Entrepreneur York Freund is the CEO of Point Bearing, a new company using Biometrics to ensure that people are entitled to see only what they are supposed to and increase data security for companies in a variety of fields.
Biometrics is the science of using features that are innate to a person such as a fingerprint, retinal scan or even their face to allow them access data or facilities and control what level of access a person has.
Point Bearing already has a proof of concept model of their work; one of the company principals developed a Driver’s License System for the Government of Panama that used the license recipient’s fingerprint to identify them at the time they received their license.
After this work, York and his two partners, David Mooney and John French knew that there was market for the technology and compiled a telling case of statistics to support their case (these are some highlights, they have plenty more):
1) Since 2005, there have been 353 million U.S. reported security breaches (Privacy Rights Clearinghouse). Each record breached costs an average of $202 to remedy (American Banking Association). This calculates to losses totaling $72 billion since 2005.
2) On average, each major corporate data breach costs $6.5 million per incident. This problem continues to accelerate as the use of online technologies becomes more pervasive (an August 2009 American Banking Association survey indicates that 25% of all banking transactions are now transacted on line). Businesses across the world lose $221 billion a year due to identity theft
3) A 2007 survey commissioned by the American Banking Association found that eight in ten banks (80%) incurred check fraud losses in 2006, up from 75% in 2003.1 In 2008, existing account fraud in the U.S. totaled $31 billion. The mean cost per victim is $500
4) Factoring in the additional cost of lost/stolen merchandise, U.S. retail merchants are suffering a total industry-wide fraud loss of $191 billion. Merchant segments reveal a higher prevalence of fraudulent transactions, with large e-commerce retailers seeing a 40% an upsurge.
The way Point Bearing does their work is through the use of a smart card embedded with a user’s biometric data as well as a processor. The key advantage of using the card is that if someone loses it, a would be hacker can’t use it without the biometric data that only the original user has (retina, finger print, etc).
Point Bearing uses these smart cards with their T.E.C., or “Trusted Exchange Controller” that Freund describes as, “acting as a front end to an Internet application.”
Another example Freund gives is that of a doctor/patient relationship and if each were to use the card: To comply with HIPAA laws, the cards could be used to show the patient things like their complete medical history as well as their financial history as it relates to their medical care. The system would allow the physician to see all of their clients’ medical histories but not things like individual financial histories.
It is no secret the medical system is fraught with different establishments using different systems and oftentimes patients having to get the same x-ray and/or test done multiple times because medical records aren’t shared. With a system like the one Point Bearing has developed, this kind of waste could be eliminated.
Says Freund, “80% of data fraud is done by people with access to a system who then abuse their access to get to data they shouldn’t be using.” Point Bearing makes this impossible.
To date, Point Bearing is bootstrapped and is seeking “less than $500K” in financing and also has two proposals out to the Department of Defense through DARPA.
Later iterations of their product will integrate with USB and mobile phones as well.
Here is a video with York Freund I demonstrating the system used for the Panamanian government. (please excuse the bad lighting for the first half)
Point Bearing: Identity Authentication Through Biometrics from Edward Domain on Vimeo.
View Comments (1)
With all of the "Trusted Exchange Controller" niceness, it wouldn't really matter unless you had a proximity sensor to detect a nearby electronic device that will disable console control no matter what type of device was near it... AND it trips an alarm and respins the last few minutes recorded in the environment in real-time to more than just the on-site admin.
When you go through enough trouble, the complexity of deterring the deterrent will inevitably decrease loss from fraud and IP theft.