Standards? We Dont Need No Stinkin Standards!

By eweek  |  Posted 2001-03-12

Perhaps the biggest current obstacle to the development of the biometrics market is the lack of well-developed or adopted standards. Until recently, with demand limited to extremely high-security projects primarily in the public sector, there has been little call for them. The emerging market has only just begun to become large enough to attract the attention of established applications developers, and, as a result, hardware developers have had little motivation to move away from proprietary designs.

As a result, the hardware market remains a hodgepodge of incompatible, single-source gadgets with no common benchmarking tools. Even worse, the process of integrating with applications authentication processes often amounts to kludging together different software layers that hide the old password-based structures but still rely on them. While a user may never have to use a password, its still passed around the network where it can be intercepted and stolen.

Enter the BioAPI Consortium. Formed by a mix of hardware vendors, government agencies and biometric developers (including Intel, Compaq, Iridian Technologies and the National Institute of Standards and Technology), the Consortium started in April 1998 the development of a set of biometric APIs intended to promote industrywide plug-and-play interoperability of biometric hardware and software. The Consortium released the BioAPI 1.0 specification in March 2000, and completed a reference implementation five-and-a-half months later. In an effort to speed development of standardized hardware drivers, Microsoft acquired an earlier standard under development, the biometric API (BAPI) in May 2000. BAPI is included in the BioAPI specification, but is independently developed by Microsoft and I/O Software Inc.

Rocket Fuel