Iris recognition finally seems ready to break into the mainstream.

By Robert L. Mitchell, Computerworld

At the entrance to “The Vault,” the most secure room within the most protected building operated by security services provider Symantec, an iris recognition system stands guard as the last line of defense.

Employees who make it this far have already swiped an access card and entered a PIN at the building’s main door and then submitted a finger to a biometric reader to move beyond the lobby. But the high accuracy rate of iris recognition technology, which uses near-infrared cameras to take a picture of the subject’s iris and then applies specialized algorithms to encode the image and match it to an existing record on file, makes it an ideal access control choice. After all, this is the high-security area that holds the cryptographic keys to Symantec’s certificate authority business, which provides e-commerce security services to many organizations.

“We have to make sure that no individual can compromise those cryptographic tokens, [and] iris recognition has higher accuracy and less likelihood of false positives,” says Paul Meijer, senior director of infrastructure operations at Symantec’s identity and authentication division.

Symantec’s use of iris recognition technology for an access control system in a setting where security requirements are high and cost is no object represents a classic application of the technology. But as prices have come down and the systems have become easier to use, the technology has been slowly gaining ground in more ordinary business settings in industries such as banking and healthcare.

“Cost has perennially been an issue with iris, but this trend is quickly changing,” as cameras, recognition algorithms and software have all improved, says Ram Ravi, a research analyst at Frost & Sullivan.

One reason for the rise in innovation that led to those improvements: The 2005 expiration of a key patent on the mathematical representation of the iris that previously limited what competitors could do. Since that time, open standards have been developed, says Patrick Grother, director of biometric standards and testing at the National Institute of Standards and Technology (NIST).