Biometrics seen as password replacement for DoD networks

FORT LAUDERDALE, Fla. — U.S. soldiers future identification cards will have biometrics, or human identification traits, stored within the card to more easily identify the individual, said Jon Campbell, an official with SRI International, an independent research institute.

The Pentagon has explored ways to replace the CAC card or figure out new ways to identify troops. Most U.S. servicemembers have to use their CAC cards to use their computers and gain access to classified military networks.

Campbell said that biometrics will eventually replace passwords for the most secured networks. U.S. troops who have deployed to Iraq and Afghanistan have already learned about biometrics as the military has used iris scanners to collect maintain databases of potential insurgents in both deployed locations.

Iris scans are the most secure manner to identify a person, Campbell said. It’s the hardest personal identification code to copy — harder than a finger print or facial recognition, he said Thursday in a presentation at the Association of the U.S. Army’s Winter Symposium here.

Campbell, a retired servicemember, admitted there were times he would borrow other identification badges to swipe into the Pentagon when he would forget these. If the Pentagon instead used iris scanners, which would necessitate individuals only look into a mirror, it would better protect secured buildings and keep anyone from having to drive home to pick up a forgotten identification badge, Campbell said.

He didn’t anticipate the Defense Department getting rid of CAC cards any time soon, but Campbell said the CAC cards could easily store biometrics that could be used to gain access to specific secured buildings or classified networks.

The Defense Advanced Research Projects Agency has already started research in ways to replace the password with biometrics to log onto computers. Called the Active Authentication program, DARPA has started to reach out to software firms to find ways to allow soldiers to access their computers simply by using biometrics signatures.

About the Author

Michael Hoffman
Michael Hoffman is the executive editor at Tandem NSI and a contributor to He can be reached at
  • Tad

    Having this information safely in the hands of the government is not at all concerning, of course, but what if the biometric database gets hacked by some group like “Anonymous”? Or released to WikiLeaks by some misguided private who somehow has access to everything everywhere on SIPRNet?

    • Nathan S
      • Restore Palestine

        The RSA public key encryption was once regarded as secure (by virtue of unrealistically long time required to decrypt). Do you know what happened to the claim?

    • Rock n Roll

      Biometrics have been in use for a while now. Worked for a company that used fingerprint scans for door access to just about everything. There were even a few retina scans scattered about.

      The database would probably be airgapped from the rest of the net. And even if it was hacked, they’d get nothing useful enough to gain access to anything.

      The best part about biometrics is that you actually need the finger or eye or whatever physical form of evidence needed.

    • Restore Palestine

      you are so brainwashed by government’s propaganda.


  • blight_

    Store unique hard-to-replicate information from the iris on an easy-to-steal card? Did I read this right?

    Many laptops have a fingerprint scanner. Will the next secured enterprise machine require an Iris scanner to log in?

    • YeahIWentThere

      No it will require a semen sample.

  • Dixson

    I find it amazing that a former ‘servicemember’
    ( Campbell, an official with SRI International, an independent research institute.)
    tries to peddle a product to the government by stating that he supposedly broke the UCMJ by using another servicemember’s id card to get into the Pentagon.

    “Campbell, a retired servicemember, admitted there were times he would borrow other identification badges to swipe into the Pentagon when he would forget these (sic)”.
    Either he’s lying, or he’s a cheater. Either way, I wouldn’t trust his ‘endorsement’ of this product. He’s an opportunist.

    • blight_

      Indeed, most enterprise operations that use ID cards have a security desk that can walk you through or give you a guest ID card without having to borrow cards to circumvent security.

      Waiting for iris scan devices to log onto machines. My Samsung Galaxy S3 has some kind of face recognition system for logins, but I imagine it can be easily spoofed.