Tuesday, October 28, 2014

Biometrics against criminal aliases

Suspect in deputy deaths arrested in Utah in 2003 (Boston Herald)
Police in West Valley City, Utah, said they took a fingerprint from a man using the name Marcelo Marquez during a misdemeanor hit-and-run arrest in 2003. Court records show that he pleaded guilty, received a year of probation and was fined about $500.

However, Utah authorities never connected him to his real name or his previous criminal record.

In Utah, fingerprint data is entered into a biometric database for all people booked into jail. But for those who are cited and released, police take a print from a single finger that's kept in state criminal records.

Unless there's a request from an investigator, the print is not run against the biometric database to determine whether the person has a prior record outside Utah or is using an alias, said Alice Moffat, director of the Bureau of Criminal Identification.
Biometrics are a great way to root out criminal aliases, but only if procedures are in place to run the biometric search.

NYPD getting mobile fingerprint tech

NYPD Equips Officers With Biometric Smartphones (Government Technology)
New York Police Department officers and vehicles are to be outfitted with new technology as part of a $160 million program that will lead to fewer arrests and more summonses after being fully implemented next year, Mayor Bill de Blasio told reporters on Oct. 23.

All 35,000 NYPD officers will be equipped with smartphones that allow officers to search databases, view wanted posters and scan suspects’ fingerprints.

Friday, October 24, 2014

Interpol meeting to discuss facial recogntion

INTERPOL to begin the process of developing international facial recognition standards (Eurasia Review)
The two-day meeting (14 and 15 October) gathered 24 technical and biometrics experts and examiners from 16 countries who produced a ‘best practice guide’ for the quality, format and transmission of images to be used in facial recognition. It will be circulated to all 190 INTERPOL member countries to serve as a guideline for improving the quality of images necessary for accurate and effective facial recognition.

Thursday, October 23, 2014

India: Critics coming around on UID?

Home Ministry praises the Aadhaar project (Economic Times)
Once a strong critic of the Aadhaar project, the Union home ministry has now effusively praised the project in a letter to all states, saying Aadhaar's biometric identification process eliminates "the threat of any fraud or bogus activity."

LA County: Stop and Scan

The Pasadena Weekly has just published an article purporting to describe LA County's plans to populate the FBI's next generation ID system with data gathered in the field.
On Sept. 15, the FBI announced that the Next Generation Identification System was fully operational. Now that the central infrastructure is in place, the next phase is for local jurisdictions across the country to update their own information-gathering systems to the FBI’s standards.

When the system is up and running in L.A., any law enforcement official working in the county, including the Los Angeles Police Department, would collect biometric information on people who are booked into county jails or by using mobile devices in the field.

This would occur even when people are stopped for lesser offenses or pulled over for minor traffic violations, according to documents obtained by The Center for Investigative Reporting through a public records request.

Officials with the Sheriff’s Department, which operates the countywide system, said the biometric information would be retained indefinitely — regardless of whether the person in question is convicted of the crime for which he or she was arrested.
If this report is corroborated, I suspect we'll be hearing a lot more about this.

Tuesday, October 21, 2014

Spain-Gibraltar border getting biometrified

Spain’s Ministry of Security to implement biometric border control management system (Biometric Update) — "The budget to implement all changes for the smart border between La Linea de la Concepcion and Gibraltar will amount to 7.3 million euros."

Turkey looks to biometrics to enable structural change

Upcoming reforms in Turkey to ban any actions against statehood (Trend)

UPDATE:
Via twitter, @canmutlu writes that the article linked above refers to biometric national ID cards rather than (as the article states, twice) passports.

This rings true from a practical standpoint, and based upon this short article from Planet Biometrics: Turkey’s PM unveils biometric ID card plan.

We very much appreciate his pointing this out.

UPDATE II:
It looks like someone at Trend got the message, as well.

New biometric identity cards to be issued in Turkey (Trend)

Monday, October 20, 2014

Protecting customer data

After Massive Data Breaches, Businesses Move to Make ID More Personal (ABC News)
The cost of a data breach is terrifyingly high. Home Depot estimates that the massive data breach that affected 56 million customers this summer will cost the company several hundred million dollars—and that’s the figure they are using to assuage fears on the Street. The reality is probably much higher. Target’s breach may top out at the $1 billion mark. While the jury hasn’t even been empanelled as to what the JPMorgan breach will cost, it will leave a mark that will no doubt make news down the line.

With so much to lose, the implementation of biometrics-based consumer authentication may be the cheaper option for companies that handle the kinds of information hackers find so irresistible.
We've been saying it for years. All databases containing sensitive customer information should be biometrically protected. It's just good business.

Australia: "Foreign fighters" bill invites debate

Opposition grows to storage of photo and biometric data (Sydney Morning Herald)
The legislation specifically clears the way for all Australians as well as foreigners to be photographed when they leave Australia and when they return if they go through automated passport gates – which are set to become far more commonly used.

The department estimates that between 40 and 60 per cent of the 35 million travellers leaving and entering Australia each year would be photographed, many millions of them Australians.

The department can also share the biometric information for "specified purposes" according to the bill's explanatory memoranda, though it does not explain what these purposes are.
"Critics say the danger of such information being hacked is profound, given many personal electronic devices are now secured by fingerprints and iris scans."

A couple of points that we've made before come to mind here.

First, if the government of Australia is incapable of keeping citizen information secure from hackers, is the biometric information of international travellers really a top-order concern? Surely, the government already secures information that is much more valuable to hackers than that.

Second, passports are interesting in that they aren't just ID's. They're also an interoperability technology, a way two governments facilitate their agreement related to the treatment of civilian citizens traveling abroad. They only work unless there's a government on both sides of the equation and any government on its site of the border can collect just about whatever information it desires as a condition of allowing a non-citizen entry into its territory.

Even if Australians reject the "foreign fighters" bill, they will still be subject to the information requested of them by the countries they visit, and that information can be shared back with Australia on a government-to-government basis.

With globalization and the lowering of cultural boundaries among the international travel set, it can seem like international travel is no big deal. Brussels is, in many ways, a lot like Washington, DC. But international travel is not without security risks to the visited country and international travelers should always be aware that their legal status outside their home country is very different than it is at home.

Abu Dhabi bank to introduce voice recognition technology

UAE: End of the Pin number? ADCB to launch voice recognition service (The National)
The biometric technology used by ADCB works by comparing the caller’s voice to a pre-recorded sample given by the client, ADCB said.

That will allow customers to get on the phone with a bank representative quicker while reducing the chances of fraud.

“In this competitive environment we need to make sure that customer convenience and ease of access are effectively balanced with information and transaction security,” said Ravi Nair, the head of customer experience at ADCB. “The voice biometrics technology will play a vital role in ensuring increased security and convenience at the same time, while making client calls shorter and reducing our overall cost to serve.”

Friday, October 17, 2014

Here we go

MasterCard teams up with Zwipe to launch first payment card with fingerprint sensor (CIO)  — The built-in biometric sensor is used to authorise payments in less than a second instead of the traditional chip and pin method.


Alipay, the Alibaba Group unit that is China’s largest electronic payments service, is now rolling out biometric authentication (Pymnts.com)

Wednesday, October 15, 2014

No need to mischaracterize voice biometrics in call centers

Amidst all the attention banks are receiving over the use of voice biometrics to prevent fraud, It's worth noting a couple of things.

First, according to the widely linked AP article, "The technology, sometimes called voiceprinting, is aimed at bad guys rather than legitimate customers, but legal and privacy experts alike still have reservations about the practice." So, the systems in place seem to work by collecting information on known and suspected fraudsters and placing them on a watchlist (listenlist?). This makes sense. Technically, it's far easier to be on the lookout for a handful of persons of interest than it is to make a positive ID on every single caller.

Second, there are a lot of way over-hyped headlines out there that make it appear as though financial institutions are collecting voice biometric information on unwitting customers on a vast scale.

Take:
Some Banks Collect Voiceprints During Service Calls to Identify You (Salon) 

Technically, this Slate headline isn't even true since according to the source it cites, the voiceprints are being used to identify fraudsters, not to verify the identities of account holders.

Then there's this.

Banks Harvest Callers' Voiceprints to Fight Fraud, which is the unfortunate headline of the very AP article that acknowledges that the systems function as criminal watchlists rather than a "harvest" of biometric information.