One of the interesting areas of security is Biometrics -- using technology to scan fingerprints, retinas or the whole body to positively identify someone. The leading company in this area is L-1 Identity Solutions (ID). The company was formed by the merger of Identix (fingerprints) and Viisage (facial features). It has a $1.5 billion market capitalization, almost 10X sales, and is not making any money, yet the stock is near its 52-week high.

When most people think of biometric identification, using fingerprint readers, retina scanners or full-face video scan and compare, they immediately think of applications like stopping terrorists from getting on planes, or allowing access to top-secret government facilities. But it turns out that the real market is commercial applications to reduce the time required to wait in line while someone checks an ID. In the last year, Pay By Touch supermarket systems that combine a fingerprint scan with a seven-digit phone number have replaced credit and debit cards for three million users in the U.S. In Japan, more than two million people use a palm scanner plus a debit card and PIN to get cash from an ATM. The Dutch bank ABN AMRO uses voice technology to verify a customer's identity for telephone banking.

You may have seen the built-in finger scanners on many new laptops, especially those shipping with Windows Vista, or on high-end cell phones. You can buy the same technology for your house and garage door locks, or a safe. It even comes in some memory sticks and flash drives, just in case you lose it or a bad guy gets hold of it. If you log on to your company's computers from home, they may be tracking your typing rhythm to be sure you are you.

The sudden commercial interest in biometrics comes from the two benefits of all advancing technology: It got better and cheaper. Fingerprint and palm scanners used to have problems with farmers and others who worked with their hands, children or other people with small hands, sweaty hands, and so on. And the terminals cost a bundle to build and deploy. Now, with ever-cheaper and more powerful microelectronics to improve functionality and reliability, plus the Internet for virtually no-cost communications, biometrics can grow rapidly.

At the same time, Federal regulations are tightening. Banks are now required to have two-factor identification -- something you know plus something you have -- to reduce online fraud due to identity theft, since the simple stored account number and password is too easy to hijack. So they are using the password -- something you know -- plus things like RSA tokens, fingerprints or keystroke dynamics -- something you have or are -- to identify you. I used an RSA token for years to get on my Bloomberg system, but tokens can be lost or stolen -- some people have been known to forget to bring them to the Money Show -- and they are expensive. Bloomberg moved to fingerprint ID a couple of years ago.

At this point, the big drivers for biometrics adoption include: 1) Retail, which accepts a lower level of security in favor of convenience, and 2) Banking, which accepts a lower level of convenience in favor of security. In the retail world, there is always a clerk watching the transaction, so a thief only gets one or two chances to fake their ID. In online banking, a sophisticated hacker could get hundreds of tries, so banks demand more complex systems. But eventually these two applications will converge into something that is both more secure and more convenient than today's systems. At that point, we should see an explosion in biometric revenues, as systems move to Internet and cell phone transactions. That will also drive the current proprietary systems into a common standard; so for example, any fingerprint sensor on any laptop will let the user log in directly to any website.