News Article
 
Profile

Fingerprint Evangelist


This is the account of a meeting with a man who began his business career in his family business even while he was studying towards his Bachelor of Commerce degree, got into the video cassette library business, made his first pile of money when it was still lucrative, sold off the operation while the going was still good. Then, he got into the cable television business, made his second pile of money when it was still lucrative, and sold off the operation while the going was good. Then, for a brief while, he took up an offer of heading a short-lived TV channel, knowing fully well that it was unlikely to succeed. For the past four years, he has been at the forefront of pushing another exciting new technology – application of biometrics in identification and access control applications – years before the rest of us in India have woken up to its possibilities.

Whatever one may say, one certainly must admit that here’s a man who can spot future trends – and put his finger on the critical variables (or core factors) in every business he decides to get into. Rajesh Haldipur of Indian Management recently met Girish Podar, the bright businessman with an eye on the future, to learn more about what makes him tick, and about his latest passion, biometrics, the applied science of using body measurements. He can be contacted at jaypeetex@vsnl.com


Why Fingerprinting?Biometrics Round Up

There is nothing flashy about this man, except for is ever present bright smile. In the course of the conversation, I would also gather that this is one man who has his feet planted firmly on earth, though his business had him once wandering in the sky, tracking satellites.

Girish Podar, a businessman on the “mature” side of his forties, was reticent at first to talk about himself, but after a few pointed questions, he warmed him up to talk about the technical aspects of his business.

Girish started his career in 1971 while still in college, taking charge of the taxation and export departments of his family business, which was, inter alia, trading in textile mill consumables. Till 1982, he was quite content running his family business. Till the textile strike left their business “in the wilderness”, when he got into the “video cassette library” business, which was just picking up. He made good money, he says modestly, till in the early 1990s, he realized that the near future lay in cable TV, which would make video obsolete. So while the going was good, he took a hard decision – he sold the business he had nurtured for nearly a decade. Which of course, is a kind of decision so few of our industry leaders are able to take in time.

From 1st January 1991, he commenced business as a Cable TV Operator in a large, upcoming residential complex just outside Mumbai (Vasant Vihar in Thane). His business grew in direct proportion to the mushrooming of the residential complex and nearby areas. Of course, seeing easy money, there were several who tried to muscle in. He had to stave off, at various times, collective demands from certain building residents to reduce monthly charges, and encroachments on to his “territory” by neighborhood slum area entrepreneurs. How he did both are worth learning a few lessons from. He tackled the demand of the residents’ head on asking them first whether they were dissatisfied with the service, which they were not. As for their demand, therefore, he told them roundly that he does not ask them how much each of them earned. So they ha no right to question his profitability. So they decided to discontinue his service, and went scouting around for other operators.

But this time, they drew a blank, because of two things. First, he had set up his network so that it was very easy for him to enforce payment through swift disconnections of defaulters. So the residents immediately started missing what they had got used to.

(This is something our State Electricity Boards could emulate with great benefit). Second, to stave off competition on his turf, he had willingly allowed some (really small time) operators who wired up nearby slums, to transmit his feed, so they did not have to invest in space and a dish antenna. The condition was that they would not poach on his territory, which were the residential buildings. Obliged as they were to him, they refused the overtures of the residents. And any other entrant was effectively blocked because of the advantage he had of an excellent existing infrastructure built through an early start, which no new operator would match at his rates, which actually passed on some benefit of already amortized investments in equipment to subscribers. So inn just a few weeks, he got back the business he had lost earlier. However, the same unemotional hard-headness he had displayed earlier was brought into play in this business too, when he realized that the game was nearly up for the small player and that soon, the Big Fish would swallow the small fish. So he sold out the cable TV franchise too.

At around a same time, a family friend who wished to get into the business of TV channels asked him if he would give him the benefit of his experience in entertainment electronics by heading the channel. The first question he asked was, which satellite was he going to beam signals from? A Russian satellite, he was told. 

 

He knew this satellite from his cable TV days, and told him that this satellite had the reputation of being a “wandering” satellite, which meant that the signal from it would not be steady and reliable. That could just take the bottom of his market. But then, he was told that that angle was taken care of. Would he just take over?

Since they were paying very well, and he could spare substantial time from his family business (which was still going strong, except for a brief four-year hiatus in the early 1980s), he agreed. And became the CEO of the “Aurovision” channel for 4 months, of which he spent 60 days setting up the business (learning a great deal about several aspects like advertising, marketing, systems, transmission, software procurement, etc.) and 60 days transmission, after which the bugbear he had warned of came home to roost, and with no transponder time available at competitive prices elsewhere then, closing down was the only option he could recommend to the promoters.


 
“He made good money, he says modestly, till in the early 1990s, he realized that the near future lay in cable TV, which would make video obsolete. So while the going was good, he took a hard decision – he sold the business he had nurtured for nearly a decade…”

Around the same time, through his brother Santosh, who is settled in the United States, and who had befriended Kevin Burke, one of the world’s foremost (Top Five) fingerprint identification systems experts, his interest in Biometrics had perked up. So after Aurovision, he decided that Biometrics was the future, and got into concept-selling biometric solutions, with a company in the United States called Advanced Integrated Technologies set up by Santosh and Kevin, with himself and Kevin’s brother Neil also having a share. This company makes the AFIS (Automatic Fingerprint Identification Systems) hardware. While they sell it in the developed world, he sells and supports the same in India.

Of course, it has been tough going, but the results are now clearly visible. Today, after nearly four years, they have several prestigious installations like the Escorts Heart Institute and Research Centre, The Provident Fund Commissioner’s Office, Employee State Insurance Commissioner’s Office, several Defense Departments all over India and several Police Departments. Now, the world has come to realize that fingerprinting is the way to go. Indeed, fingerprinting, or electronic equivalent of biometric samples, might just find their way into the cryptography techniques and standards, which will make fingerprint readers a must for every e-commerce transaction. So it is conceivable in the future that every PC will go with a fingerprint reader, which could act as the biometric identifier / verifier for transactions done online. Already, they have a small model of such a reader, which looks more like a real mouse than the computer mouse we know, which enables a Personal Computer to really become personal by allowing access only using a specific fingerprint (s) as a password.

Moreover, he is working on a scheme to make it possible, with a bit of financial engineering to reduce the cost barrier, which is currently limiting growth, very significantly. If that works out, he says, the business might just take off. This, he says, will enable huge reduction in costs for manufacturing industries everywhere through biometrically operated time offices, which seamlessly integrate with the payroll system.

Of course, Girish Podar’s enthusiasm is infectious, and we have learnt enough about biometrics in general and fingerprinting in particular, to carry the two accompanying boxes which will be instructive to our readers. We wish this farsighted businessman all luck, for he could just be one of those pioneers who put India on the path to leapfrogging into the 21st century technologically.

Positive user authentication is the key, but it must be easy to use and cost effective; therefore, finger imaging is the answer. Why finger imaging is the best:

    Fingerprints do not change over time.

    Fingerprints stop unauthorized access.

    All fingers are unique, which allows each person to have ten easy to use identifiers.

    Base of all world-wide identification.

    Fast and easy to use.

    We do not forget our fingers.

    Users respect them, fraudsters are afraid of them.

    Low-cost solution.

    Protects privacy.

Employee Identification – system sign-on / supervisor override. Biometrics can also be employed as a replacement for lost passwords and / or cards in a computer security system. With biometrics, there is no need for password maintenance or changes. A biometric cannot be lost or forgotten, so there is no need to reset passwords. The risk of one operator obtaining another’s password (which can happen when employees write their password on a piece of paper or the underside of their keyboard) is eliminated.

In case of transactions requiring supervisor approval or override, the supervisor cannot give his or her password to someone else. They are required to look at and approve the transaction themselves. As a biometric creates a positive audit trail, there is also no question of who processed or approved a given transaction.

Barclays Bank in the United Kingdom currently has a pilot system in place providing network security for their internal local area network in the Barclays Emerging Markets Group. A US-based securities firm has also piloted a biometric solution for network security.

Joel Lisker, Senior VP – MasterCard International in charge of Security and Risk Management, was quoted by Oscar R. Pieper, President, Identicator, in his testimony before the US House of Representatives Committee on Banking and Financial Services, on Biometrics and the Future of Money, on May 20, 1998.

“Fraud thrives on anonymity, and verification of a card holder’s identity through biometrics is one of the keys to reducing anonymity and winning the war against fraud. At the same time, it is critical that companies maintain a delicate balance: significantly reducing fraudulent transactions through a biometrics solution, while protecting the identity of the contributing cardholder.

After extensive testing and study, MasterCard has determined that the finger minutiae solution provides the highest degree of reliability, combines with a remote enrollment capability ease of use at POS and a higher level of consumer acceptance (based on a survey of more than 900 consumers) than other biometric technologies available today. Moreover, it is estimated that finger minutiae technology, implemented on a global scale, could cut industry fraud losses by between 50% and 60% per year.

A finger minutia holds enormous promise. It offers a near-zero percent false rejection rate and is cost and memory-efficient. Finger minutiae are safe, repeatable and reliable, yet it does not infringe on consumers’ privacy. Because it only requires installation of a compact direct finger reader at the point of sale, it is a “small footprint” solution, as opposed to hand geometry readers and iris or retinal scanning equipment, which typically can be both bulky and expensive.”

- Rajesh Haldipur, with input from Girish Podar.

Verification

When you enter your PIN at the ATM, you are not identifying yourself. The ATM card itself is the identification. By inserting the card into the ATM, you are claiming to be the person whose name is imprinted on the front of the card. The PIN serves only as a verification of this fact. By entering the correct PIN, the system is able to presume that it is dealing with a legitimate cardholder, and not someone who found the card on the street. This is based on the premise that only the legitimate cardholder should know the PIN.

Biometrics in their current state of development, are excellent at performing the verification step currently accomplished by PINs (or in the case of computer logins, passwords). At the ATM, you would still present your card to claim your identity. However instead on entering a PIN, you would submit a biometric (fingerprint, voiceprint, etc.) sample to verify that you are the legitimate holder of that card.

An inherent advantage of biometrics over PINs is that only the legitimate holder of the card can have the correct body part to verify successfully. There is no way of a typical customer transferring biometric information to an unauthorized user (whereas a PIN could be read over your shoulder as you enter it, could be written on the card itself, or verbally communicated to a friend).
 

Identification

Biometric technologies are moving in the direction where no claimed ID is needed, and a true identification can take place. In this case, you would walk up to an ATM, submit a biometric sample, and get your money, without using an ATM card to claim an identity. Here, the biometric is actually identifying you, as opposed to verifying a claimed identity, as described above. The technologies that lend themselves to this are retina scan, iris scan, facial heat pattern, and fingerprints.

While verification is one-to-one search where a claimed identity is proven valid or not, identification is a one-to-many search where someone is identified with no prior claimed identity. Generally, every biometric is more accurate at performing verifications than identifications.
 

The Identification Technologies

The technologies that can currently identify are often less desirable to use (more effort, higher perceived intrusiveness) than other technologies, and many are still under development.

Retina : Currently in production, and can perform true identification. Biggest drawbacks are the effort involved on the part of the user, and the perceived intrusiveness of the technology.

Iris Scan : The passive version of this technology (where you do not have to self-focus) is still in prototype. The current commercial version of Iris Scan is capable of identification, but has some drawbacks as Retina: effort involved on the part of the user, and the perceived intrusiveness of the technology.

Facial Heat Pattern : While this technology can perform identification, it is in an even earlier prototype stage than is Passive Iris and is likely to have perceived intrusiveness problems.

Fingerprint : Actually the least capable, but also the least intrusive and cheapest at performing identification among those that can. Currently, forensic applications use the identification capability of fingerprints to narrow a search to the most likely 10 suspects. Using more than one finger increases the identification capability, but increases the amount of effort needed by the user and increase the perceived intrusiveness. However, for verification purposes, fingerprints are possibly the most cost-effective solution, and are likely to remain so.

Other Technologies : The remaining technologies (e.g., Dynamic Signature Verification, Voice, Face) are generally not accurate enough to identify a customer and are best suited as verification technologies.

- Rajesh Haldipur, with input from Girish Podar.