Tuesday, October 21, 2014

Spain-Gibraltar border getting biometrified

Spain’s Ministry of Security to implement biometric border control management system (Biometric Update) — "The budget to implement all changes for the smart border between La Linea de la Concepcion and Gibraltar will amount to 7.3 million euros."

Turkey looks to biometrics to enable structural change

Upcoming reforms in Turkey to ban any actions against statehood (Trend)

Monday, October 20, 2014

Protecting customer data

After Massive Data Breaches, Businesses Move to Make ID More Personal (ABC News)
The cost of a data breach is terrifyingly high. Home Depot estimates that the massive data breach that affected 56 million customers this summer will cost the company several hundred million dollars—and that’s the figure they are using to assuage fears on the Street. The reality is probably much higher. Target’s breach may top out at the $1 billion mark. While the jury hasn’t even been empanelled as to what the JPMorgan breach will cost, it will leave a mark that will no doubt make news down the line.

With so much to lose, the implementation of biometrics-based consumer authentication may be the cheaper option for companies that handle the kinds of information hackers find so irresistible.
We've been saying it for years. All databases containing sensitive customer information should be biometrically protected. It's just good business.

Australia: "Foreign fighters" bill invites debate

Opposition grows to storage of photo and biometric data (Sydney Morning Herald)
The legislation specifically clears the way for all Australians as well as foreigners to be photographed when they leave Australia and when they return if they go through automated passport gates – which are set to become far more commonly used.

The department estimates that between 40 and 60 per cent of the 35 million travellers leaving and entering Australia each year would be photographed, many millions of them Australians.

The department can also share the biometric information for "specified purposes" according to the bill's explanatory memoranda, though it does not explain what these purposes are.
"Critics say the danger of such information being hacked is profound, given many personal electronic devices are now secured by fingerprints and iris scans."

A couple of points that we've made before come to mind here.

First, if the government of Australia is incapable of keeping citizen information secure from hackers, is the biometric information of international travellers really a top-order concern? Surely, the government already secures information that is much more valuable to hackers than that.

Second, passports are interesting in that they aren't just ID's. They're also an interoperability technology, a way two governments facilitate their agreement related to the treatment of civilian citizens traveling abroad. They only work unless there's a government on both sides of the equation and any government on its site of the border can collect just about whatever information it desires as a condition of allowing a non-citizen entry into its territory.

Even if Australians reject the "foreign fighters" bill, they will still be subject to the information requested of them by the countries they visit, and that information can be shared back with Australia on a government-to-government basis.

With globalization and the lowering of cultural boundaries among the international travel set, it can seem like international travel is no big deal. Brussels is, in many ways, a lot like Washington, DC. But international travel is not without security risks to the visited country and international travelers should always be aware that their legal status outside their home country is very different than it is at home.

Abu Dhabi bank to introduce voice recognition technology

UAE: End of the Pin number? ADCB to launch voice recognition service (The National)
The biometric technology used by ADCB works by comparing the caller’s voice to a pre-recorded sample given by the client, ADCB said.

That will allow customers to get on the phone with a bank representative quicker while reducing the chances of fraud.

“In this competitive environment we need to make sure that customer convenience and ease of access are effectively balanced with information and transaction security,” said Ravi Nair, the head of customer experience at ADCB. “The voice biometrics technology will play a vital role in ensuring increased security and convenience at the same time, while making client calls shorter and reducing our overall cost to serve.”

Friday, October 17, 2014

Here we go

MasterCard teams up with Zwipe to launch first payment card with fingerprint sensor (CIO)  — The built-in biometric sensor is used to authorise payments in less than a second instead of the traditional chip and pin method.


Alipay, the Alibaba Group unit that is China’s largest electronic payments service, is now rolling out biometric authentication (Pymnts.com)

Wednesday, October 15, 2014

No need to mischaracterize voice biometrics in call centers

Amidst all the attention banks are receiving over the use of voice biometrics to prevent fraud, It's worth noting a couple of things.

First, according to the widely linked AP article, "The technology, sometimes called voiceprinting, is aimed at bad guys rather than legitimate customers, but legal and privacy experts alike still have reservations about the practice." So, the systems in place seem to work by collecting information on known and suspected fraudsters and placing them on a watchlist (listenlist?). This makes sense. Technically, it's far easier to be on the lookout for a handful of persons of interest than it is to make a positive ID on every single caller.

Second, there are a lot of way over-hyped headlines out there that make it appear as though financial institutions are collecting voice biometric information on unwitting customers on a vast scale.

Take:
Some Banks Collect Voiceprints During Service Calls to Identify You (Salon) 

Technically, this Slate headline isn't even true since according to the source it cites, the voiceprints are being used to identify fraudsters, not to verify the identities of account holders.

Then there's this.

Banks Harvest Callers' Voiceprints to Fight Fraud, which is the unfortunate headline of the very AP article that acknowledges that the systems function as criminal watchlists rather than a "harvest" of biometric information.


Monday, October 13, 2014

New iPad Air Leak Shows Touch ID Sensor (Web Pro News)


Indians give nod to surveillance of govt officials (Today Online) — The new transparency scheme for government employee time-and-attendance seems popular.

Banks Use Callers' Voiceprints to Fight Fraud

Computers with voice recognition are being used--sometimes discreetly--to add extra security during calls with customers. (Inc.)
"We lost everything," she said. "Can you send me a card to where we're staying now?"

The card nearly was sent. But as the woman poured out her story, a computer compared the biometric features of her voice against a database of suspected fraudsters. Not only was the caller not the person she claimed to be, "she" wasn't even a woman. The program identified the caller as a male impostor trying to steal the woman's identity.
The mechanics of how the banks are using voice analysis are pretty interesting. By focusing on known or suspected fraudsters, it reminds me a little bit of the Nevada Gaming Commission's Excluded Person List.

Friday, October 10, 2014

Why biometrics will be the key to mobile payments adoption (Bank Systems & Technology)
Until making a mobile payment becomes faster than using a credit card, mobile payments will be stuck in low gear. And the key to making mobile payments fast is to use biometrics to solve the authentication problem and eliminate the need for consumers to enter a password.

Maybe one day



The White House Cybersecurity Czar Wants to Kill Your Password (Roll Call)
Michael Daniel, the White House cyber czar, says he isn’t just worried about bad passwords as a security liability. He doesn’t even want the password around anymore at all as a big part of computer security.

“Frankly, I would really love to kill the password dead as a primary security method, because it’s terrible,” Daniel said Thursday.
I reckon the password will live a good while longer, yet. Simply put, it does so much work for so little effort. It's return on investment is through the roof. Also, we're at a point where things that aren't people need to identify themselves to computer systems and they don't have biometrics.

Biometrics can be used to eliminate passwords in many applications. For higher security identifications, biometrics can be used to stem the tide of increasingly complex passwords and move back toward the simplicity of the PIN.


See also: More on the Awesomeness of Passwords

Airline biometrics for security & convenience

Forget E-Tickets, Alaska Air Mulling E-Thumb for Boarding (Bloomberg)
Alaska Airlines (ALK) is exploring using passengers’ fingerprints to replace travel documents, driver’s licenses and credit cards now needed to navigate from airport curbs to jetliner seats. If successful, it would be the first U.S. carrier to employ biometrics for boarding passes and inflight purchases and could spur wider adoption across the industry.
Biometrics can add security and convenience at the same time. It looks like people are starting to recognize it.

Hungary: Some fans bristle at stadium palm vein scanners

Soccer-Ferencvaros fans upset by biometric 'intrusion' (Yahoo!)
Szebasztian Huber, editor of the Fradi fan website ulloi129.hu said many fans also fear that technological developments would help clubs pass Hungarian Football Association fines -- which they regard as too strict -- on to them.

Stricter stadium rules also puzzle fans because the number of violent incidents in and around Hungarian stadiums is much lower than 10 or 20 years ago, he added.

"The culture of soccer fans is different everywhere, in some countries (vein scanners) would be tolerated, while elsewhere fans could be upset," Huber said. "Launching the system highlighting its comfort functions could increase tolerance."

Thursday, October 9, 2014

Smartgates and the tightening of UK & Australia borders

AUSTRALIA: 'Foreign fighter' laws leave door open on biometric data collection (Computerworld)
The government's second tranche of national security legislation, the Counter-Terrorism Legislation Amendment (Foreign Fighters) Bill 2014, includes measures that potentially allow a significant increase in the types of biometric data collected at Australian airports.

Provisions in the bill also extend to Australian travellers data collection practices that have previously been confined to non-citizens.


UK: New biometric border controls at Stansted Airport at heart of terrorism fight (Herts and Essex Observer)
"We are using resources and intelligence to ensure the border is as strong as we can make it."

He said the Government was also committed to tackling the problem of those travelling from the UK to the Middle East to join the IS jihadists and a new counter-terrorism Bill was set to include measure to temporarily remove the passports of those suspected of being radicalised and ready to fight abroad.

More on India's public employees time-and-attendance portal

Big Brother Modi is watching bureaucrats (Reuters)
"This is Big Brother stuff but very effective. It's not just the central government. The state governments are trying to emulate this."

The Prime Minister's Office will also take part in the scheme, said Dash, although it was not clear whether Modi would be enrolled.

Project mastermind Sharma, who holds the rank of secretary at the government's Department of Electronics and Information Technology, could not immediately be reached for comment. The Biometric Attendance System showed he had signed in at work at 13:55:16 p.m. on Thursday.

Screen grab: attendance.gov.in



Meet the man who built the awesome online attendance system for India’s government officials (Quartz India)
Now, 59-year old Sharma is building an attendance system for India’s central government employees that is inexpensive, publicly available on the internet—and potentially, a simple tool that could revolutionise governance in the country.
...
The entire system is searchable, down to the names of individual central government employees, and all the data is available for download. And with that single step—making the entire platform publicly accessible—the government has introduced a level of accountability and transparency that India’s sprawling bureaucracy is unaccustomed to.