algorithm resulting in digital data that can be stored in a relevant data repository. The device is compact and can be applied in a variety of ways including car entry, personal authentication, PC login, and validation for ATM machines.
In other words, it takes a fancy infra-red picture of your finger.
Accuracy stats put false rejection at 1 in 10,000, and false acceptance at 1 in 1,000,000.
This is commercialised in Japan (of course) and Hitachi believes it is fast becoming a de facto biometric standard, with 80% of banks in Japan adopting finger vein biometrics. No price available... but I think if you want to use this level of biometric validation, the money isn't really a concern.