IBM Adds Fingerprint Sensor to ThinkPads

Moving ahead with its plan to create a "trusted" platform, IBM will tie the fingerprint sensor to its embedded security chip. A "back-door" password is included.

IBM has added biometric security to its ThinkPad notebook line, claiming that the technology is now ready for prime time.

IBM has added a fingerprint scanner to its T42 ThinkPad notebook chassis and will offer the technology as an option on a dozen or so additional models, according to Clain Anderson, program director of security and wireless technology at IBM.

As recently as 2002, tests proved that fingerprint recognition technology could be fooled, including newer sensors that sensed the capacitance of a finger rather than optically sensing the pattern of a fingerprint.

But Anderson said the latest technology has improved over previous versions, and that the company is confident that the technology will add another layer of security. Biometrics proponents say the technology is compliant with regulations including HIPAA (the Health Insurance Portability and Accountability Act) and the Gramm-Leach-Bliley Act, although the legislation speaks only vaguely of the need to restrict access to the confidential information.

/zimages/2/28571.gifClick here to read a column about securing laptops through the use of biometrics.

IBM will tie the new fingerprint security sensor to its embedded security chip, the next step in the companys desire to create a "trusted" platform. According to Anderson, the encrypted fingerprint image is sent directly to and compared with the stored image in the security chip, instead of being transmitted over the general PCI bus.

"We never had a device before that could do the match on the sensor, passing the data back and forth, that could capture that verification between the chip and sensor and serve as an actual digital signature," Anderson said.

The fingerprint swipe can be used to unlock a hard drive as well as the general Windows logon, Anderson said, adding that he uses his own fingerprint as a token to unlock passwords tied to his IRA account and his Hotmail e-mail account, as well as other personal information.

The problem is that the sensor isnt entirely perfect, so the device ships with a "back door": an administrator password that can bypass the fingerprint sensor and unlock the system. Naturally, IBM recommends that an IT admin use a strong password, stored securely.

/zimages/2/28571.gifTo read about how Discover Financial Services plans to use biometrics to combat its rivals, click here.

However, the new fingerprint sensor offers a "thousandfold" improvement over just a password, Anderson said. The included software also provides prompts and advice to assist the user in swiping his or her fingerprint, such as instructions on how to align it with the sensor.

/zimages/2/28571.gifCheck out eWEEK.coms Desktop & Notebook Center at for the latest news in desktop and notebook computing.