Friday, September 19, 2014

Passwords vs. biometrics (GCN)
The password by itself actually is a pretty good tool. It is simple to use, easy to implement and can be reasonably strong. The problem is one of scale. For a user juggling passwords for multiple accounts and for administrators juggling many users, the system quickly becomes unwieldy, and strong security begins to break down. In addition, the steady growth in computing power erodes password security by making dictionary and brute force attacks more practical.

Biometrics – the use of physical traits such as fingerprints, irises, faces or voices to identify persons – is more complex, but is becoming more practical. It offers the promise of better security based on the premise that there is only one you.

Yet it has its drawbacks...
See also:
January 17, 2012 More on the Awesomeness of Passwords
India Fingerprint Biometrics Market (2014 - 2020) (6Wresearch)
According to 6Wresearch, India’s Fingerprint Biometrics Market is projected to grow at a CAGR of 35.1% during 2014-20.Though, in overall fingerprint biometrics market, government, travel & transportation application captured lion’s share, but in the forecast period its share is likely to decline, owing to increasing penetration and adoption in other application markets such as healthcare, banking & financial, retail and commercial offices.

Thursday, September 18, 2014

Mobile face and voice combo tested by Mastercard

Mastercard voice and face recognition acheives 98% success rate (Computer Weekly)
The payment card company created a mobile app to test voice and facial recognition technologies on more than 14,000 transactions.

Mastercard employees around the world carried out the tests on Android and iOS operating systems. The process took less than 10 seconds for most transactions.
We discussed why face and voice biometrics were likely to be strong candidates for mobile biometrics here in 2012.

Wednesday, September 17, 2014

Obviously

Comment: Are biometrics the future of retail payments? (Essential Retail)

The author doesn't answer his own question, but I will.

Biometrics are at least part of the future of payments. The billion dollar questions are: How? & When?

Novel biometric modality: Brain prints

'Brain prints' the new biometric identifier (WhaTech)
We've had fingerprints for years as unique identifiers of individuals and in recent times their uniqueness has been successfully employed for access control. More recently they've been followed by voiceprints and iris scans as unique personal attributes that can be used for access to information systems. But brain waves?
Let's not get ahead of ourselves. Though there is little doubt that if any behavioral biometric can be used as a reliable identifier, evidence for that uniqueness can be found in the brain and measured, brain prints as ubiquitous biometrics face every obstacle we discussed in our post, The challenges confronting any new biometric modality and then some.

The linked article doesn't make any mention of the sensor to be used to collect brain prints, much less offer a vision for how a future identification scenario might work.

This is one of those subjects that is intensely interesting from a Ph.D.'s point of view (invention) but not so much from an engineering or business perspective (innovation). Brain prints as a biometric will face significant — I dare say insurmountable — challenges in finding its way into wide use as a commercial ID management application any time soon.

More European biometric banking

NETHERLANDS: ING launches voice-recognition banking app (Computer Weekly)
Dutch banking group ING Netherlands has launched a banking application that can be navigated using voice recognition.

The firm hopes future generations of the app will use biometric voice recognition for user authentication to replace PINs.
Keeping in mind the difference between voice recognition and speech recognition, biometric ID management technologies sure seem to be gatting a lot of traction in the banking sector. This appears to be the case especially in Europe where banking security already far exceeds what you typically see in the United States as chip on card technology for bank cards has been standard in Europe for a long while now.

Perhaps it's about time the United States gets in on the leap-frogging game. An interesting fact in this case is that a Dutch bank is implementing banking security two generations more advanced than US banks use and they're doing it with voice recognition technology developed in the United States.

Tuesday, September 16, 2014

FBI switches criminal ID information systems

FBI: Full Operational Capability of the Next Generation Identification System (FBI Press Release)
The Federal Bureau of Investigation (FBI) Criminal Justice Information Services (CJIS) Division announced today the achievement of full operational capability of the Next Generation Identification (NGI) System. The FBI’s NGI System was developed to expand the Bureau’s biometric identification capabilities, ultimately replacing the FBI’s Integrated Automated Fingerprint Identification System (IAFIS) in addition to adding new services and capabilities.
...
The IPS [Interstate Photo System] facial recognition service will provide the nation’s law enforcement community with an investigative tool that provides an image-searching capability of photographs associated with criminal identities.
The transition appears not to have been completely smooth, but it also looks like normal service is being restored to those who rely upon the FBI's ID infrastrusture.

National Instant Criminal Background Check System (NICS) reports problem-free weekend after a week of issues (Guns.com)
The system started experiencing problems Sept. 6, when the FBI implemented the Next Generation Identification system — a $1.2 billion biometric system that recognizes facial features, scans irises, and reads palm and fingerprints to identify criminals — to replace the single sourced Integrated Automated Fingerprint Identification System.
INDIA: Government May Move Aadhar Project To IT Ministry (Business Insider)
The government is looking for a new parent for the Unique Identification Authority of India (UIDAI) as it prepares to wind up the Planning Commission, which had so far been the administrative authority for the body that has been tasked with issuing chip-based, biometric photo ID cards, called Aadhar, to all Indians.
Biometric security: giving cyber criminals the finger (Finextra)
If biometric systems prove to be as effective at preventing fraud as Barclays promises, finger vein scanners are likely to be a big step in the evolution of digital banking security. Our recent research reveals that 79% of Brits are eager to ditch their passwords in favour of biometric security measures like finger vein technology.

Thursday, September 11, 2014

After further review...

India's biometric ID project is back on track (PC World)
The new Indian government has indicated strong support for a controversial project to require residents to have biometric IDs in order to collect government benefits, setting a target of 1 billion enrollments by 2015.

The status of the project was in doubt when a new federal government was voted in last May, as the winning Bharatiya Janata Party had said during the election campaign that it would review the program. The new target signals the new government’s backing of the Unique Identification Authority of India (UIDAI), which was largely seen as a project of the previous government led by the Congress party.

Wednesday, September 10, 2014

Mobile devices pose privacy risks and biometrics can help

Forget silly privacy worries - help biometrics firms make MILLIONS (The Register)
Tech firms are set to experience a biometric bonanza - as long as they can persuade ordinary folk to give up worrying about their privacy.

That's the claim in a briefing note from “growth consulting firm” Frost & Sullivan, which suggested the number of smartphones equipped with biometric gubbins will soar from 43 million to 471 million by 2017.

This, according to the beancounters, means the biometric revenue from smart phones will soar from increase from $53.6m in 2313 to $396.2m in 2019, amounting to an annual growth rate of 39.6 per cent.

“Due to existing hardware capabilities across devices, most of the growth is expected from facial and voice authentication technologies,” said Frost & Sullivan ICT Global Programme Director Jean-Noël Georges.
The goals of mobile device fingerprint technology are the epitome of privacy protection. Mobile fingerprint technology doesn't spy on users and, by itself, it's hard to see how it can create commercially valuable information for a third party to sell. It is put in place to make the "always on," web-connected pocket computer a more secure platform from which to perform the functions financial institutions and users seem to want.

Dick Dastardly - not a banker or 
biometrics executive
The other two biometric technologies mentioned by the author, face and voice recognition, would perhaps be easier to abuse by a third party. The more acute risk to individual privacy associated with mobile biometrics, however comes not from a bunch of moustache-twirling banks and biometrics companies, but from flippy birds and fuzzy bunnies, or downloaded apps accessing onboard biometric technology for no other reason than to sell on to its customers the information gleaned. But that type of privacy risk is inherent in mobile technology. With its location services, cameras, microphones, wifi, NFC and bluetooth, modern mobile devices already contain an astonishing array of sensors and communications devices waiting to be abused or used in ways consumers don't necessarily anticipate, and that's happening right now.

Biometrics didn't create this situation but they might be able to help.

Tuesday, September 9, 2014

The future of large scale deployments

The rise of biometric banking (The Conversation)
Although not yet commonplace, biometrics are expected to become so over the next three to five years. Currently, the biggest users are governments which have already implemented biometrics into citizen identity documents (such as passports and national ID cards) and it is estimated that by 2015 biometric citizen IDs will outnumber non-biometrics by 4:1. In 2006, the UK joined 40 other countries in introducing e-passports that use facial recognition technology to authenticate citizens.
Read the whole thing.

Oman bank fingerprint biometrics

OMAN: Royal Omani Police (ROP) & Bank Muscat biometric system compatible with the national ID card
The biometric identification system available across the bank's network of 138 branches is aimed at improving efficiency and speed of transaction especially when opening new accounts.