Monday, April 30, 2012

For Now "Mobile Device" & "Security" Are Oxymorons

We need more secure mobile devices (Kenneth Van Wyk at Computerworld)
Usability advocates will argue that strong device passwords on mobile devices are annoying and won't be accepted by users. That's a fair argument -- strong passwords on a smartphone or tablet really are a hassle to work with. (Trust me.) Still, I'd prefer something stronger than four-digit PINs to unlock a device (and the data it holds). For the longer term, device vendors need to be shooting for stronger keying mechanisms -- perhaps a PIN in combination with a biometric like a fingerprint, facial pattern scan or voice recognition.

For now, though, what I suggest to people who are serious about the security of their mobile devices is...
See also:
Mobile Devices and Biometric Modalities

For other mobile posts, click the 'mobile' label in the list in the footer to this post below. Does anyone but me ever use those?

Biometric British Parole Officers?

Not Really but still interesting (The Guardian)
The machines ask offenders a series of questions, including whether they have changed their address or job and if they have been arrested since their last report or wish to speak to someone. Probation service managers will also be able to add individually tailored questions to those asked by the machines, which are believed to cost around £130,000 a year to operate.

An internal briefing document for London Probation managers, which has been obtained by the Observer, notes: "There are sensitivities around the project – there is union opposition to biometric reporting and media interest in the trial is anticipated. Biometric reporting potentially provides a significant opportunity to reduce the risk from offenders. A pilot is essential to demonstrate and quantify those benefits, so as to inform decisions about its use."

Malaysia: Thousands of Demonstrators Demand New Electoral Policies

Police violence marks Malaysia reform rally (Al Jazeera)
At least 25,000 demonstrators swamped Malaysia's capital Kuala Lumpur on Saturday, hoping to pressure Prime Minister Najib Razak's ruling coalition - which has held power for nearly 55 years - to overhaul electoral policies before polls that could be held as early as June.

Authorities insist the elections will be free and fair, rejecting activists' claims that the Election Commission is biased and that voter registration lists are tainted with fraudulent names.
Biometrics can help and, as we have seen, Malaysia has implemented biometric solutions in other areas.

Rival lawmakers Finding Common Ground on Privacy

The data battles (Pittsbutgh Post-Gazette)
The debate in the halls of Harrisburg took an unusual turn at a House State Government Committee meeting earlier this month when both of the committee's leaders, liberal Rep. Babette Josephs, D-Philadelphia, and conservative Rep. Daryl Metcalfe, R-Cranberry, voiced strong support for a state measure blocking implementation of a federal driver's license. The two are so prone to trading partisan barbs on the record that the committee meetings are casually referred to as "The Daryl and Babette Show."

But the so-called "REAL ID ban," Senate bill No. 354, which passed by overwhelming majorities in both houses, is one of a number of privacy bills that have come before the Legislature during the 2011-2012 session, creating, at times, odd bipartisan bed-fellowships.
I've said it before and I'll say it again: Often the most nuanced reporting on the complex issues surrounding privacy, ID management and biometrics are found in local, not national news outlets.

Not About Biometrics, Per Se, but...

NDC to ask for extension of registration exercise (Modern Ghana)
Information reaching the New Statesman indicates that the ruling National Democratic Congress, apparently unhappy with voter figures from perceived strongholds in the ongoing biometric registration exercise, is readying itself to call on the Electoral Commission for an extension of the registration exercise.
Interesting. Biometrics are about people.

National Level Biometric Deployment Trees & Forest

Though it's not my intention, I know it can seem like "All India, All the Time" around here. That's because India has set for itself the most ambitious ID management in human history, and therefore, India is providing more real world examples of the challenges inherent in very large scale biometric deployments than anywhere else. But India isn't necessarily unique in terms of the problems it is attempting to address with biometrics. All the BRICS (Brazil, Russia, India, China, South Africa), for example, face very similar challenges.

Forest and trees:
The information upon which blogs rely (the news articles below) provide great descriptions of individual trees. The four articles from the Indian press below can be seen as individual trees. The four sections in bold below the articles describe the species to which each different tree belongs.

The biometrics forest is made up of these, and more, species.

I. Can Technology Fix India? (
The dreams of modern India rarely make it to Rayagada. The Indians of these eastern forests forage for sago leaves and wild mango to survive. Barely a third can sign their names. Most live without electricity. Many have joined a Maoist insurgency fighting to overthrow the system.

Now, modernity is creeping in. Smart cards, fingerprint scanners and biometric identity software are transforming Rayagada into a laboratory to test a thesis with deep implications for the future of India: Can technology fix a nation?
Please click through to look at the pictures (and don't miss the comments).

As readers of this blog know, the short answer to the headline question is: No. Technology cannot fix India. ID management is about people. Biometrics can help (immensely!) with identity management challenges, but they cannot manage anything all by themselves.

II. Aadhaar card fraud exposes registration process errors (Times of India)
"The fraud proves that in a 100% Aadhaar-enrolled city like Hyderabad, 30,000 cards have been registered in a part of the city by exploiting those loopholes.
♦ The Hyderabad population is 4,010,238
♦ The fraud number is 30,000 (article)
♦ 100% of Hyderabad is enrolled (article)

Then the rate of fraud is 0.0074 — less than 1%.

III. Identification of slum residents suspended (The Hindu)
The Chennai Corporation has suspended biometric identification of thousands of slum residents along 16 canals in the city, following stiff opposition from AIADMK councillors. The civic body had begun biometric identification of residents on slums near the Mambalam canal a few weeks ago, in order to issue smart cards, but AIADMK councillors opposed it, alleging that the list prepared by the previous DMK-led council had failed to include many actual beneficiaries. Once the biometric cards were issued, the residents of these slums were to be resettled.
I'm not even sure exactly what this is about but I have no doubt it's of significant local importance (I think it's about accounting for people who reside in areas we in the West would describe as "not Zoned Residential" so that they might be humanely resettled or legitimized as residents — such as when squatters are given title to their abodes).

IV. Persons Throng Aadhar Enrolment (Deccan Herald)

These four specifics are open to a more general interpretation.

I. The scale of the problems better ID management can help address
In the simplest terms, biometrics can really help people reduce the amount and severity of human suffering in their midst. What nobler aim can there be? Biometric Identity Management is about people.

II. Perfect is the enemy of Good
The proper metric for measuring biometric deployments is Return on Investment, not perfection. If half of the funds devoted to a current welfare program are stolen and a proposed biometric ID management system will be defrauded 10% of the time, what should you do?

III. Biometric technology is extremely flexible
Biometrics give talented and imaginative managers a tool that can be applied more problems than any one person can possibly comprehend.

IV: People want it.

Many (but obviously not all) of the posts here fall into one of the four categories above. India just happens to be providing a whole lot of examples.

Streamlining India's ID Bureaucracy

PAN and UID data set to be merged (The Asian Age)
The Nandan Nilekani-led Unique Identification Authority of India (UIDAI) issues the Aadhaar number will be synchronised with the Permanent Account Number database maintained by the I-T department.

According to finance ministry while the Aadhaar will ensure effective disbursal of government schemes to citizens, the biometric PAN card database will help stop the forgery of PAN cards which begets economic crimes.
One of the more common complaints about India's UID project has to do with the sheer quantity of ID documents well-credentialed Indians have to keep up with.

Hopefully this is a step in the right direction.

Updated & Bumped: RNCOS Projects Biometrics CAGR of around 21% for 2012-2014

Global Facial Recognition Market to Witness Double Digit Growth (RNCOS Industry Research Solutions Press Release)
...Facial Recognition Technology has emerged as the fastest growing technology among the biometric technologies accepted worldwide and will continue to follow the same trend in future also by growing at a CAGR of around 31% during 2011-2013.

In other face-rec news:
New facial scanners at Heathrow to check the identity of millions (London Evening Standard)


RNCOS projects growth of biometric market at a CAGR of around 21% during 2012-2014.

Readers who have reached this post through CV Dazzle may also find our post on Hyping Facial Recognition interesting. It describes the steps involved and the technical challenges associated with facial recognition surveillance deployments.

Friday, April 27, 2012

Biometrics as Leapfrogging Technology

High Tech Graft Busting Helps Feed Hungry Indians (Defiance, Ohio; The Crescent-News)
Just as the quandary of how to lay telephone lines to remote outposts disappeared with the arrival of cheap cellphones, Indian officials are hoping new technologies -- some yet to be discovered -- will tackle some of the country's most intractable problems: corruption, collapsing health and education systems, a dearth of opportunity for the poor.

"We see innovation as truly a game-changer, to move from incremental change to radical change," Prime Minister Manmohan Singh said last year in announcing plans for a $1 billion venture capital fund to seed revolutionary new technologies.

Well that makes more sense...

...Japanese "cardless" ATM's also use two pieces of additional information.

Scan Hand for ATM Cash, No Card Required (Discovery)
First, Ogaki Kyoritsu Bank (Japanese site) customers will register their biometric information at a branch, according to Gizmag's Darren Quick. Then they'll be able to go to one of the new ATMs and get cash simply by scanning a hand and then typing in their birthdate and a four-digit PIN. [Emphasis added]
Here's a recent article on the subject: Japanese biometric ATM reads your palm, tells fortune.

This post goes into some more detail about the impracticality of single factor biometric cash machines: Polish bank claims Europe's first biometric cash point.

Canada Immigration Minister Supports Biometric ID for Non-Citizen Permanent Residents

Feds to consider biometrics for permanent residents to combat fraud (Vancouver Sun)
"I think in principle, we should be doing everything we reasonably can to identify visitors or immigrants and ensure they don't represent a threat to Canada's safety, so biometrics is the best technical tool at our disposal and I think in principle, that it should be applied to not just temporary but also permanent residents," Kenney said Thursday after testifying before a Commons committee reviewing Bill C-31, the Protecting Canada's Immigration Act.

Biometric E-Gates in Dubai

Dubai: E-gate system to benefit biometric passport holders (Zawya)
A new smart e-Gate system which reads passport information and captures biometric data including facial recognition in 12 to 14 seconds has been launched at the Dubai International Airport yesterday.

Ghana Electoral Enrollment Update

Biometric registration: 10.5 million register so far (Ghana Web)


♦ 10.5 million prospective voters registered by the end of the third phase.

♦ The EC projects 13 million voter registrations.

♦ In 2008, 12.5 million people were registered to vote and 9 million votes were recorded.

♦ 4,000 people are suspected of multiple registration.

♦ Registration ends on May 5, 2012.

Source: CIA World Factbook

Total Population: 25,241,998 (July 2012 est.)

Age structure:
0-14 years: 36.5%
15-64 years: 60%
> 65 years: 3.6% (2011 est.)

Thursday, April 26, 2012

Uniqueness That Can't Be Duplicated

UIDAI: Banking on biometrics to give you a unique identity (Economic Times)
An overview of biometrics history and the rationale for applying it to India.

Refugees, National ID, Immigration and Biometrics

Which country has the largest number of individual asylum seekers in the world?

It's South Africa.

South Africa is using biometrics for several ID management tasks: a population register, immigration and refugees. The synergies in integrating these three systems are obvious and might be extended to include South African welfare programs.
Smart ID cards use microchips that store biometric and other information that can be checked against databases. They are difficult to forge.

Special scanners “read” the bearer’s thumbprint and if it does not match that on the database, officials are alerted by the system.

Dlamini Zuma said the cards were key to a national identity system that would replace the present multiple systems used to manage the registration of births, marriages and deaths, and immigration data.

It would allow the biometric and biographical details of foreigners and South Africans to be digitally captured and stored in a single integrated system linked to those managing asylum seekers and refugees.

See also:
New ID smart card will be ‘no dompas’ (Business Day - S. Africa)

Burkina Faso, Come on down!

It's an extremely short article that doesn't lay out a plan for biometric elections but there is a little nugget at the end that says they're going to happen.

Burkina Faso latest West African nation to opt for biometric elections (Reuters)
French smart card maker Gemalto has been selected by the country's electoral authorities to provide biometric voter registration in a deal worth 11.6 billion CFA francs, according to the government statement.

Burkina Faso (Image: CIA World Factbook)

Burkina Faso: Population: 17,275,115 (July 2012 est.)
0-14 years: 45.8%
15-64 years: 51.7%
> 64 years : 2.5%   (2011 est.)

Wednesday, April 25, 2012

How Dr. Gabriella Nanci uses Biometrics to fight disease in Ghana

Must see video at the M2SYS blog. Click over there and watch it.

Development Agencies Using Biometrics to Reach Aid Recipients

Technology: helping people get both cash transfers and access to financial services (Relief Web)
Cash driven by truck to Northern Kenya would ordinarily mean leakage along the way. But the program, implemented by the Kenyan government, the United Kingdom’s Department for International Development, Oxfam, and Equity Bank uses biometrics, and smart cards to greatly reduce this risk and reach poor people more effectively and efficiently.

UK-US Bilateral Border Agreement in the Works?

UK authorities in talks over US fast-track border option (Travel Weekly)
“If they can reach an agreement it would be a huge home run as we have so many UK visitors and there is still a lagging perception about the entry process which may be putting people off.”
The solution discussed at the link resembles the Global Entry program but with reciprocity. Of course biometrics will be involved.

A bilateral agreement between countries that share a high volume of traffic, good information sharing, and a high confidence in the other's ID management rigor might significantly improve border efficiency.

Border issues have been a big deal in the UK lately. The recent Border Scandal and concerns over throughput at busy times combined with a certain upcoming quadrennial event have kept the Border Agency's attention on ways to improve.

Tuesday, April 24, 2012

Other stuff...

China: Archive on visiting foreigners to include biometrics (China Daily)

The Guardian looks at Big Data

Innocent mother lands in jail after identity theft (Oregon Live)

Biometrics... Because ghosts have no finger prints

Unmasking the Ghost Workers (This Day Live)

Token, PIN & Biometric: Authentication Should Include Two of Three

Or so says the European Central Bank.

Euro Central Bank to tighten grip on web cash security (Register -UK)

Excellent Video on India's UID

Once in a while it's good to go back to a 50,000 foot view of UID. Canada's CBC does an excellent job of that in both text and video.

India turns to technology to extend a guaranteed identity to its poor (CBC)

Yet even as the Indian economy produces its annual crop of new billionaires and races ahead statistically, many people are left behind.

One-third of the population, 400 million people, lives on less than $2 a day. Less than half of households have toilets. In even fewer can residents drink water from their own taps. One in four is illiterate.

An almost greater concern is that hundreds of millions of Indians are virtually invisible to the state.

They have no ID. They may have ration cards or election cards but no real identification.

Imagine trying to sign up for government help or open a bank account — less than half the population has one. What's more, only about three per cent of Indians pay income tax.

Empirical Data Support UID as a Means for Reaching the Poor

Read the whole thing...
Study Shows Unique ID’s Reach to India’s Poor (Wall Street Journal)
The data, released exclusively to India Real Time, shows that more than 56% of the enrollees in the program so far did not previously have a “portable ID” such as a passport, driver’s license or PAN (Permanent Account Number) card. And 87% of those households have annual income below $2,000 per year, confirming what many social scientists and journalists have long assumed – that the people without good identity documents tend to be lower-income earners.

Mr. Sundararajan said the results point to “excellent” targeting by the UID program so far. “It’s validation of the fact that this is not a digital infrastructure for the privileged. It’s for the people who aren’t included,” Mr. Sundararajan said.

According to the survey, more than 70% of all households (not just UID enrollees) have no member with a portable ID.
It's one thing to have an idea and think, "You know? That should work." It's quite another to have evidence that something is working.

At the very least the data suggest that poor people understand the value of a unique individual ID. They understand that a unique, legally-recognized individual identity is a prerequisite to any sort of decent life. They know it is an asset without which they cannot access many things those who already have an ID take for granted: education, adequate health care, social safety nets, the voting booth. Given the opportunity, they will leap at the chance to get one.

The study's findings are going to make it easier for the poor and other UID supporters going forward.

See also: India turns to technology to extend a guaranteed identity to its poor (CBC)

Monday, April 23, 2012

Biometrics for Improved International Aid

Another example of how some of the best original thought and reporting comes from small local news outlets...

Putting a Finger[print] on the Problem: What USAID Can Learn From India (Maplewood, NJ Patch)

Conclusion: "The United States should implement identification techniques with basic biometric data wherever it distributes international aid." But read the whole thing.

Philippines: Biometrics a Hot Topic in Autonomous Region

Ghost voters roam in ARMM (ABS-CBN News) 
Over 130,000 “ghost voters” and multiple registrants were discovered and removed from the voters’ list of the Autonomous Region in Muslim Mindanao (ARMM).
Proposal On Voters' List Rejected (Manila Bulletin)
The Commission on Elections has rejected Malacanang’s proposal to annul the entire voter’s list in the Autonomous Region in Muslim Mindanao but said it could look into calling for a new registration of voters in some areas on a case to case basis.
ARMM makes transactions more transparent (The Philippine Star)
Hataman is also pushing for electoral reforms through a general registration of voters and a biometric electoral system that will be implemented by 2013.

Secretary Ricky Carandang disclosed last Friday that the government is allotting P8.3 billion more for development projects in the ARMM to provide more basic services and improve the lives of the regional folk.
 Here's a link to the History page of the Autonomous Region in Muslim Mindanao.

India Using Biometrics To Vet Welfare Food Program

Department of Food computerizes its distribution process (
Along with the computerisation of TPDS [ed. Targeted Public Distribution System] in the country, the contract also facilitates timely allocation of foodgrains, biometric identification of beneficiaries, recording of transactions at the fair price shops, tracking of food grains, etc. This has brought about a perceptible change in targeting of PDS, elimination of over 2.48 crore ineligible ration cards and resultant saving of foodgrains.
2.48 crore = 24.8 million.

South Africa Announces Biometric Safeguards for Welfare Programs

Tough new steps to fight grant fraud (Independent Online)
Authorities will record the voices of and re-fingerprint up to 5 million people, as well as taking the footprints of children under six in a bid to clamp down on rampant fraud and abuse of welfare payments in KwaZulu-Natal, the province with the worst record for such fraud.

SA Social Security Agency (Sassa) spokesman Cuba Mahaye yesterday said the new verification process, to be implemented countrywide, would also be applied to those who received disability and pension grants.
The full article has a more detailed explanation of the type and scope of fraud involved. The less people see welfare programs as a means to defraud the public, the more they will support them.

SecurLinx Completes Acquisition of ITM Associates

SecurLinx Corporation acquired ITM Associates, Inc., a Washington, DC based consulting services and commercial products company with a strong customer base in federal government agencies, Fortune 500 companies, and health service providers. The strategic acquisition of ITM enhances SecurLinx’ resources and capabilities to offer advanced solutions in the areas of identity management, biometric security, decision support, collaboration, and automated workflow.

Morgantown, WV - April 23, 2012 SecurLinx Corporation acquired ITM Associates, Inc. of Rockville, MD effective April 1, 2012. Founded in 1993, ITM offers its inFusion™ family of collaboration and automated workflow products and has longstanding relationships with the US Environmental Protection Agency, Verizon Communications, St Luke’s Episcopal Hospital, and major insurance providers. “Mergers of companies like SecurLinx and ITM are ultimately more about people than technology, said SecurLinx CEO Barry Hodge. “We look forward to the addition of ITM’s customers and products but we’re especially pleased to add ITM’s talented staff to our team.”

According to Hodge, the acquisition of ITM accelerates SecurLinx’ ability to expand its existing presence in the biometric identification and security markets as well as in the markets currently served by ITM. “Together, SecurLinx and ITM will offer compelling and high return-on-investment products and services for customers needing higher levels of security and performance in mission critical activities.”

About SecurLinx: 
A wholly owned subsidiary of SecurLinx Holding Corporation (FRA: S8X) and located in Morgantown, West Virginia, SecurLinx is an advanced technology and software development company. The Company offers middleware products and systems applied to information sharing, secure access, and biometric identification. SecurLinx adds increased security, productivity, and seamless information management solutions in targeted markets where secure access to physical locations or information sharing networks is critical to the enterprise.

About ITM Associates: 
ITM provides products and services that make businesses more profitable and prosperous by bridging the gap between business operations and the enormous potential of emerging technologies. ITM's staff of professionals design, adapt and integrate technology to (1) eliminate or reduce time-consuming information processing tasks, (2) assist executives to make more informed and timely decisions, and (3) achieve greater efficiency by extending internal information systems to customers, vendors, and strategic partners.

Link to press release at Yahoo! News
Earlier: SecurLinx Signs Definitive Agreement to Acquire ITM Associates

Friday, April 20, 2012

Ghana Biometric Voter Roll Deduplication: Sorting Fraud from Ignorance

8m voters registered; 3,829 biometric applicants challenged (Daily Guide)
A total of 3,829 had their applications challenged throughout the country as of the end of the second phase of the biometric voters registration exercise.

Currently, the Electoral Commission (EC) has registered eight million voters.
4,000 multiple registration detected at on-going Biometric Voter Registration-EC (Ghana Web)
Mr Akomea explained that, persons who were found to have registered more than once would have their names removed entirely from the register, be arrested and prosecuted to face either a jail sentence or a fine, as the court may please.

“There is an adjudicating committee looking at those cases. What is important is to establish whether they were done deliberately or some thought their photographs were not nice so they decided to have another registration just that they can have better photographs. The outcome of the investigations should determine what should be done.”
Man Arrested For Registering 15 Times (Graphic) 
A 47-year-old man has been arrested by the Odorkor Police in Accra for registering 15 times in the on-going biometric voters registration (BVR) exercise.
Assuming accurate deduplication, four thousand out of 8 million is a very small fraction (one in 2,000).

There's also a big difference in terms of threats to democracy between the person who re-enrolls to get a different picture and the person who enrolls fifteen times under fifteen different names. There needs to be a way to sort one from the other and that's not something biometrics can do. At a certain point biometric technologies always have to pass the baton to managers and/or policies.

Identity management is about people.

NIST Evaluates Iris Biometric ID Algorithms

Eye-recognition techniques picking out 'needle in haystack' much faster (New Kerala)
NIST evaluated 92 different iris recognition algorithms from nine private companies and two university labs, all of which submitted software to an open competition held by NIST. The task was to identify individuals from a database of eye images taken from more than 2.2 million people.
The article does a great job of showing that different solutions addressing the same problem perform differently. The article is about iris technology, but the same principles hold with all biometric modalities.

UPDATE: Here's the actual full report...

WARNING: Clicking this link (IREX III final Report) will probably cause your browser to automatically download a .zip file from The National Institute of Standards and Technology's .gov web site (not that there's anything wrong with that).

European Central Bank Sees a Role for Biometrics in Improved Banking Standards

ECB launches consultation on secure internet payment standards (
Under the ECB plans, internet payment providers would need to ensure that customers are able to “strongly” identify themselves before a payment was processed.

This strong identity would have to include two of three proposed elements: a password; something belonging to the customer, such as a token, a smart card or mobile phone; or some form of biometric check.

A Gimlet-Eyed View of the Biometrics Market

Biometrics more accurate, but uptake 'disappointing' (ZDNet Asia)
Ovum's senior analyst of IT solutions had a more scathing assessment of the overall biometrics industry. Andrew Kellett pointed out that while the biometrics market is mature and been around for some time, its development from a security and product usage perspective has been "disappointing".

Elaborating, he said while voice, facial recognition, and iris scanning can now be considered as mature technologies alongside fingerprint identification, adoption rate remains steady, rather than dynamic, and below industry expectation. Fingerprint readers, which can be used as a standalone device or incorporated within laptops, for one, continue to see slow uptake, he noted.
Read the whole thing.

Thursday, April 19, 2012

DHS Mobile Devices of the Future

DHS field agents to transition to mobile devices within 5 years (Federal Computer Week)
One of the prime motivators for the change is the “promise of on-demand video to law enforcement agents in the field. That is very compelling, and will support effective use,” Spires said.

Another factor is the desirability of mobile devices that can allow for biometric identification checks in the field for individuals detained near the border, he added. Customs and Border Protection agents have been asking for that capability, he said.

Rundown of Services that Shorten Airport Wait Times

Flying Through Airport Lines (New York Times)
MORE than 10 years after the Sept. 11 terrorist attacks completely altered the airport experience, travelers have a variety of options that will shorten wait times at security and immigration. But speedier processing has some downsides. Some programs charge a fee, and all require surrendering such personal information as employment background, travel history and biological data like fingerprints.
The article states that the days of treating every passenger as a potential terrorist are over.

Biometrics To Help Identify Ghost-Filled Schools

India: Schools With Inflated Rolls to be Shut Down (MSN India)

It's well established (in this blog anyway) that Peter Venkman, Raymond Stantz and Egon Spengler have noting on biometrics in terms of ghostbusting ability. Biometrics have been used to bust thousands of ghost workers and ghost pensioners in a wide variety of countries and they're coming after ghost students.

India is set to crack down on schools that report educating over twice the number of students who actually attend. You see, more students means more funding so schools just inflate the attendance numbers in order to get more money.

Taking attendance with biometric technology should help bring some transparency to the process whereby schools report on how many children they educate.

The findBIOMETRICS Newsletter is Out

findBIOMETRICS comes at the biometrics industry primarily through a focus on products and companies. They've been a great resource for a long time.

Wednesday, April 18, 2012

UID Embarrassment: Vegetable Gets an ID

It was a coriander (cilantro) plant.

India : Look who’s got an Aadhar card (Asian Correspondent)
When money ceases to be cash and everything is done electronically and thus accounted for, the billions of dollars which are being embezzled from the welfare schemes will find a new and right destination. It will go the people who it was intended for. Of course it can’t stop the high-end scams like what we saw in 2G spectrum but everything else which directly effects the common man will change.

That is the gravity of UIDAI. Thought it tickles a funny bone, a goof up on such a matter is simply not acceptable.
No word on which biometrics were enrolled, though, or the prospects for finding the two jokers/fraudsters.

Securing Corporate Data in the Cloud: Biometric Logical and Physical Access Control

How to make information stored in the cloud robustly safe (The Guardian)

Most articles like this mention biometrics only in the context of physical access control at the data center, which is important. You don't hear as much about biometrics for controlling access to data stored in the cloud, though, and that's too bad because biometrics for logical access control could make the cloud a lot safer for businesses and their customers.

At a data center, physical access control prevents this (access to places)...

Image: Copyright Paramount

Logical access control is for this (access to information)...

...and tricking out data centers like Fort Knox, along with other logistical challenges ensures that there are a lot more of the latter than the former.

In networked logical access control solutions, the biometric sensor hardware is a part of the security. In the standard Username/Password regime, the hardware used, the keyboard, offers no additional security. With username/password authentication, a hacker needs only a keyboard to fill in the proper fields and she gains access to the network. If that username/password is a superuser or administrator credential, there's may be some turnover in the CTO function.

Biometric authentication is very different animal because with biometrics, the hardware layer does provide extra security. If the hacker steals a biometric or unencrypted biometric template (a long character string), she can't just type it in even if she finds the place in the programming that handles the template. The template resulting from a verification attempt is like a single use password created during the interaction of a physical object (body part) with certain known sensor.

For organizations using cloud services, requiring biometric authentication to authorize access to any database storing usernames/passwords should dramatically decrease the risk of high profile data breaches or other damaging hacks.

But even if every human account used biometrics for logical access control, some version of username/password verification will be around for a long, long time because username/password is a cheap, well-understood, flexible technology that supports certain access control models that biometrics does not. For one thing, people aren't the only things that claim an identity before accessing IT systems — computers do it, too, and they don't have biometrics.

The challenge that system designers now face is to identify where using Username/Password is too dangerous, and where biometrics can be used to reduce risk to an acceptable level. This requires identifying everything currently authenticated with a username/password and a determining which of these things are more efficiently protected using biometric authentication, then implementing the change. This is far easier said than done.

Requiring biometric verification of all human Administrator logins would be a good start, though. There aren't (or shouldn't be) that many of them. They are tech savvy, so they should be able to adapt to the new security environment quickly. They should have an understanding of why the extra step is worth the effort. It's their responsibility to keep the keys of the kingdom and they're the ones on the hot seat when the CEO is out apologizing to all and sundry following a data breach.

Tuesday, April 17, 2012

Fingerprint Biometrics Help ID Corpse

Coroner identifies body found on Beverly Shores beach (The News Dispatch)
Harris said Hurse was identified by a fingerprint, using the FBI’s Integrated Automated Fingerprint Identification System, or IAFIS, the largest biometric database in the world, which contains both criminal and civil print files.

According to the coroner, Hurse had a surgically-implanted rod in his right femur and authorities also were attempting to identify him through identifying factors contained in the rod. “But the fingerprint identification came through first,” Harris said.“We have no idea how he ended up in Lake Michigan,” the coroner added.
There are a whole lot of cases like this out there and biometrics can sometimes help. They can also be helpful in cases where living people can't identify themselves due to injury or cognitive impairments such as Alzheimer's disease.

Mobile Fingerprint Biometrics Increase Law Enforcement Effectiveness

More Arrests Thanks to Finger Print Technology (KION)
Santa Cruz, California...
In the last six months, officers have used the hand held device close to 50 times and over half identified a suspect already in the system. It's even helping make more arrests.

"Just last week we had a guy who we stopped for drug sales and normally it would've been a misdemeanor citation...We used the finger print machine and found out he had a felony warrant...Then we found he had heroin on him and scales," said Sgt. Flippo.

Hooters Adopts T&A Biometrics

Hooters Restaurants Fingerprint Biometrics (Press Release)
Hooters IT staff found it challenging to manage and track unauthorized voids using their previous PIN and swipe card security system. Hooters sought technology that could tie individuals to each transaction, and ensure manager oversight was provided when necessary. After successfully using U.are.U Fingerprint Readers at its Texas locations, Hooters expanded to other locations. Fingerprint authentication is also used for ensuring accurate time-and-attendance system for all employees.
Biometrics for time-and-attendance and transaction management have been making a lot of headway in the restaurant business.

State of the UID Project

An overview of where UID stands at the moment...

Ministries differ on UIDAI's functioning (Economic Times)
The question is: after Budget 2012, which increased UIDAI's allocation by 47% to Rs 1,758 crore and handed it greater responsibility, is all that opposition a thing of the past now? The answer is yes and no.

Monday, April 16, 2012

China: Railway Station Facial Recognition

China's high speed rail operators to introduce facial identification system (MSN India)
In a recent hunt for a suspect who fled from southern China, police at Shanghai Hongqiao Railway Station used almost all team members to search the station as a train arrived.

They finally caught the suspect based on two vague photos.

Facial Recognition Tech Used For Video Game Control

NoseBall: Video Game Uses Facial Recognition Tech Instead of Tactile Inputs (Press Release)
In the game the user's face, or more specifically his/her nose, is the game controller! A simple nudge with the nose will send the game ball ricocheting off the walls like a self-contained game of ratchet ball, only the nose is the paddle.

The gamer not only needs to keep the ball from hitting the bottom of the game screen, but also needs to collect gems as they appear on the board. The longer the ball is "up in the air", the more gems can be collected and the higher the score will be.

Friday, April 13, 2012

Friday Biometrics News Roundup

Friday lightning round...

Conservative Think Tank: DHS Must Ink Information Agreements With Visa Waiver Nations (Homeland Security Today)

South Africa: Fighting Child Trafficking with Iris Biometrics (Independent Online)

UID will enable rural transformation (rediff)

Nigeria: Ghost Workers in Zamfara State (Vanguard)

Chaos at Birmingham Airport (Birmingham Post)
(The "60 border agents for £9 million" story sure has legs despite the fact that it doesn't pass the smell test)

Biometric identification working to catch foreign spies, criminals & terrorists (Examiner)

...and blog highlights from a busy week...

How UID Delivers the Goods

EU, Facebook, FaceRec & Consent

A Collection of Mobile Biometrics Posts inspired by the excellent Biometric Chat hosted by M2SYS (transcript here).

Thursday, April 12, 2012

Japanese biometric ATM reads your palm, tells fortune

The pun was just too good (engadget). The article is funny, too.

Biometrics and the Rise of Virtual Crime

Depending upon how much time you spend in a virtual world, this one could blow your mind a little bit..

He had massive purple dreadlocks, green lips and was dressed like Michael Jackson (Chem.Info)
Virtual crimes will become more common as we venture more and more into these worlds, says computer scientist Roman Yampolskiy. To prevent this, multinational defence firm Raytheon, based in Waltham, Massachusetts, has a patent pending on fusing a person's real biometrics with their 3D avatar, so you know for sure who you are speaking to in a digital world.

Yampolskiy and colleagues at the Cyber-Security Lab at the University of Louisville in Kentucky are going one step further: they are developing the field of artificial biometrics, or "artimetrics". Similar to human biometrics, artimetrics would serve to authenticate and identify non-biological agents such as avatars, physical robots or even chatbots (see "Spot the bad bot").

h/t @HodgeBarrry

Ghana: Man Jailed for Attempted Double Voter Registration

14 days for attempted double registration (Modern Ghana)
A 22-year-old resident of Agona Inkum in the Central Region has been sentenced to 14 days' imprisonment for attempting to register twice in the ongoing biometric voters registration exercise.

The convict, John Quaye, was also slapped with a fine of GH¢2,400 by the Agona Swedru Circuit Court or in default serve 12 months' imprisonment with hard labour.
2,400.00 GHS = 1,337.05 USD. That's a lot of cedis.

Jakarta to Regularize Internal Indonesian Migrants

A lot of government funding for services is tied to how many people are living in a particular geography. In Indonesia, it looks like you're supposed to ask permission/tell the government when you change your residence.

City to embrace newcomers as legal residents (The Jakarta Post)
As part of the data collection process, residents were to visit their local subdistrict offices to provide basic information and have their biometric data recorded. The information would then be sent to the ministry database to be validated.

The e-ID program was scheduled for all 267 subdistrict offices in Jakarta and 197 regencies and municipalities across the country, in the middle of last year.

The central government has targeted to establish a single identity number for every citizen and distribute e-ID cards to more than 105 million citizens by the end of 2012.

The electronic card will have a chip that contains information on marital status, blood type, parent names, employment, disabilities, birth and divorce certificate, and date of birth among others.

Malaysia 6P Exercise Finds Two-Thirds of Foreign Workers Are Illegal

Two-thirds of foreign workers in Malaysia are illegal (Asia One)
After being extended twice from the original October 10 deadline, enforcement bodies are ready to weed illegals out of their hiding places and those working in unapproved sectors, freelancing as contractors and plumbers, the two jobs that are not a part of the country's foreign workers' policy.

One of the 6P features that may just do the trick to prevent the influx of immigrants would be the biometric system.

By now, thumbprints of legal workers would have been stored in a database, preventing them from leaving one sector to join another, or deserting an employer in search of a better paying job.

Human Resources Minister Datuk Seri Dr S. Subramaniam, however, said: "We are still very dependent on them (foreign workers)."

He said businesses continued to clamour for foreign labour.

A Collection of Mobile Biometrics Posts

Today's #BiometricChat on Mobile Biometrics was a good one.
Here is a selection of posts that touch on the subjects we discussed earlier today:

HTC Face-Unlock Patent: How Broad is It?

Phone 'Line Noise' As ID Management Technique

Fujitsu Ultra High Spec Smartphone Prototype Has a Fingerprint Reader

Analysis predicts growth of biometric security products and services on mobile devices

Motorola Atrix 2 Has No Fingerprint Reader

Mobile Handset Review: Motorola Atrix 4G (The One with a Fingerprint Reader)

Biometrics, Mobile Computing & Encryption

More Efficient ID Management Could Save Indian Telecoms Millions

Aadhaar authentication can help Indian telecom operators save over Rs 1000 crore per year (Telecom Lead)
Mobile operators in the country can save over Rs 1,000 crore every year provided they use Aadhaar authentication to verify identity and address of their subscribers, according to a study by the Unique Identification of Authority of India (UIDAI).

Spending on mobile subscriber verification has been a major issue in India. On average, telecom operators add 10 to 12 million subscribers every month. In 2010, telecom operators said verification norms increased the cost for operators to register new subscribers.
10,000,000,000.00 INR = 193,906,940.43 USD

Aadhaar for instant cellphone activation (Hindustan Times)

This is where the savings come in. There's a fine for businesses that don't follow the ID verification rules before issuing a mobile phone. But, it seems that even the large size of the fine isn't enough to dissuade the mobile companies from issuing phones even if they have to cut a few ID corners in the process. That points to the fact that a large section of their market can't prove their identity with enough certainty to satisfy current regulations.
The telecom companies don't activate a new mobile connection without verification of the proof of residence and proof of identity documents because of security reasons. It may lead to people not having a proof of residence being denied mobile phone connections.

"The objectives of inclusion and security can be mutually exclusive at times," said a Unique Identification Authority of India (UIDAI) paper on Leveraging Aadhaar in Telecom sector.

It has resulted in improper use of documents to get mobile connections. The Department of Telecom reported that in 2010-11, a penalty of Rs. 700 crore was imposed on telecom operators related to subscriber verification.

Wednesday, April 11, 2012

Retail Tech: Intuit Buys AisleBuyer, Self-Checkout App, for Reported $100M

Still not biometrics related...

Intuit Buys AisleBuyer, Self-Checkout App, for Reported $100M (
“AisleBuyer allows you to collect the types of detailed shopper data previously only available to online retailers, so you can deliver targeted product recommendations and offers to smartphone users who are inside your stores or on the go,” its website explains. “The result is an improved experience for your shoppers, while you benefit from higher conversion rates and increased average cart size.”
h/t @EyeLock_1

...which updates this post:

Retail Marketing Technology Online and In Person, reproduced in its entirety below.

Not really biometrics related, but...

Software mines security footage to help business owners see what people do once they're inside the store (Technology Review)

"The huge success of online shopping and advertising—led by giants like Amazon and Google—is in no small part thanks to software that logs when you visit Web pages and what you click on. Startup Prism Skylabs offers brick-and-mortar businesses the equivalent—counting, logging, and tracking people in a store, coffee shop, or gym with software that works with video from security cameras."
Online retailers are able to free-ride on investments made by their brick-and-mortar competitors (see showrooming). They also have more powerful tools available to them for the purposes of analyzing detailed reports of user activity on retail websites. Why, the page I linked to for this story has fifteen programs that track your interaction with the linked page and isn't even selling anything directly. The image to the left shows the list as compiled by the Ghostery add-on for Firefox.

If brick-and mortar retailers can't learn as much about customers in physical stores as web retailers know about user experiences, they must compensate in other ways or they're going to continue to struggle.

See also:
Target fights Amazon showrooming with plea for special product lines (

Does £9m Really Buy 60 Immigration Agents?

UPDATE: The same study is referenced here and here and elsewhere, I'm sure. I haven't seen anyone else dispute what seems to be an obvious example of what Tom Sawyer would have called "a stretcher."

£9m cost of eye scanning 'would have been better spent on immigration staff' (Guardian)
The report also criticises the price of the programme: "[IRIS'] sole value appears to have been that it provided data for the e-gates. This money could have been better spent on border staff - at least 60 immigration officers could have been employed with the money spent on IRIS."

Image: BBC

Sixty immigration officers for six years for £9m? That sounds like a pretty good deal. But is it true?

First, the costs: If we take the article at face value, £9m divided by 60 immigration officers since 2006 = £25,000 per officer per year. Is this realistic?

The Home Office isn't currently hiring Immigration Officers but if it was their starting salary details are available at their site: UK Border Agency: Current Vacancies. Since 1 July 2009, new immigration officers earn an annual salary of £21,947 in London and £21,505 nationally.

According to Indicator, a rule of thumb for the true, fully-loaded cost of an employee is at least 150% of their salary, and Indicator seems to be referring to the private sector where wages tend to represent a greater proportion of total compensation than in the public sector. The additional cost comes from pensions, training, employers' NI, medical insurance, etc.

Let's also assume a 2% per year pay increase (not too generous, really, but I do recall seeing that number somewhere). Taking the lower end of the fully-loaded cost estimate and the lower of the two Border Agency salaries for Immigration Officers we get a cost of £203,484.21 for the first six years of an Immigration Officer's career.

Not too bad, so far. Though at £203,484.21 per officer for six years and a budget of  £9m, the Guardian's 60 immigration officers have shrunk to 44.23 immigration officers.

Second, The benefits: Or, What do you mean by Immigration Officer?

When someone says 60 Immigration Officers for £9m, it's natural to imagine 60 shiny new immigration stations at Gatwick and Heathrow staffed and ready to go. Is this realistic?

This document describes working hours and benefits. When you add it all up and split the difference on the 5 extra days of seniority-based annual leave, an Immigration Officer can only work 18.5% of the hours in a year (1,618 work hours vs. 8,766 hours in a year). They're only human, of course (and, of course, this is half the point of this post). But from a security and productivity standpoint, the occupied desks are the true unit of work, not the number of souls who earn their living at the Home Office.

With these numbers, staffing one Immigration Officer post, 'round the clock for one year requires 5.41 immigration officers. Staffing that single desk for six years will cost £1,101,908.91. The £9m cost of eye scanning over six years could have been spent on staffing 8.11 immigration officer posts 'round the clock for six years. 60 officers morph into 44 officers staffing 8 desks.

Staffing 8 desks for six years may have been preferable to using the IRIS system for the same amount of time but the information required to make that judgement isn't publicly available. Whatever the case, the choice was never between sixty immigration officers or iris biometrics.

The measure relevant to labor is productivity. The measure relevant to biometric systems is return on investment. Sometimes, especially in organizations such as the Home Office that don't measure success in terms of revenues and profits, the return on investment in biometric systems is revealed in the productivity of the organization's employees.

Given that the airports in question have opted to replace the IRIS system with eGates using facial recognition, it seems at least plausible that the IRIS system proved the worthiness of biometric systems and was simply displaced by a superior technology.

After all, the headline doesn't read: "IRIS System Turned Off, 60 Immigration Officers Hired."

UAE, Biometrics, No-Fly Lists & Mistaken Identity

Mistaken identity issues raised (Gulf News)
Al Katbi asked why a passenger who is not on the no-fly list but has a name that matches or is similar to a name on the list has his civil liberties attacked, while our ID cards contain many biometric and personal details.

He suggested that the ID card details be used to prevent the occurrence of “false positive” identification of passengers, where they are not allowed to board a flight or travel overland unless they can prove that they are not the actual person on the travel ban list.
The questions asked by representative Al Katbi make sense. The UAE has a very advanced ID system that makes extensive use of biometrics. Hooking up the Emirates ID database to the airport system doesn't happen automatically, but it should be doable.

International interoperability from a national ID to international travel wouldn't necessarily be within the total control of the UAE, though. Still, the representative's questions seem to be aimed domestically rather than internationally.

Biometrics in Pop Culture: Biometric Data by The Irradiates

Biometric Data
by The Irradiates
From the album: Audio Mental Manipulation Device

The Irradiates: Biometric Data Video hosted at

The Irradiates are a Rock/Surf outfit from Besançon, France.

There is a brief intro from the set of the 'Subrock' television show. The music starts 23 seconds into the video.

Tuesday, April 10, 2012

EU, Facebook, FaceRec & Consent

Facebook's facial recog bots can't eat your face without your say-so
(The Register)
They can taste it, though...
Social networking sites need to obtain users' "informed consent" before suggesting to other users that those individuals feature in photos that they are uploading to the site, an EU privacy watchdog has said.

The Article 29 Working Party said, though, that the networks can process the images legitimately without the consent of those featured in the photos under EU data protection laws in order to assess whether that consent has been given. However, it said that sites processing images in order to verify consent must delete that information "immediately after" that processing is complete.
The above article makes an interesting technical point and hints at an interesting point about privacy.

In order to biometrically determine whether or not someone is in a particular database — such as the database of people who have given consent to be "tagged" — a biometric search must be undertaken. The Art.29 Data Protection Working Party has acknowledged the difference between the search and enrollment functions and probe vs. database images. This is good because, as implied in the article, to fail to make these distinctions would make it impractical to find out if someone had consented to something in the first place without making them express their consent all over again.

There's also an interesting privacy point — Facebook's knowledge about non-facebook users (such as your humble scribe). The sly "spam your friends" button that sends an email to everyone in a new user's email contact list is one way Facebook collects personal information (email addresses) of non-facebook users and begins to turn that data into information when the same email address turns up in multiple Facebook users' contact lists.

The photo tagging feature also allows/encourages Facebook users to add information about non-users to Facebook's database. The Art.29 Data Protection Working Party has recommended a technical solution to the photo-tagging feature's ability to collect information on non-consenting individuals for Facebook's use, which is great. But a 100% solution is as much social as technological.

There's an etiquette to these things. Facebook makes it very, very easy for users to tell Facebook about people who don't use Facebook, but it seems impossible that Facebook could police its users in such a way as to prevent them from violating the privacy of other people. Facebook collects information on non-users, and Facebook can be used to communicate information about non-users without consent. These are two separate issues.

In a final twist, Facebook's very existence may depend upon its users' discretion and restraint in choosing what to post and tag, and Facebook's agility in handling the information. A user may love the facial recognition tagging feature but hate to be outed as the Key West Spring Break wet T-shirt contest winner.

Ghana: 6.5 Million Biometric Voter Registrations in Sixteen Days

Ghana's electoral exercise is all over the news today. December's election figures to be very close and things are starting to heat up. Politics and emotion surround the biometric registration effort and not all the news is good.

The following article is a straightforward report of voter registration progress by region.

Biometric Registration: 6.5million Register (Ghana Web)
Sixteen days into the 40-day biometric voters registration exercise, the Electoral Commission (EC) has registered 6.5 million voters.

According to a source at the EC, the number of applicants registered so far was 35 per cent ahead of target, since the EC had only expected to register about 4.8 million voters during the period
Other news on the non-biometric aspects of the voter registration process may be found here.

Monday, April 9, 2012

Physical Access Control - Biometrics in the Military

DoD to use iris scans, fingerprints for building security (Federal News Radio)
The Defense Department is preparing two large scale tests to prove whether biometrics can control who enters military facilities without impeding the flow of traffic.

For more than a decade, DoD has used fingerprints, iris scans and facial recognition technology to detect terrorists in Afghanistan, Iraq and in other countries. But as an approach to physical access, the military has only in a limited way put their Common Access Cards (CACs) with biometric data on them to full use.
A good survey of modalities and applications, many of which are already in use by state and local public sector facilities and in the private sector.

See Also: Maxwell-Gunter Air Force base rolls out new identification system

How UID Delivers the Goods

The article is short and you really have to read behind the lines to suss out what's going on.

Pilot proves Aadhaar can end misuse of subsidy (The Hindu)
Under the project, subsidy on kerosene, supplied under the public distribution system, is transferred to the bank accounts of the beneficiaries. The pilot, launched in December last year, in Kotkasim tehsil, Alwar district, has shown a significant change in the consumption pattern, says the district administration website.
System One assumes that since people need kerosene, it would be nice if poor people paid less for the fuel. So, special stores are set up where poor people can pay (let's say) half the market price for kerosene.

System Two assumes that since people need kerosene, it would be nice if poor people could afford fuel so a direct subsidy is calculated such that a poor person could, if they devoted their subsidy to the purchase of kerosene, effectively pay half price for a certain quantity of the fuel.

These two systems sound so similar yet have produced radically different results.

A poor person under system one, would be smart to purchase as much kerosene as possible at half price, and sell whatever they could do without on the open market. A person who manages the half-price distribution point might find it possible to sell the entire stock into the open market and tell the poor to go pound.

In system two. The person only buys the fuel they will actually consume, has an incentive to conserve, and can shift consumption to other things they value more highly — food or a mobile phone perhaps.

That's fine in theory, right? How about practice?

The numbers in the article are staggering.

If they're meant to show month-over-month consumption decreases of 79%, 73% & 82% (i.e. compounding), it means a total reduction of kerosene consumption to 1% of earlier levels. Even if the decreases aren't supposed to be compounded it seems to indicate that only a fraction of the fuel that was put into the system was actually used by poor people.

The use of biometrics made this possible. Without a dependable, legally-enforceable ID, many of the recipients could not have obtained the bank accounts that receive the direct-subsidy deposits. The ROI on UID is going to be amazing and it's no wonder some people are against it. The guy who used to run the discount kerosene store can't be very happy.

h/t @m2sys

The Problem With the Security Question Prompt

Part of the problem is that, on one hand, many of the questions and answers can be found in databases somewhere (mother's maiden name, high school, etc.). On the other hand, questions whose answers won't appear in any database often have little relevance or permanence for the user (What/who is your favorite ___?).

Riddle me this: What’s a good online security question? (Chicago Tribune)
The woman on the other end of the line was matter-of-fact. "Who is your favorite actor?" she asked.

I froze. Tom Hanks came immediately to mind — versatile, accomplished, serious — but is he my favorite? In truth, all other things being equal, I'd rather see Alec Baldwin on the screen than Tom Hanks, though given that he's mostly a sitcom star these days he might not qualify as the capital-A actor the woman was looking for.

George Clooney? A safe pick, given his two recent Oscar nominations for best actor. But a dishonest pick.

"It varies," I said after a pause. "I can't answer that."

"What about your favorite singer?"

What am I, a teenager? Who has one favorite singer? "No."

"Restaurant you'd most like to visit?" entertaining look at a security challenge and a link to a resource for formulating effective security questions.

Addressing the UID Bottleneck

Aadhaar Can Be Sent by SMS (Hindustan Times)
Faced with complaints of long delays in getting the Aadhaar number, the Nandan Nilekani-led Unique Identification Authority of India (UIDAI) is speeding up the delivery process using the mobile phone.

UIDAI has successfully tested a new application which allows sending Aadhaar numbers through a short message service (sms). Complaints have been piling up over the delay in getting the Aadhaar number. JR Gupta of Conferderation of Senior Citizens Association of India said that people were not receiving Aadhaar numbers even eight months after enrollment.
The bottleneck of UID has not been enrollment — information flowing from the individual to the UIDAI. The UIDAI's main difficulty seems to have been closing the loop with individuals by communicating the UID number to the newly-registered individual.

Adding the capability to text the newly issued number to registrants is a significant improvement because many UID enrollees will have mobile phones, allowing the UIDAI to reduce its dependence on India Post even though it's highly unlikely that the UIDAI has the desire or ability to completely sever its dependence on India Post for delivering UID numbers to some people.

Diversifying UID's distribution function should improve service.

See also:
UID Catch-22
UID May Ditch India Post

Thursday, April 5, 2012

HTC Face-Unlock Patent: How Broad is It?

It appears that HTC has been granted a patent on face to unlock on a mobile device with a front-facing camera.

Discussed here at:

Gotta Be Mobile
Unwired View

Here's the patent at the US Patent & Trademark Office.

The mobile device patent wars may be getting a little bit out of hand. There's more than one way to skin a cat. HTC should be able to protect its precise method, but patenting the whole face-unlock application world would seem to fall into the "obviousness" trap. Whatever you do don't click the obviousness link — it's a trap!

Automated Passport Control for Thai Locals

Yesterday we discussed the Peak Load Problem as it applies to the UK Border Agency.

Not that this is a magic solution to the UK's challenges, here's how a Thailand airport is approaching a similar problem:

Thai flyers get fast track (Bangkok Post)
The Autochannel is expected to help ease the chronic problem of understaffing that recently caused an uproar as passengers stood for hours in queues to have their documents checked manually.

Now passengers do not need to fill out the immigration form, known as Tor Mor 6 and regarded as a nuisance by many passengers, which has been done away with in many other countries.

A passenger simply opens the photo page of a passport and gently presses it on the scanner at the first section of the two-stage gate. It takes four seconds for it to read the document, causing the transparent barriers to swing open.

The passenger then takes a few steps to a second station to have his or her finger printed by a green light biometric reader and photo taken by a built-in camera installed on the column.

Halving passport processing time and speeding up passenger flows are the prime benefits rendered by Autochannel, explained Pol Col Viboon Kittiisaengsuwan, who supervises departure immigration at Suvarnabhumi.

Wednesday, April 4, 2012

Aadhaar Phase-II

Enrolments for Aadhaar in Phase-II set to begin this month (India Press Information Bureau)
Enrolment for Aadhaar is expected to begin gradually across the country and UIDAI hopes to cover 40 crore residents in the coming 2 years with the active support and involvement of its eco-system partners. The Cabinet Committee on UIDAI had approved the continuation of Aadhaar enrolments by Unique Identification Authority of India (UIDAI) through multiple Registrars for an additional 40 crore residents in January, this year. On this occasion Chairman, UIDAI, Shri Nandan Nilekani encouraged and asked the eco-system partners to actively participate in the next phase of Aadhaar enrolment, in line with the refresh strategy.
40 crore = 400 million.

It certainly appears that efforts to strangle UID in its cradle have failed.

Australia: Biometric security at borders to catch visa fraud

Using hi-tech biometrics to weed out "fraudulent" visa applications from 29,700 people seeking refugee status (Daily Telegraph)
"Using biometric technology, through the collection of facial images and finger scans, we can permanently link people to an unique identity," he told The Sunday Telegraph. "We can then check this information each time we deal with them, combating identity fraud and exposing criminal histories."

Indian University Passes on Biometrics for Proxy Test Takers... for now

Cusat shelves biometric identification for CAT (The Hindu)
University sources associated with the development told The Hindu that the finance sub-committee of the Syndicate had turned down the proposal for want of funds and shortage of time in implementing the process. The expected cost for implementing the biometric student identification project was about Rs. 18 lakh.
Sometimes, the better part of valor is discretion. The part of the quote that caught my eye wasn't the cost (1,800,000.00 INR = 35,206.72 USD), but "time in implementing the process," which, if overlooked, can really cause problems.

As a smart man once said, "Automating a bad process just gets bad results more quickly."

Ghana Electoral Commission Targets 13m Voters to Register

Short and Sweet Update on Ghana's Voter Registration Effort (Ghana Web)
The Electoral Commission of Ghana is hoping to capture about 12.5 million or a maximum of 13 million Ghanaians in the new voters’ register by the time the ongoing biometric voter registration exercise ends.

At the close of the first phase of the exercise, over 2.5 million Ghanaians have so far registered ahead of the December elections, reports The Finder newspaper.

Observing Ghana Go Biometric From a Distance

Being able to vote for one’s leaders is a privilege that cannot be taken lightly or for granted (Ghana Decides)
My initial excitement over the introduction of biometric registration turned bittersweet quite quickly. This is simply because I will not be in Ghana for most of 2012...
Read the whole thing.

The Ghana Decides site launched March 25.

UK: Airlines Warn Government of Potential Gridlock this Weekend

The two pieces below show the issue of UK border security from the perspectives of both commercial organizations and government. It seems that the UK border apparatus is succumbing to the Peak Load Problem. Systems have to be built to function adequately during periods of maximum stress even though those periods might only occur briefly and occasionally. The other end of the problem is that the capacity to handle peak demand is idle during ordinary operations appearing wasteful from a certain point of view.

For systems like the Border Force that rely on highly skilled labor, the Peak Load Problem is particularly acute. There are only three solutions: (A) The system must employ some number of people it won't need very often; (B) It must become less efficient/reduce quality at peak operating times; or (C) it must refuse to satisfy some portion of demand for its service. For the Border Force, in particular this means border officials standing around during normal operation, relaxed standards during busy times, or long lines, missed flights and mishandled baggage — or some combination of the three.

Well, that's the theory, anyway. The two pieces below show how these issues shake out in practice.

In the past the Border Agency opted for Plan B. That didn't turn out well. Now, the airlines are warning about gridlock (too much from Column C). Column A is hard to change quickly.

Easter travel 'gridlock' warning given by airlines (BBC)
The British Air Transport Association has written to Theresa May with 11 airlines' concerns over possible delays at peak travel times such as Easter.

They say there are too few border staff for full security checks.

The Border Force said it would "aim to keep disruption to a minimum by using our staff flexibly to meet demand".

British Airways and Virgin Airlines are amongst those expressing their concerns over potential delays to hundreds of thousands of passengers.

More than 370,000 passengers will fly from Heathrow airport between Good Friday and Easter Monday, and 200,000 will travel through Gatwick.
Immigration minister Damian Green: Transforming our border (Public Service)
I want to cover three things today. First, I want to set out the scale of the challenge we face in transforming the border. Second, I want to deal with the problems there have been – most notably those uncovered by the independent chief inspector of the UK Border Agency, John Vine, which highlighted the failings of the previous Border Force. It is only by understanding those problems can we fix them. Third, I want to set out the radical changes this government is making to improve border security. The creation of a separate Border Force accountable to ministers; the establishment of the UK's first Border Policing Command (within the UK's first National Crime Agency); and real focus on progress on technology to prevent threats getting to the UK border in the first place.

But first we should be clear on the nature of the challenge. Securing our border is a vital task, but it is not an easy or straightforward one.
At least they agree on the problem. The second piece is longer but it's a good summary of the past, present and future from the government's perspective.

Tuesday, April 3, 2012

Introducing: Interesting Posts Nobody Read

A couple of times, at the end of a good traffic month I've posted lists of posts that had generated a lot of interest.

See September 2011 and February 2012. Some posts get all the clicks.

This got me thinking; why should popular posts get all the clicks? There are gems — real handsome and thoughtful posts — out there that don't get the clicks they so (obviously) deserve.

Well, it's one thing to complain. It's something else altogether to do something about it.

Without further ado, I give you...

Interesting Posts Nobody Read...
Is fragmentation here to stay?
State of the Art: What Face-Rec Can and Can't Do
Elvis Presley's Biometric Passport?

Here are a few that were perhaps missed because no one yet knew this blog existed at all. These are all short-form posts from early 2010 but the links are all still active and the issues are all still current.

Alas, there are others but it is my profound hope that this does not become too regular a series.