While smart watches fall into the category of wearables, the ideal for security is a wearable that can’t be taken off.
Wearables: The Body Is The New Credential
Biometrics and wearable technologies can help make the authentication process frictionless. But privacy and signal-range concerns need to be addressed.
Biometrics technology has been around for many years and is typically used for access control in areas where a high level of security is needed. More recently, wearables have entered the facilities market, seeking to make the authentication process frictionless. Beyond authentication, wearable technology has a potential future application for data gathering and interaction with the built environment not possible before. “I call it the Internet of People,” says Patrick McMullan, president of Three Square Chip Companies. The idea is to incorporate people into the Internet of Things.
Biometric technology involves encoding some physical characteristic of a person and using that as a security credential. This technology takes the form of finger print scanners, iris scanners, hand and face geometry scanners, and the like. It is generally reserved for areas of a facility that need to have an extra layer of security, such as a particular lab or data rack.
Daniel Niewoehner, vice president and regional leader of science and technology at HOK, has used biometrics in biological safety level 3 and 4 labs. One challenge of using biometric technology in that environment is the personal protection equipment that staff has to wear. Two layers of gloves, a face shield, or a full-body suit make it tricky to present a finger or an eyeball for scan. Another challenge is the cost of the technology. “It’s not something that we do a lot of, but it goes part and parcel with cameras and logging systems,” he says.
True instantaneous authentication with biometrics is currently not widely possible. “There’s quite a backend that you need to hold your face and 500 other people’s faces in a database that can then instantly recognize you,” says Niewoehner. Most scanners have a keypad, he says. Once the user enters an access code, the system finds the record and matches the biometric information on file to the presented scan. The technology is not yet to the point where it can truly scan a person’s face, generate an algorithm, and authenticate from there. “The technology is getting there, it’s just not instantaneous on a commercial level,” he says.
Wearable technology is beginning to find its footing in security applications. While devices such as smartwatches and headsets fall into the realm of “wearables,” in the context of security the device of choice is a wristband you can’t take off. Or in the case of Three Square Chip Companies, an implantable RFID chip. In August 2017, Three Square Chip Companies made the news when a large percentage of its workforce signed up to have RFID chips the size of grain of rice implanted in their hands. These are used for access control at the building perimeter, and as one of the layers of authentication necessary to access the company’s network. “Certainty of identification” is the benefit, he says.
Beyond access control
While access control is one application of wearables, verification of an action is another. McMullan says his company is working on an RFID wristband which, for example, would not grant access to a food packaging room unless it verified the user had visited the hand washing station. The same could be done in a healthcare setting, he says.
The implanted RFID chip is a capable tool for security authentication, but future versions are planned which could facilitate payment, support passport identification, or store medical records, McMullan says.
One limitation of RFID wearables is the range of the signal. While it is possible to have sensors in the built environment pick up on the signal, the amount and strength of sensors needed would be cost prohibitive. More likely, the RFID wearable would be paired with a smartphone, which would then relay the desired information to sensors tied to the building automation system, says McMullan.
Email comments and questions to firstname.lastname@example.org.