I enjoyed reading your analysis and agree – “stand alone biometrics are simply too weak”. Earlier this month (feature article in the November Issue), I co authored an article for Biometric Watch – http://www.biometricwatch.com/BW_35_November_2006/BW_35.htm
with two colleagues specifically on privacy issues in biometrics. We believe that in order for the biometrics market to expand – the owner of any biometric should be in control of its use. The purpose of our article for BW’s reader base – eliminating the “market value” of the biometric identifier in order to protect it from theft is better than any other known protection (firewalls, encryption etc.)

I am a member of a company focused on biometric information security and building OEM products that secures integrity and privacy issues related to biometrics. The name of our company is PISI; please see http://www.recoverablebiometrics.com for more details. PISI’s solutions are designed to protect biometric data “prior” to transmission as well as installing recoverability of a biometric if that data is ever stolen or abused. With a slight shift in biometric deployment methodology, our products enhances any biometric by interweaving complex, non-linear, mathematical and/or mechanical attributes (with biometric data) creating methods of combinational processing of biometric data. The result of which is defined as “identity”. Biometric-based identities possessing two or more attributes or “degrees of uniqueness” are replaceable, also installing complete privacy for the user as well as enhanced security and trust of any biometric.

Thank you,
Andrew J. Polcha