Friday, October 24, 2014

Interpol meeting to discuss facial recogntion

INTERPOL to begin the process of developing international facial recognition standards (Eurasia Review)
The two-day meeting (14 and 15 October) gathered 24 technical and biometrics experts and examiners from 16 countries who produced a ‘best practice guide’ for the quality, format and transmission of images to be used in facial recognition. It will be circulated to all 190 INTERPOL member countries to serve as a guideline for improving the quality of images necessary for accurate and effective facial recognition.

Thursday, October 23, 2014

India: Critics coming around on UID?

Home Ministry praises the Aadhaar project (Economic Times)
Once a strong critic of the Aadhaar project, the Union home ministry has now effusively praised the project in a letter to all states, saying Aadhaar's biometric identification process eliminates "the threat of any fraud or bogus activity."

LA County: Stop and Scan

The Pasadena Weekly has just published an article purporting to describe LA County's plans to populate the FBI's next generation ID system with data gathered in the field.
On Sept. 15, the FBI announced that the Next Generation Identification System was fully operational. Now that the central infrastructure is in place, the next phase is for local jurisdictions across the country to update their own information-gathering systems to the FBI’s standards.

When the system is up and running in L.A., any law enforcement official working in the county, including the Los Angeles Police Department, would collect biometric information on people who are booked into county jails or by using mobile devices in the field.

This would occur even when people are stopped for lesser offenses or pulled over for minor traffic violations, according to documents obtained by The Center for Investigative Reporting through a public records request.

Officials with the Sheriff’s Department, which operates the countywide system, said the biometric information would be retained indefinitely — regardless of whether the person in question is convicted of the crime for which he or she was arrested.
If this report is corroborated, I suspect we'll be hearing a lot more about this.

Tuesday, October 21, 2014

Spain-Gibraltar border getting biometrified

Spain’s Ministry of Security to implement biometric border control management system (Biometric Update) — "The budget to implement all changes for the smart border between La Linea de la Concepcion and Gibraltar will amount to 7.3 million euros."

Turkey looks to biometrics to enable structural change

Upcoming reforms in Turkey to ban any actions against statehood (Trend)

UPDATE:
Via twitter, @canmutlu writes that the article linked above refers to biometric national ID cards rather than (as the article states, twice) passports.

This rings true from a practical standpoint, and based upon this short article from Planet Biometrics: Turkey’s PM unveils biometric ID card plan.

We very much appreciate his pointing this out.

UPDATE II:
It looks like someone at Trend got the message, as well.

New biometric identity cards to be issued in Turkey (Trend)

Monday, October 20, 2014

Protecting customer data

After Massive Data Breaches, Businesses Move to Make ID More Personal (ABC News)
The cost of a data breach is terrifyingly high. Home Depot estimates that the massive data breach that affected 56 million customers this summer will cost the company several hundred million dollars—and that’s the figure they are using to assuage fears on the Street. The reality is probably much higher. Target’s breach may top out at the $1 billion mark. While the jury hasn’t even been empanelled as to what the JPMorgan breach will cost, it will leave a mark that will no doubt make news down the line.

With so much to lose, the implementation of biometrics-based consumer authentication may be the cheaper option for companies that handle the kinds of information hackers find so irresistible.
We've been saying it for years. All databases containing sensitive customer information should be biometrically protected. It's just good business.

Australia: "Foreign fighters" bill invites debate

Opposition grows to storage of photo and biometric data (Sydney Morning Herald)
The legislation specifically clears the way for all Australians as well as foreigners to be photographed when they leave Australia and when they return if they go through automated passport gates – which are set to become far more commonly used.

The department estimates that between 40 and 60 per cent of the 35 million travellers leaving and entering Australia each year would be photographed, many millions of them Australians.

The department can also share the biometric information for "specified purposes" according to the bill's explanatory memoranda, though it does not explain what these purposes are.
"Critics say the danger of such information being hacked is profound, given many personal electronic devices are now secured by fingerprints and iris scans."

A couple of points that we've made before come to mind here.

First, if the government of Australia is incapable of keeping citizen information secure from hackers, is the biometric information of international travellers really a top-order concern? Surely, the government already secures information that is much more valuable to hackers than that.

Second, passports are interesting in that they aren't just ID's. They're also an interoperability technology, a way two governments facilitate their agreement related to the treatment of civilian citizens traveling abroad. They only work unless there's a government on both sides of the equation and any government on its site of the border can collect just about whatever information it desires as a condition of allowing a non-citizen entry into its territory.

Even if Australians reject the "foreign fighters" bill, they will still be subject to the information requested of them by the countries they visit, and that information can be shared back with Australia on a government-to-government basis.

With globalization and the lowering of cultural boundaries among the international travel set, it can seem like international travel is no big deal. Brussels is, in many ways, a lot like Washington, DC. But international travel is not without security risks to the visited country and international travelers should always be aware that their legal status outside their home country is very different than it is at home.

Abu Dhabi bank to introduce voice recognition technology

UAE: End of the Pin number? ADCB to launch voice recognition service (The National)
The biometric technology used by ADCB works by comparing the caller’s voice to a pre-recorded sample given by the client, ADCB said.

That will allow customers to get on the phone with a bank representative quicker while reducing the chances of fraud.

“In this competitive environment we need to make sure that customer convenience and ease of access are effectively balanced with information and transaction security,” said Ravi Nair, the head of customer experience at ADCB. “The voice biometrics technology will play a vital role in ensuring increased security and convenience at the same time, while making client calls shorter and reducing our overall cost to serve.”

Friday, October 17, 2014

Here we go

MasterCard teams up with Zwipe to launch first payment card with fingerprint sensor (CIO)  — The built-in biometric sensor is used to authorise payments in less than a second instead of the traditional chip and pin method.


Alipay, the Alibaba Group unit that is China’s largest electronic payments service, is now rolling out biometric authentication (Pymnts.com)

Wednesday, October 15, 2014

No need to mischaracterize voice biometrics in call centers

Amidst all the attention banks are receiving over the use of voice biometrics to prevent fraud, It's worth noting a couple of things.

First, according to the widely linked AP article, "The technology, sometimes called voiceprinting, is aimed at bad guys rather than legitimate customers, but legal and privacy experts alike still have reservations about the practice." So, the systems in place seem to work by collecting information on known and suspected fraudsters and placing them on a watchlist (listenlist?). This makes sense. Technically, it's far easier to be on the lookout for a handful of persons of interest than it is to make a positive ID on every single caller.

Second, there are a lot of way over-hyped headlines out there that make it appear as though financial institutions are collecting voice biometric information on unwitting customers on a vast scale.

Take:
Some Banks Collect Voiceprints During Service Calls to Identify You (Salon) 

Technically, this Slate headline isn't even true since according to the source it cites, the voiceprints are being used to identify fraudsters, not to verify the identities of account holders.

Then there's this.

Banks Harvest Callers' Voiceprints to Fight Fraud, which is the unfortunate headline of the very AP article that acknowledges that the systems function as criminal watchlists rather than a "harvest" of biometric information.


Monday, October 13, 2014

New iPad Air Leak Shows Touch ID Sensor (Web Pro News)


Indians give nod to surveillance of govt officials (Today Online) — The new transparency scheme for government employee time-and-attendance seems popular.

Banks Use Callers' Voiceprints to Fight Fraud

Computers with voice recognition are being used--sometimes discreetly--to add extra security during calls with customers. (Inc.)
"We lost everything," she said. "Can you send me a card to where we're staying now?"

The card nearly was sent. But as the woman poured out her story, a computer compared the biometric features of her voice against a database of suspected fraudsters. Not only was the caller not the person she claimed to be, "she" wasn't even a woman. The program identified the caller as a male impostor trying to steal the woman's identity.
The mechanics of how the banks are using voice analysis are pretty interesting. By focusing on known or suspected fraudsters, it reminds me a little bit of the Nevada Gaming Commission's Excluded Person List.