Friday, August 31, 2012

Kenya Biometric Election Registration Update

The Kenya biometric voter initiative is still lurching along...

The big update is that there will be an update.

Kenya: State to Give Voter Kit Update, Says Eugene (The Star - Nairobi via All Africa)
Justice minister Eugene Wamalwa said the update will be made after a stakeholders' meeting to be held before the end of this week.

He said the tender was expected to be complete "soon as possible" to enable the Independent Electoral and Boundaries Commission start voter registration in readiness for the next year's general election. This statement is expected before Friday.
...
"I can comment about which company will be given the award since its the Canadian who will determine the winner of the tender," said Wamalwa. Canadian firm, Code Inc, which was involved in the pilot BVR project of 18 constituencies in Kenya before the 2010 referendum is also among those said to be considered for the tender.
I think he means he "can't comment." It's the only way the rest of the sentence makes sense.



See also: Strange Things Afoot in Kenya Biometric Voter Registration Procurement, which ends with this summary chronology...

1. IEBC solicits proposals

2. IEBC narrows list to four providers

3. For whatever reason, IEBC can't choose among them.

4. IEBC cancels the project foreclosing any recourse to the bidders who followed the IEBC's instructions.

5. Hilary Clinton offers Kenya free biometric registration kits.

6. IEBC rejects the offer citing (unstated) political implications that would have arisen from such a donation, and a lack of time to complete the process.

7. IEBC makes a request of the Cabinet to acquire biometric registration kits through a government to government arrangement (Ghana, perhaps. UPDATE: It turns out to be Canada).

8. Laws will be changed to ensure that there's enough time.

9. Vendors scratch heads.

10. Still, nobody is sure where the kits will come from.

Since then, Kenya has received a KES 5.4B interest free loan from Canadian government.

4,600,000,000.00 KES
=
54,534,677.93 USD
1 KES = 0.0118554 USD
1 USD = 84.3500 KES

The government of Kenya has outsourced all decision making about the procurement to the Canadians, the political implications in point 6 above apparently mitigated.

Biometrics and the Future of Payments

One of these two articles talks about payments to the individual from a source of income, the other talks about payments from an individual to a retail establishment — in this case a convenience store. The organizations on both sides of the individual envision adopting biometric identity management techniques as a growing part of payment authentication.

MasterCard notes growing trend in Govt Adoption of Electronic Payments (IndiaInfoline)
“By supporting governments around the world with electronic payment programs we are helping save money and improve efficiencies, but more importantly, together we are opening up a world of inclusion for those who have previously not had access to traditional financial services,” said Tim Murphy, Chief Products Officer of MasterCard Worldwide.

SASSA recipients are now able to use debit cards, issued by Net1 and Grindrod Bank, to pay for goods and to check their account balances free of charge. A key feature of the card is biometric functionality used to identify grant recipients using unique identifiers such as fingerprints, facial and voice recognition to prevent stolen card usage. The new system is already dramatically reducing SASSA’s operating costs and is expected to save the government more than ZAR3 billion (USD 360 million) over the next five years.
Next-Generation Tech Gains Traction (Convenience Store News)
Payment Systems & Automation
In-store payment systems for the majority of c-store chains include credit and debit (96 percent), prepaid/stored value card (48.4 percent) and electronic benefits transfer (42.2 percent). Less popular are electronic check verification, used by 32.8 percent of chains and continuing to decrease in popularity every year, and radio frequency identification (RFID) or contactless cards, adopted by 17.2 percent. Also, only 3.1 percent report using self-checkout and just 1.6 percent say they have biometric payment technology.

However, when asked what technology c-store retailers plan to implement in the next one to three years, RFID/contactless tops the list, with 12.5 percent contemplating the technology, followed by self-checkout (10.9 percent) and biometric payment (10.9 percent).
I highly recommend the Convenience Store News article. It's full of charts and tables and it really gives the reader an appreciation for the complexity and efficiency required in that market. In order to be convenient, the stores have to be small all other decisions flow from there.

Thursday, August 30, 2012

Hype Cycle in the Financial Times

Emerging tech: what is hot in IT (Financial Times - registration required)
In this edited Q&A with Jackie Fenn, author of the recent Gartner Hype Cycle on Emerging Technologies, Author, Paul Taylor asked what business leaders should be aware of and what it means for their organisations.


2012 Gartner Hype Cycle. Source: Gartner. Red accents, mine.
Check it out.

Brazil: Bank of the Future Includes Biometrics

Bradesco opens the bank of the future (Finextra)
Banco Bradesco has opened a futuristic hi-tech branch in São Paulo Brazil featuring robot guides, personalised financial advisory services from digital avatars and on-screen consultants, biometric interfaces, and wall- and table-mounted gesture-controlled touchscreens.
Well, Brazil is the country of the future.

Wednesday, August 29, 2012

UID likely to be accepted by passport office...

India: The Ministry of External Affairs is soon likely to accept Aadhaar card as identity and address proof from applicants seeking passports. This will be in addition to the other documents for issuing a passport.

More innovation to come

Canadian banks ramping up mobile initiatives (Yahoo Finance Canada) Biometrics, too.

One million Indonesians receive e-ID cards

Indonesia - Officials have handed out about 1 million of 4.6 million e-ID cards that are ready for distribution, Jakarta Civil Registration Agency chief Purba Hutapea said on Tuesday. (Asia One)

US Security Industry Analyst Report

Security Products to 2016: US demand to rise 7.3% annually through 2016 (Press Release - SBWire)
This study analyzes the US security products industry. It presents historical demand data for the years 2001, 2006 and 2011, and forecasts for 2016 and 2021 by product (e.g., access controls, alarms, closed-circuit television, contraband detection, electronic article surveillance, automotive) and market (e.g., government and institutional, trade and distribution, industrial, air transport, financial institutions). The study also considers market environment factors, details industry structure, evaluates company market share and profiles industry players.

Hop on the Bus, Gus. Drop off the Key, Lee.

Biometric Technology Gets on the School Bus (Press Release via Benzinga) When children board or exit the bus the BlinkSpot iris scanning technology recognizes the child and sends real time reports to the school along with an individual email to each parent verifying the time and location of their child.

The effort combines Verizon, Eye-D, and 3M Cogent capabilities.

I'm curious to see how this works out. An application that provides real-time information on children's interactions with the school bus system is, obviously, highly desirable.

Will the technology fit the deployment? How well will it work? How passive is the use model (i.e. must the children actively engage the system?). How much training will drivers and children require? How long does each transaction take? Will that cause traffic jams? What are the costs in money and time?

These are the questions that would-be customers and system developers need to ask, answer, and agree upon.

Thinking this one through, my hunch is that from a pure utility point of view, this is a finger app. But in the real world other considerations may apply. If some tech companies want to test their technology, their ability to work together, product design and feasibility, and they find a willing and supportive test environment — in this case a school and community — then that's what will happen. Lessons will be learned and the state of the art will have been advanced.

Perfect; Good; Tech.; People; etc. It's a fun landscape in which to participate.

Tuesday, August 28, 2012

Biometrics in Government Sector Employment: Making it Stick

Step One:

Jharkhand, India: No salary after October for govt employees without Aadhaar card (Times of India)

And eventually it has to come to this...

Step Two:

Ghana: Education sector workers fume over the non-payment of salaries (Modern Ghana) 


Managing through this process can be challenging. Planning and communication are essential.

National Strategy for Trusted Identities in Cyberspace (NSTIC) Background and Progress Report

ID management: A matter of trust (Federal Computer Week)
In April 2011, the Obama administration launched a plan called the National Strategy for Trusted Identities in Cyberspace (NSTIC) to encourage the private sector to develop, with federal support and input, online ID and authentication systems that people could use and government agencies, other organizations and commercial players could accept without each needing to create their own vetting systems.
...
At this point, NSTIC supporters are making headway, though perhaps not in a headline-grabbing way. Earlier this month, the Identity Ecosystem Steering Group, a federally supported committee led by the private sector that will guide creation of NSTIC-style systems, met for the first time in Chicago to hash out plans for addressing privacy, standards, usability, contracts and other key components.
National Strategy for Trusted Identities in Cyberspace (NSTIC) is being run by National Institute of Standards and Technology (NIST) to encourage the development and adoption of standards for ID management. The recent Apple-Amazon hack points to why this is important.

In an environment where everyone has to create their own ID management system, it is inevitable that organizations will create exploitable gaps in the way they emphasize the importance of information. In this case, Amazon (like many other companies, just check your restaurant receipt) treated the last four numbers of a credit card as non-secure information, while Apple used the same information for logical access control.

Initiatives like NSTIC hope to facilitate companies and government agencies to work through ways to make this kind of thing less likely.

Monday, August 27, 2012

Iris Company Gets Huge Cash Infusion

AOptix Closes $42 Million Series E Funding (Press Release) 
AOptix announced that it has closed a $42 million Series E round of funding. This brings the total investment in the company to date to $123 million. All of the company's existing investors -- Clearstone Venture Partners, DAG Ventures, Kleiner Perkins Caufield & Byers, Northgate Capital and W Capital Partners -- participated in the round and were joined by a new investor, True Ventures. The proceeds will be used to support product development, sales and marketing as the company prepares to launch groundbreaking new products.

Strange and Unintended Brain-Computer Interface Applications

You shouldn't believe everything you read in a headline. I've supplied one above that is far more accurate but far less alarming than the one provided by the original story below.

Scientists Successfully ‘Hack’ Brain To Obtain Private Data (CBS - Seattle, WA)
The scientists took an off-the-shelf Emotiv brain-computer interface, a device that costs around $299, which allows users to interact with their computers by thought.

The scientists then sat their subjects in front of a computer screen and showed them images of banks, people, and PIN numbers. They then tracked the readings coming off of the brain, specifically the P300 signal.

The P300 signal is typically given off when a person recognizes something meaningful, such as someone or something they interact with on a regular basis.

Scientists that conducted the experiment found they could reduce the randomness of the images by 15 to 40 percent, giving them a better chance of guessing the correct answer.
The case the author wants to make is way overstated, which it too bad because the topic is very interesting without over hyping it.

The controversial part of what the story describes (quoted above) is sort of a half-way house between the hack vs con discussion. I guess in the distant future, people will have to be more wary of street-corner magicians and psychologists but the PIN probably isn't going anywhere any time soon.

This may be for a future post but I suspect that due to biometrics the PIN will become more common as complex passwords become more rare, even in the presence of brain-computer-interface wielding mountebanks.

[CORRECTION] India: NGO [not NIAI] Sends UIDAI a Nasty-gram

Notice to UIDAI for issuing cards without due procedure (Deccan Herald)
The Unique Identification Authority of India (UIDAI) has been issued a legal notice for issuing Aadhaar cards even before the National Identification Authority of India (NIAI) Bill has even been tabled in Parliament.
CORRECTION:


Thanks to alert reader Sastry Tumuluri for making me aware of my mistake. The letter was indeed sent by Matthew Thomas of the Citizens Action Forum. I couldn't find a web site for the Citizens Action Forum. All I could find was this blog, last updated in 2005.

If I find their site, I'll post it a link here.

Pro Tip to Journalists: Keep Your Eye on Iris v. Retina

What is it about journalists and the human retina? I'd estimate that at least 95% of the time a journalist uses the term "retina" in association with biometric identity management modalities, they actually mean "iris". Does anybody know why this is?

After decades, ATMs still play key role in banking (Eagle Tribune - North Andover, MA)
He said tests are being conducted in Brazil on using biometric identification — scanning retinas or fingerprints — for ATMs. In Europe, he said, there are ATMs where customers can apply and be approved for a loan during their ATM sessions. “So the technology is there to do that,” Kerstein said.
You will never see a retina scanner in an ATM. As far as ATM deployments go retina is too expensive, and it takes too much time for people to get used to using it properly. Then there's the fact that if vascular biometrics are the answer, the hand/finger is cheaper and easier and if eye biometrics are the answer, iris is cheaper and easier. For ATM's the vascular/eye combo is overkill.

Iris (left) vs. Retina (right)
The iris (left), which gives people "eye color," controls how much light enters the eyeball. The retina (right) is the structure laying along the inside, back surface of the eyeball that translates light into nervous impulses for the optic nerve to send to the brain.

In a camera analogy, the iris would be, well, the iris, since cameras have them, too. The retina would be the film, or in an even better digital analogy, the charge-coupled device (CCD) that translates light into ones and zeros for computer chips.

Both iris and retina are used as biometric modalities in identity management applications.

Iris biometrics match the iris's unique surface features (similar to fingerprints). Retina biometrics use eye's vascular network for matching.

Retinas have been in use as a biometric identifiers for far longer than iris (1984 vs 1995), but using the iris is far more common today. This is because using the iris makes for cheaper and easier identifications.

For more on the subject, I recommend this (If you're a journalist, I can't recommend it enough!). It was written in 2006. Both technologies will have improved since then, but iris technologies have improved faster.

Friday, August 24, 2012

Friday Quick Hits

Rsignia, Inc. Announces Partnership with West Virginia University Research Corporation (News Blaze)
Rsignia signed the agreement with WVURC as framework to undertake task orders with WVURC as it relates to big data visualization and incorporating biometric components into cyber security solutions.


Q&A: Why this guy implanted RFID tags in his hands, and what he does with them (Geekwire) - He's not too high on biometrics, though.
RFID is Radio Frequency Identification, and its primary purpose is ID or identification. A lot of people think it’s for locating and it just doesn’t work that way. Basically when you boil it down, ID means access control. Every project that I ever wanted to implement or did implement is access control based.


Punching brings punctuality back (Deccan Chronicle) - Short article on Time-and-Attendance for Kochi, Kerala, India government employees.



FBI To Give Facial Recognition Software to Law-Enforcement Agencies - link-laden article at Slate.

Biometrics Uncover 825,000 ID Inconsistencies in DHS Database

Fingerprint Records Reveal 825,000 Immigrants With Multiple Names (Mashable)
Many of the situations involved women who legally altered their names. “We found that nearly 400,000 records for women have different last names for the same first name, date of birth and [fingerprint identification number],” he wrote. “These instances are likely women who changed their names after a marriage.”

During the study, auditors examined records covering 1998 through 2011.

Most of the time, US-VISIT personnel try to resolve cases in which people who appear to be one and the same have different information listed in records, the auditors found. The researchers are not specifically targeting scams, Deffer explained. Accidental typos, the fact that various immigration-related agencies use incompatible data formats and other keying mistakes are factors they look for when probing mismatches. During the course of typical procedures, US-VISIT has picked up on only two instances of fraud, agency officials reported to the IG.

The enormity of the conflicting data, however, may obscure actual fraud. “These inconsistencies can make it difficult to distinguish between data entry errors and individuals potentially committing identity fraud,” he wrote.
As they grow and age databases can get really junked-up. Biometrics, in this case fingerprint biometrics, can be extremely helpful in maintaining their integrity. The database involved here is the on maintained by the US Department of Homeland Security US-VISIT program. It contains (wait for it) information, including a fingerprint, on all visitors to the US. The fingerprint has been the linchpin of the audit that discovered 825,000 database errors because it is the only  piece of truly unique and durable, personal information stored.

Before automated fingerprint ID systems (AFIS), combinations of data were used to reduce ID error rates to some reasonable approximation of zero. While names, birth dates, and other descriptors aren't unique, multiplying them together works pretty well for a while. Working against this system are legal name changes and human typographical errors in data entry which have the database effect of creating a whole new person,  which runs counter to the reasons for keeping such a database in the first place.

See Biometric "Fix" Identity which takes on this issue from the angle of intentional fraud.

ARMM, Philippines: Lack of Legal Framework Undermines Biometric Voter Exercise

Doubts raised ARMM can purge voters’ list (Yahoo - Philippines)

In another case of how good management and good technology need to be in the same place at the same time in order to make a real difference, an apparent legal oversight means that the process of disqualifying fraudulent voter registrations in the Autonomous Region for Muslim Mindanao is to be so time consuming that it may be impossible to complete before the scheduled elections.

As far as I can tell, the laws governing the biometric voter registration in the ARMM don't make any provision for rejecting multiple registrations. There also isn't any mention of it being against the law to register multiple times. Given its electoral history it's difficult to assume that local authorities can have been surprised by any of this.

The situation in the Autonomous Region for Muslim Mindanao stands in stark contrast to Sierra Leone. See Woman Sentenced for Double Voter Registration.

How the Chips in US Passports Work

From the Gadgetwise blog at the New York Times...

Q. What data does an electronic United States passport contain in the smart chip? Is this information safe?

Click through for the answer.

Thursday, August 23, 2012

India: 400,000,000 more UID enrollments by March 2014

UIDAI to enroll additionl 40cr residents for Aadhaar by Mar'14 (Deccan Herald)
The Unique Identification Authority of India (UIDAI) will enroll an additional 40 crore residents for Aadhaar cards by March, 2014, Minister of State for Planning Ashwani Kumar said today.
That would triple the number of enrollments, bringing the total to 600,000,000.

Ghana accidentally saves $93,000 per month with biometric system

900 ex-students still draw allowances (Ghana Web)
About 900 students of the School of Hygiene in Tamale, who completed their studies seven years ago, are still withdrawing allowances as students from the government's payroll.

This is notwithstanding the fact that some of them have been employed.

Each student is said to be withdrawing GH¢200 a month and this has cost the nation GH¢15,120,004.

The deal was exposed during the biometric registration of employees on the payroll system, in Tamale.
900 x 200 = 180,000

                    180,000.00 GHS
=93,047.34 USD
Ghanaian CediUS Dollar
1 GHS = 0.516930 USD1 USD = 1.93450 GHS

Today on Twitter: August Biometric Chat Features BIO-key Intl & M2SYS Discussing Biometrics for Single Sign-on

August #biometricchat Features @BiokeyIntl to Discuss #Biometrics for SSO (M2SYS blog)

When: August 23, 2012 11:00 am EST, 8:00 am PST, 16:00 pm BST, 17:00 pm (CEST), 23:00 pm (SGT), 0:00 (JST)

Where: tweetchat.com (hashtag #biometricchat)

What: Tweet chat on biometrics for single sign-on (SSO) with @BIOkeyIntl

Topics: Biometrics as an alternative to passwords and PINs, the economic hardship of data breaches, the effectiveness of national data breach awareness campaigns, industries affected the most by weak SSO systems, non-traditional industries that can benefit from SSO, and more!

More info at the M2SYS blog here.

That's about two hours from now.

Wednesday, August 22, 2012

Biometrics and "Green on Blue" Violence in Afghanistan

Another 'green-on-blue' attack kills NATO troop; 10 dead in 2 weeks (Stars & Stripes)

Afghanistan ‘insider’ attacks pose threat to West’s exit strategy (Stars & Stripes)
How to guard against such attacks is the subject of considerable debate in military leadership circles, because overtly heavy-handed measures can send a signal to the Afghans that they are not trusted, which can be taken as an insult. And in traditional Afghan culture, perceived insult can swiftly lead to exactly the sort of violence the attacks represent.

Efforts on the Afghan side include embedding undercover intelligence officers in some battalions, and stricter scrutiny of recruits, including the collection of biometric data to compare against a database of known insurgents. Some observers, though, believe the safeguards built into the recruitment process, including the requirement that village elders vouch for those who want to join the army, are routinely bypassed in many provinces.
Biometrics can help with identity management but they are always just a part of an overall organizational plan.

This short passage touches on a few important issues: technology, managing people, managing a security regime once it's in place. All must work together in furtherance of organizational goals. If one leg of the stool goes, the whole structure is at risk. For some organizations that means embarrassing CEO speeches and annoyed customers. For others the results are utterly tragic.

Surveillance, transparency, accountability & technology

TrapWire: Anonymous gives handy tips on how to avoid surveillance




This video has a heavy dose of dead pan humor, which is actually quite endearing.

As far as biometrics countermeasures go, I, like Anonymous, am still a fan of CV Dazzle because there's something stylish and fun about what how they go about the challenge of defeating facial recognition.

The infra-red LED trick is really cool, too. Fans of the show White Collar will have seen that hack come into play in last week's episode. That's the first place I saw it.

All of this, while fun, socially interesting and even romantic, ignores the fact that the smartphone is the holy grail of surveillance technologies. Someone can wear a mask and a crazy hair do, head cocked 20 degrees to the side under a LED hat all they want. It won't do any good if internet companies and cell providers (whether knowingly or unwittingly) cough up everything they know about individuals. The other virtue of the mobile computing surveillance model is that it requires no taxes, maintenance, or budget. The watched pay their own freight. That makes this type of surveillance available to individuals and organizations that might not have a lot of money or labor.

The answer isn't regulating private use of technologies such as cell phones or biometrics. With technology, blanket moratoriums and bans are almost never the answer and even more rarely succeed. It may not be romantic or fashionable but the only answer is transparency and accountability.

Technology is all about people. It always will be.

Background on TrapWire

Tuesday, August 21, 2012

Technology and Management working together can help improve public payments system.

What I like about this article is the juxtaposition of the technological and managerial aspects of dealing with difficult problems.

Ghana loses millions in multiple salary payments (Modern Ghana)
In its response to the issue raised by the Auditor-General, the management of the CAGD said “the observation is noted and CAGD will investigate and take necessary action. In general, the ongoing biometric registration of active employees and pensioners will help address some of the payroll issues”.
...
The Auditor-General also called for an effective supervision of data entry officers to minimise the risk of payroll frauds and errors.
Biometrics give able managers a powerful new tool and an opportunity to realize significant returns on technology investment (ROI) but they can't manage anything by themselves.

Biometric identity management is about people.

UID & India Post: Delhi Edition

Lost in transit: UIDAI says cards dumped in bulk in city (Express India)
...UID cards issued to Delhi residents are being lost in transit by the postal service.

The Unique Identification Authority of India (UIDAI) has asked India Post to immediately plug the gaps in the distribution network, Kumar Alok, Deputy Director General for Administration, Logistics and Media, UIDAI, told Newsline.

He said the UIDAI has faced such problems across the country during the project’s first phase “but the issue was bigger in Delhi”.
This has been a problem for a while now.

See:
India: UID May Ditch India Post (March 5, 2012)

Following Sex Offender Scandal, New Zealand Looks to Biometrics for Teacher Vetting

Sex teacher report a 'serious wake up call' - Parata (TVNZ)
Education Minister Hekia Parata released the findings of a Ministerial Inquiry today which outlines 35 recommendations to close the "significant gap" in the employment process for hiring teachers.

The recommendations include a police check for anyone who moves from a provisional teaching license to full registration and teachers informing schools if they change their name.

The Government is also considering making teachers use biometric photo identification when they switch schools.

The inquiry was ordered earlier this year after it was revealed sex offender Te Rito Henry Miki, 40, managed to work in six schools over four years despite a supervision order that prevented him from coming into contact with children.
See also:
One in Six Sex Offenders Lives Digital Double Life

The post dealing with the above article and the issues it raises is:
ID Isn't Perfect. How Perfect Can (or Should) It Be?

Of course, Biometrics are not evil.

Mike Elgan's recent article, Are biometric ID tools evil?, is really, really dumb (I almost said evil). It's either that or bordering on libelous so, I'll give it the benefit of the doubt, even though the piece doesn't extend the same courtesy to those of us working on biometric identity management technologies.

But maybe he didn't mean it. The title, after all, is a question, right? We'll read on.

It doesn't take much longer for the author to remove all doubt, as he rapidly moves from the rhetorical title to the "How often do you beat your wife?" formulation of the question:
How evil is biometric ID?
Followed by...
So we find ourselves in a strange position in which some religious conservatives and some secular liberal privacy advocates both agree that biometric identification is evil.
...
On the other, you have a large number of people who consider biometrics an unparalleled evil, and they will refuse to participate.
...
Who's right and who's wrong? Is biometric technology the answer to our security problems? Or is it just plain evil? [all emphasis mine]
Evil? Really? Not "a bad idea", "misguided", or "dangerous" — evil? 

Last I checked evil means "profoundly immoral and malevolent" and because most people gave up imputing moral qualities to inanimate objects sometime around the Bronze Age, the whole piece is either a really bad joke lacking a punchline or a shot at people — the people at every level of biometric development, from academia to enterprise — working to apply a new technology to the human challenges of identity management.

And why the fixation on "evil"?

Maybe "creepy" seemed too Jan Brady (and way played-out) and moral hyperbole is the new new thing.

Maybe it's a reference to what is perhaps the least ambitious corporate motto of all time: "Don't be evil."

One thing, however, is certain: someone really needs a thesaurus.


inconceivable_means_02
You keep using that word.

Monday, August 20, 2012

Technology & the Future of Violence

Not really biometrics related... but that's pretty much the point. (Hoover.org)
You walk into your shower and find a spider. You are not an arachnologist. You do, however, know that one of the following options is possible:

The spider is real and harmless. The spider is real and venomous.

Your next-door neighbor, who dislikes your noisy dog, has turned her personal surveillance spider (purchased from “Drones ‘R Us” for $49.95) loose and is monitoring it on her iPhone from her seat at a sports bar downtown. The pictures of you, undressed, are now being relayed on several screens during the break of an NFL game, to the mirth of the entire neighborhood.

Your business competitor has sent his drone assassin spider, which he purchased from a bankrupt military contractor, to take you out. Upon spotting you with its sensors, and before you have any time to weigh your options, the spider shoots an infinitesimal needle into a vein in your left leg and takes a blood sample.

As you beat a retreat out of the shower, your blood sample is being run on your competitor’s smartphone for a DNA match. The match is made against a DNA sample of you that is already on file at EVER.com (Everything about Everybody), an international DNA database (with access available for $179.99).

Once the match is confirmed (a matter of seconds), the assassin spider outruns you with incredible speed into your bedroom, pausing only long enough to dart another needle, this time containing a lethal dose of a synthetically produced, undetectable poison, into your bloodstream. Your assassin, who is on a summer vacation in Provence, then withdraws his spider under the crack of your bedroom door and out of the house, and presses its self-destruct button. No trace of the spider or the poison it carried will ever be found by law enforcement authorities...

Fiji: Biometric Voter ID Being Used for all Sorts of Transactions

It's like UID in reverse.

Ministry to accept voter cards as valid ID (Fiji Times)
THE Voter Identification Cards (VIC) issued through the electronic voter registration identification cards will be accepted as a valid form of identification by the Ministry of Justice by November 15.

Any Fijian who has registered to vote and who possesses a VIC will be able to access services provided by the Registrar of Titles Office, the Births, Deaths & Marriages Registry, the Companies Office (which includes the Moneylenders Registry) and the Official Receiver's Office.

Read the whole thing. You're half-way there already. By calling it UID in reverse I make no comparison between Fiji & India. Fiji has less than a million people and you can't walk there from anywhere else. It's just that, rather than develop one ID that can do everything. Fiji developed an ID for one purpose (elections) that has broad applicability to other ID tasks.

Fiji

Saturday, August 18, 2012

One year later: Uganda at the Little League World Series

Little League World Series fans shower Uganda with support (PennLive)
Nearly 7,300 people filed Volunteer Stadium Friday evening , many to cheer the first African team in the series.

“This is something,” manager Henry Odong said about the crowd after Uganda lost 9-3 to Panama.

“They were rooting for us even when we were losing,” he said. Because no one is here from Uganda, he said, he did not expect many people to be in the stands.
Uganda's next game is against Mexico today at 6:00 PM, EDT on ESPN.

...and this sheds a little more light on what happened last year (see post below).

Africa Ready for Debut in Little League World Series (NBC Sports)
Odong's team isn't the first team from Africa to qualify for the World Series, though it will be the first one to play in South Williamsport. A separate team from Kampala, Uganda was disqualified last year after the U.S. State Department denied visas because of discrepancies over players' ages and birth dates

But Uganda coach Richard Stanley, of New York, said the problem had to do with a coach last year falsifying documents. Stanley, a retired chemical engineer who owns a small stake of the Trenton Thunder Double-A minor league baseball team, has donated about $2 million to establish a Little League program and build a baseball academy in Uganda.

Stanley hopes the Lugazi team's success will help draw more boys and girls into Little League baseball and softball, which he hopes will eventually will be a stepping stone to help children get scholarships and go to college.

But that's a goal for years down the road. For now, Olaa and his teammates plan to just enjoy the simple pleasure of playing baseball.

One Year Ago: Poor ID Management Infrastructure Prevents Uganda Little League Baseball Team from World Series Participation

Originally posted August 15, 2011

"Many Ugandans, if you ask them, 'When were you born?' They say, 'I don't know.'" (UPDATE:  Video no longer hosted at YouTube.com by ESPN)

Uganda defeated Saudi Arabia to become the first African team to qualify for the Little League World Series. Exultation turned to disappointment when many of the players were unable to obtain visas to the United States (apparently) because of an inability to provide enough biographical detail during the State Department's application process.

The video linked below is taken from a documentary currently in production that was featured on ESPN over the weekend. Please watch it before reading the rest of this post. It is not to be missed. (UPDATE: Video no longer hosted at YouTube.com)

"...Little League was not ready for a country like Uganda to participate in the World Series."
(UPDATE: Video no longer hosted at YouTube.com)

There is a temptation to place blame (upon the State Department, Little League, Uganda, Felipe Almonte, etc.) but the Ugandan coaches and players know the real source of their disappointment though they don't use the exact same terms we use here: A legitimate ID is a prerequisite to full participation in the modern world.

The sad truth, and the true cause of the plight of Uganda's Little League baseball team is the fact that (perhaps) billions of the world's poor lack individual legitimacy because they don't have an ID that can be vouched for by a trusted second party. These individuals are therefore unable fully to exert their talents through the world's increasingly interconnected institutions. Because of this, we are all poorer.

Fortunately, and thanks in no small part to biometric technologies, the costs associated with maintaining an effective ID infrastructure are falling fast, enabling even poor societies with low adult literacy rates to provide their children with something they cannot reach their full potential without: a legit ID.


UPDATE - August 16, 2013:
Here's a poor-quality YouTube video (someone filming their television) of the original ESPN spot referred to above.

Friday, August 17, 2012

Recent SEC Filings Reveal More on AuthenTecApple

Apple may put fingerprint scanners in future products (V3.co.uk)
Among the technologies Apple now owns is a type of fingerprint scanner designed for mobile products with Near Field Communication (NFC) built in. AuthenTec's AES2750 product is a fingerprint scanner that can interact with NFC applications to offer a secure way to log in to various systems.

AuthenTec says the technology can lock and unlock a phone, authorise mobile banking transactions and replace website user names and passwords, all with a fingerprint scan.
SEC filing fans rumors of mobile wallet for iPhone 5 (COMPUTERWORLD)
But how quickly these elements are introduced depends on Apple's long-range plans for iPhone, and iPad, as well as the maturing of the mobile payments industry infrastructure, a big jump in consumer acceptance and -- most of all -- trust in the new technology, and how quickly Apple can phase these particular technologies into its supply chain and manufacturing processes.
...
The fingerprint sensor, many speculate, will be a key part of a full-fledged mobile "digital wallet" using a near-field communication (NFC) radio link to trigger purchases by simply waving the handset over an NFC reader. AuthenTec, an established vendor of a range of smart sensors, identity management (including PC/laptop fingerprint sensors), and embedded security products, announced the deal on July 27. At $365 million, it's Apple's biggest buy.
It's worth pointing out that Josh Franklin at Seeking Alpha predicted the broad outlines of this whole thing a couple of months ago.

Are Democracies Ungovernable without ID?

A Powerful Argument from India

Get over the identity crisis (Daily Pioneer)
The Supreme Court should immediately take Aadhaar under its purview and set an independent body to examine the project's feasibility. The Aadhaar card should be made every citizen's constitutional right

Thursday, August 16, 2012

It sure is...

Bottom line benefits of identity management (IT Web)  - Identity management is about more than security; it is a financial and compliance imperative as well.

NFC + Fingerprint Biometrics = Cha-ching?

Apple wanted AuthenTec's "new technology" ASAP for future products (Ars Technica)
There's a hint that, whatever the tech involved, we won't have long to wait. According to AuthenTec's account, Apple wanted to hurry the buyout deal due to its own plans. "Representatives of Apple also noted Apple’s desire to proceed quickly due to its product plans and ongoing engineering efforts," reads the SEC filing. "As a result of its focus on timing, Apple’s representatives also informed the Company that Apple would not participate in an auction process and would rescind its proposal if the board decided to solicit alternative acquisition proposals for the Company."

Gartner Hype Cycle 2012

Gartner's 2012 Hype Cycle for Emerging Technologies Identifies "Tipping Point" Technologies That Will Unlock Long-Awaited Technology Scenarios (Gartner)

Biometrics feature prominently is several of the technology groups Grtner presents. Whether you're an old hand or hearing of the Hype Cycle for the first time, you'll want to click through and check it out.



Source: Gartner




The Peak of Inflated Expectations was frustrating. The Trough of Disillusionment was a grind. Now is the fun part.

US: Biometrics Collected Under Deportation Deferment Program

US illegal immigrants eye new work rule (Express India)
"Under existing regulations, an individual who receives deferred action and demonstrates economic necessity for employment is eligible to also receive employment authorisation for the period of deferred action -- in this case, two years," Alejandro Mayorkas, Director, United States Citizenship and Immigration Services (USCIS) told reporters during a conference call.

The total fee for making application is USD 465, which includes a biometric check and issuance of a secure work authorisation document.
I haven't been able to find whether the biometrics involved are part of a criminal background check, become part of the ID documents, or both.

Wednesday, August 15, 2012

Google, Apple, Mobile, Money (& Biometrics)

The article isn't even mostly about biometrics, but as we readily acknowledge here all the time, biometrics are only ever a means to an end. What the article does provide is a coherent view of where future profits will come from for Apple and Google well supported with charts, graphs and other visual aids, which I love.

The key biometrics bit is here but the rest is very interesting as well.

How Android gets Google to $2000 by 2020 (Marketwatch)
The most exciting thing I see on the horizon isn’t the ad sales that will almost certainly materialize, but the network effects of a billion Android users and the ways Google can leverage that scale. If one billion people are on the same mobile OS and you know where they are precisely and they have a biometric scanner on their phone, do you really need Mastercard and Visa to take their 3% to verify the funds and identity? That’s why Google is working on Google Wallet. If one billion people are constantly sharing their location by virtue of having their phone switched on, could you sell them stuff based on where they are? That’s why Google is working on Google Offers. And if one billion people care more about the device than the network and will pick the service based on who has the cool new Android phone, couldn’t you launch your own data service? That’s Google Fiber.
This also seems to be of a piece with growing recognition among financial types that biometrics are going to have a role in how authentication works and add significant value to the process.

Kenya Biometric Voter Tender: Curiouser & Curiouser

Kenya: Treasury Set to Announce Poll Kit Tender (All Africa)
Treasury is today expected to announce the name of the company that will provide the Biometric Voter Registration kits at a cost of more than Sh3 billion.
I was tempted to quote the next two paragraphs, too, but then I wanted to grab the next two, etc., with no end in site. So, just go read the whole thing. It's worth it.

To set the scene for the article linked above or for a refresher, read Strange Things Afoot in Kenya Biometric Voter Registration Procurement.

The Facebook Face Rec Saga Continues as EU Reopens Inquiry

Germans Reopen Facebook Privacy Inquiry (NY Times)
Data protection officials in Germany reopened an investigation into Facebook’s facial recognition technology Wednesday, saying the social networking giant was illegally compiling a vast photo database of users without their consent.

UPDATE II: Remotely-Staffed US-Mexico Border Crossings

FEB. 9, 2012: Self-service U.S.-Mexican border crossing could be replicated (NextGov)
Under the agency's plan, people carrying passports or other citizenship documents embedded with computer chips will approach kiosks to enter the United States. The kiosks will be mounted with digital scanners connected to a staffed entry point in El Paso, Texas, where CBP officers will see them through one-way video cameras and check their IDs. When near the scanner, the microchip, a radio frequency identification transmitter, signals a remote database to draw up biographical records and a photo of the document-holder. Officers then can confirm that the person in the database is the person on the camera.

AUG. 6, 2012
UPDATE: It looks like they're installing something along these lines in Nogales, Arizona.

Avatar Officer Installed at Arizona-Mexico Border Station (Yahoo)
[Customs and Border Protection] CBP is actually installing an updated version of the University of Arizona's kiosk—the original was tested at the station from December to March—to determine its ability to help enroll applicants in its Trusted Traveler programs at the Mexican border. The programs, also available for airline passengers, were created after 9/11 at various ports of entry into the U.S. to expedite preapproved, low-risk travelers through dedicated lanes and kiosks. All Trusted Traveler applicants must voluntarily undergo a background check against criminal, law-enforcement, customs, immigration, agriculture and terrorist databases. The process also includes biometric fingerprint checks and an interview with a CBP officer.

In Nogales, human CBP officers monitor the avatar-administered pilot-test interviews, which provide them with automated feedback uploaded wirelessly to an iPad tablet that these officers can use to conduct follow-up interviews.
AUG. 15, 2012
UPDATE II:
This robot border officer knows when you lie (Channel 3000)
Applicants for the program must undergo an interview and biometric fingerprinting to be eligible for the program -- both of which can be performed by the AVATAR kiosk.

Derrick said the kiosk could process travelers in five minutes.

Travelers simply stand in front of the unit -- which "looks like an ATM on steroids," according to Derrick -- and respond to yes/no questions asked in Spanish or English. "You speak to it like you speak to a person," he said.

Their answers are monitored, with any unusual physiological responses passed on to "a human field agent" who then subjects them to "a more careful interview process," said CBP spokesman Bill Brooks.

Unusual responses were not a sure sign of a lie, said Derrick. "There might be valid reasons for it beyond deception."

The computer uses three sensors to assess physiological responses: a microphone, which monitors vocal quality, pitch and frequency; an infrared camera, which looks at pupil dilation and where the eyes focus; and a high-definition camera recording facial expressions.
Much more at the link.

It looks like this is much more than a tele-presence or biometric document authentication app. If this article is accurate, U.S. Customs and Border Protection is actually piloting an automated deception detector in the field and has settled upon voice as the most important thing to measure.

Tuesday, August 14, 2012

UID news In and Around Mumbai

After a lull, UID is all over the news today reviving the All-India-All-the-Time aspect this blog occasionally takes on.

These two articles are pretty no-nonsense looks at UID in and around Mumbai.

Maharashtra's Aadhaar model of linking govt data to be replicated (Business Standard)
The Maharashtra government on Monday got a boost from Unique Identification Authority chief Nandan Nilekani, who said the state's model of linking UID data with citizen-related data compiled by various departments would be replicated across the country. Multiple departments “have data in silos which do not talk to each other” and linking this data with UID would bring in an integrated view and help governments to provide better service to citizens, believes Nilekani.
Maharashtra extends deadline for UID card by a year (Times of India)
Nearly one-and-a-half years after Prime Minister Manmohan Singh launched the ambitious scheme to provide unique identity (UID) cards at Nandurbar in Maharashtra, the state government has extended its deadline to complete the programme by a year.

The government now aims to cover at least 80% of Maharashtra's population before March 31, 2013, as opposed to the earlier target of 100% enrollment by March 31, 2012.

Enrollment vs Authentication: Nigeria seems to get it

Nigerians to get permanent voters card soon (Business Day)
"As you know, we did biometric data registration; before the end of this year, we will start issuing the permanent voter's card, and these permanent voter's cards that we are going to issue are chip-based, just like many of our own bank cards. So, they carry all the information on a microchip which is embedded in the card of the card," he said.

"What we believe we can achieve at the minimum by 2015, is that we can achieve 100 percent authentication at the polling units.
Biometric voter registration without biometric voter authentication at the polling place is, at best, a half step toward an optimal biometric voting system.

Motley Fool on Biometrics

Is Your Body Your Best Defense Against Digital Terrorists? (Motley Fool)
If your digital life is linked together closely enough, the entire house of cards could be flattened in less than an hour. Family photos, email histories, business invoices, creative work, and all your connections -- it could all be gone before you wake up. But the solution may be closer than you think.

Is Apple taking biometrics mainstream? Part 2

Apple's AuthenTec Buy Validates Biometrics, Valid Tech Says (IT Jungle)
Whatever Apple's plans are, the $356 million it's put on the table has already helped to "validate" biometric authentication as a whole, Faust says. "Biometric is absolutely the way to do authentication, because nothing else makes any sense," he says.
Part 1

"This Or That Person": New film dwells on the notion of personhood

ID please? (The Hindu)
The Unique Identity number (UID or aadhar) project was introduced in India in 2009 and through the lens of the UID, the film looks at what identity documents means to people, and how the aadhar project is perceived.

The documentary dwells on the notion of personhood as seen by the India State, or as the director puts it, “It is a conversation with the State about ideas of inclusion, exclusion, surveillance and citizenship, and it does so by interrogating the Unique Identity number project.

“The Unique Identity Number that the State will give each citizen is meant to be the solution for a lot of problems, but in a system that is already suffering from structural problems how effective will the UID be?” questions Subasri.
Biometrics is about people.

If anyone knows anything more about this film or how to see it, please let me know.

The notion that UID is a threat to India's security is absurd

It looks like they outsourced the headline writing to P Chidambaram. Nevertheless...

Fake enrolments in Aadhaar Phase-I spark security fear (Indian Express)

The first half of the article asserts security threats without exactly backing up the assertion.

The second half of the article actually describes some of the improvements upon Phase I sought by the UIDAI for Phase II. This part of the article is more instructive.

As for those who fear for the security of India, which environment is more secure?

STATUS QUO: Up to 500 million people (more than the total population of all but two countries) about whom the government knows nothing, whose status (or lack thereof) increases their likelihood of poverty and susceptibility to communicable disease, whom government's attempts at assistance provide a magnet for corruption and graft, and whose lack of status increases vulnerability to person trafficking or other exploitation (I could go on and on).

OR

GOOD: A 99% accurate national identity management regime ensuring access to public support, banking, telecommunications, and investment markets to all Indians. BAD: Some liars, cheats, scoundrels, illegal immigrants and spies will receive a legitimate ID with fraudulent information. BUT: From there forward they should be unable to maintain more than one identity.

So you've got to pick your poison. While no human system attempting to account for over a billion other humans can ever be perfect. It's difficult (if not impossible) to see how UID can increase insecurity.

Even if there are a million terrorists hiding out among the 500 million undocumented people, and even if they all get Aadhaar numbers with fake details, at least he government has the fingerprints and aliases of a million terrorists and if those same fingerprints show up somewhere else with a different name, some questions for further investigation present themselves. That sounds like a security improvement to me.

The most prominent UID antagonists have consistently relied upon the "UID is bad for security" argument which essentially posits that it's safer to remain ignorant about a third of the population than to make some mistakes in learning about it.

See also:
India: How Much Fraud is Acceptable in NPR, UID
Perfect is the Enemy of Good
Biometrics "Fix" Identity

Monday, August 13, 2012

Kenya BVR: Enrollment kits are the easy part

Kenya's flirtation with electoral biometrics has been in the news a lot lately. That fact has been reflected in the content and analysis hear at the SecurLinx blog (click here).

An often overlooked aspect of large biometric deployments is how small a piece of the overall solution biometric hardware is. The following article does as good a job as any I've seen adding context and detail.

BVR Is Unworkable; Its Use In 2013 Will Just Be A Disaster (The Star)
The debate on the Biometric Voter Registration has taken an unfortunate and impractical twist due to misinformation by politicians and the usual busybodies in Kenya. For the Executive and political class to insist that the Independent Electoral and Boundaries Commission must implement BVR six months to elections is to invite disaster.

The issue around BVR at this point is not just about procurement. The main problem around BVR is implementation. BVR is not just a briefcase with sophisticated equipment. It is an integrated information system that comprises hardware, software, data, processes and people. Procurement will only deal with hardware. The devil is in implementing the software and ensuring the information system unlocks the promised benefits. Unfortunately, our politicians have hyped the benefits and created expectations of unrealistic dimensions.

Fingerprint Sensor Innovation

Worlds First Non-Optical, FBI Certified Four-Finger Scanner (Press Release)
The [Thin Film Transistor] TFT sensor has an active image area of 3.0 x 3.2, a resolution of 500dpi, and is less than 1mm thick. Ultra-Scan has begun miniaturization of the sensor control electronics to a single Application-Specific Integrated Circuit (ASIC) that, when complete, will result in an integrated sensor and control electronics package measuring 3.5 x 3.5 x 0.25, powered by USB, and suitable for a variety of mobile fingerprint collection applications.
In the business, we call a multi-fingerprint reader a "slap" reader — well, some of us do anyway.

For now, the least costly single print readers, and all the slap readers I know of, are optical readers with a glass platen and some sort of internal light source for capturing an image of a fingerprint. This form factor dictates a certain hardware depth dimension, usually two inches or more. As for the single print readers, in many many applications a two inch hardware depth isn't a deal-breaker and price is an object. With the slap readers, even though they're expensive and heavy there are enough applications where only a slap reader will do.

So for a single print reader, if a customer can accept the depth, price comes down.  If a customer has to have a slap reader, they have to accept the depth associated with optical sensors.

As mentioned above, there are a whole lot of applications where optical sensors make the most sense. Mobile, however, isn't one of them. In mobile hardware, two inches of depth is a deal breaker at any price. Mobile devices will definitely be integrating these thin film transistor-type sensors (I've also seen non-optical hardware called semiconductor scanners, and capacitive readers).

Shrinking the depth of a slap reader while increasing the maximum size of a capacitive reader opens up all sorts of possibilities for mobile devices such as the capability of having the back of a mobile phone recognize users' partial palm print as they hold the device naturally.

This seems like a pretty big deal but my guess is this type of fingerprint sensor is going to be hugely expensive for a while. But that's the way these things go. They're expensive before they're cheap.

Biometrics and Football/Soccer violence in Argentina

Argentina: Football, the ‘Evita Cup’ and New Security Measures (Elites TV)
The first announcement is related to the acts of violence which took place in the first half of 2012. Due to these acts, the Argentine Football Association (AFA) [es] and the Office of the Argentine Presidency [es] signed an agreement [es] to prevent violence. The measure involves the installation of SABED (Biometric System for Admission to Sports Events), in which fingerprints will allow the entry to stadiums according to the antecedents of each spectator.
See also:
Facial Recognition Experiment to Identify Hooligans Among Football Supporters Groups in Sao Paulo State

Biometrics bust 9,000 more ghosts in Nigeria

Katsina discovers 9,000 ghost workers (Vanguard)
ABUJA—GOVERNOR Ibrahim Shema of Kastina State has said his government discovered 9,000 ghost workers on the payroll of the state.

Shema, who addressed stakeholders in Abuja, promised that his administration will do everything possible to stamp out the ghost workers syndrome in the state.

He explained that before the implementation of the payment of N18,000 minimum wage, his administration embarked on the biometric capturing of the civil servants in the state.
I'd guess that Nigeria has been the country most aggressively applying biometrics to reduce fraud in government payrolls.

Face Rec for Loyalty Programs

Facedeals lets you check in to venues with your face (Wired - UK)
Users will need to have authorised the Facedeals app through their Facebook account. This verifies your most recent photo tags and maps the biometric data of your face. This data is then used to identify you in the real world. It doesn't appear to use Facebook's own recognition technology, supplied by Face.com.

Securities and Exchange Board of India: UID Valid

Sebi allows Aadhaar as valid address proof for investors (Times of India)
Market regulator Sebi today said investors can use 'Aadhaar' cards as a valid address proof for their accounts with brokerage firms, mutual funds, portfolio managers and other capital market entities.

'Aadhaar', a 12-digit individual identification number issued by UIDAI (Unique Identification Authority of India), is already permitted as a valid identity proof document in the capital market.
Offering investment opportunities to the poor should be good for both the poor and the economy in general.

Friday, August 10, 2012

Towns turn to biometrics for human resources efficiency

Rhode Island Town switches to biometric time clocks (Johnston Sunrise)
“It’s a great system. We’re moving into the 21st century,” Polisena said.

Biometric time clocks will be placed in all town buildings: the police and fire stations, Town Hall, the Parks and Recreation Department, Department of Public Works, Municipal Courthouse and Mohr Library. All union employees will use the system with the exception of police officers and firefighters, as their schedules fluctuate too much. Office staff in both departments will use the system, however.

Polisena added that these time clocks would prevent “buddy punching” and provide a more accurate record of employee attendance. Reports on hours worked and times clocked in and out for each employee will be automatically sent to department heads to help them keep track of employee performance. Department heads can access the town server at any time to manually add in notes about absenteeism or issues regarding specific employees.

The data will likewise be sent to ADP, the payroll company that handles town employees. Pay stubs will report how much vacation time employees have accrued.
"[Y]ou are you, so why not be used to authenticate yourself?"

How noisy are ghosts?

Ghana: Biometric Payroll Underway (GhanaWeb)
“We, however, wish to assure genuine public servants who may not have taken part in the biometric registration exercise, and therefore have not received their salaries for July, that payment will be duly made to them.”

The release said “such public servants are therefore encouraged to quickly go to the nearest Regional Office of the Controller & Accountant General’s Department or to the Ministry of Finance and Economic Planning, Annex (FIC Building), Accra where they will be immediately registered and their payment quickly processed.”
It'll be interesting to compare the volume of complaints to the length of the lines at enrollment stations.

FBI wants Tattoos for Meaning not ID

FBI asks local police for tattoo databases (Bend Bulletin - OR)
The FBI wants your tattoos — more specifically, the meanings behind their inky black lines and colorful shapes — and it’s asking local law enforcement agencies for help.
This has more to do with investigating organized crime associations than ID, but applying what can be learned from local law enforcement organizations will involve technologies closely related to biometrics.

See:
Biometrics, object recognition and search

Thursday, August 9, 2012

Principals want More Biometrics in Schools

It's not hard to understand why. They work; they're cheap; they can save time and money. And when something happens, it's the principal who has to face the music.

Fla. District Considers Student-Fingerprint Scanners (Education Week)
In response to an anonymous survey of Palm Beach County principals, the 171,000-student district is considering implementing fingerprint scans, or biometrics, for student bus riders, lunch purchases, and other uses, according to school officials.

In the survey, commissioned by the district's support operations staff, 60 percent of Palm Beach principals said they would like to see biometrics in schools to help take attendance, borrow materials from the library, or make cafeteria purchases. "Based on the responses to the biometrics survey we will seek Board approval to pursue a pilot use on school buses based on information learned from the previous pilot in school cafeterias and media centers," Joseph Sanches, the school district chief of support operations, wrote in a blog post.
Read the whole thing. There are lots of good links there, too. And remember, half of what a school does is ID management.

 UPDATE: The survey results are available here (Support Operations Scoop) Click and scroll down.
RESULTS OF BIOMETRICS SURVEY
48 responses...

Biometrics offer significant advantages over identification cards.
(Strongly Agree = 15%, Agree = 45%, Disagree = 15%, Strongly Disagree = 2%, Not Sure = 23%)

I support using biometrics for such functions as student attendance, purchasing meals in the cafeteria, borrowing materials from media center, and tracking students on school buses.
(SA = 30%, A = 21%, D = 13%, SD = 2%, NS = 11%)

Even though biometrics do not record students’ fingerprints and it is being used successfully by other school districts, too many parents will object to its use in Palm Beach County for it to be used here.
(SA = 6%, A = 15%, D = 30%, SD = 4%, NS = 45%)

Giving the right amount of time, proper marketing and education most parents would come around to find the use of biometrics acceptable.
(SA = 15%, A = 64%, D = 6%, SD = 2%, NS = 13%)

The District should consider the use of biometrics in the future and not give up on its possible use with students at some point.
(SA = 21%, A = 51%, D = 11%, SD = 2%, NS = 15%)

Written comments are also included

In a Cloud-Connected IT World, are Biometrics the Answer?

For your eyes only: New twist on Digital ID could keep you from getting hacked (ZDNet)
With so many individuals with multiple accounts on so many linked cloud services, it is inevitable that this sort of cybercrime is going to become more commonplace unless new mechanisms are put into place to prevent this form of compromise that Honan experienced.

One way of dealing with this would be to employ biometrics on all computing devices. I wrote about this at length in February 2011, which eventually led to an appearance on CBC Radio alongside prominent independent security researcher Dr. Markus Jakobsson.

Another Tablet with a Fingerprint Reader

Lenovo confirms full Windows 8 ThinkPad tablet (electronista)
The display is a 1366x768 IPS display, with a front-facing 2MP camera, and a rear-facing 8MP camera. Video output is provided by a micro-HDMI port. Wireless connectivity is provided by integrated 802.11n and optional 3G or 4G. A near-field communication (NFC) radio is installed, with biometric security provided by a fingerprint reader.
I think we'll be seeing more of this. Password technology is already a bit of a nuisance even when a fully functioning keyboard is attached to the hardware. Tablets don't have keyboards and the virtual keyboards they use are a big step down from their hardware cousins in terms of usability.

I think manufacturers are coming around to the idea that, for tablets, fingerprint readers are more convenient than passwords. Another fact of the mobile computing device market seems to be that convenience trumps security every time.

Biometric Voter Register in Gabon 2013

Biometric voters' list to be used during Gabon's 2013 local elections (Xinhua)
The vice-chairman of Gemalto company which won the contract to prepare biometric voters' register, on Wednesday reaffirmed before the government and the Constitutional Court that biometric poll lists will be used during Gabon's 2013 local elections, an official source has said.

The official statement indicated that the company's vice- chairman Youzec Kurp had assured the government and the Constitutional Court that all measures had been taken to ensure the biometric voters' list will be ready on time.
The next presidential elections in Gabon are scheduled for 2016.

Strange Things Afoot in Kenya Biometric Voter Registration Procurement

Following a flurry of activity that included overtures from U.S. Secretary of State Hilary Clinton, the idea of renting registration kits from Ghana, and an electoral commission reluctant or unable to pick a bid, Kenya seems to be heading toward biometric voter registration for the elections scheduled for March 2013.

In order to move the project forward, two adjustments to the ordinary electoral process have been made.

The law mandating that the electoral register be completed 90 days prior to an election will be changed to allow the electoral commission an extra 45 days to complete its work. (Nairobi Star via All Africa)
The Cabinet yesterday accepted a request by the IEBC to acquire the biometric voter registration kits through a government to government arrangement. The Elections Act will also be amended to allow for the voter register to close 45 days to the polling date of March 4,2013 instead of the stipulated 90 days. These are among the decisions that were made during a meeting held between President Kibaki and the Independent Electoral and Boundaries Commission to resolve the crisis surrounding the procurement of the BVR kits which would have seen Kenyans revert to the manual voter registration system.

The amendment in the Elections Act will give the IEBC time to complete voter registration and allow scrutiny of the same and still keep within the elections time table it had drawn up. "The Government agreed to initiate amendments with the Elections Act to reduce the period for closure of the register from 90 days to 45 days so as to allow more time for voter registration," a statement issued after the meeting read.
The stated procurement process has been thrown out the window. (Capital FM via All Africa)
MPs want Justice and Constitutional Affairs Minister Eugene Wamalwa to explain the criteria used by the Cabinet to select a Canadian firm to supply Biometric Voter Registration kits ahead of next year's general election.

Ikolomani MP Boni Khalwale said the move amounted to the government taking over the procurement of the BVR kits from the Independent Electoral Boundaries Commission.
...
The commission cancelled the tender for the supply of 9,750 BVR kits on Wednesday following immense public outcry on the manner the tender had been awarded. In announcing the cancellation, the commission said the two lowest bidders did not meet the due diligence requirements while the other two firms who met the due diligence including Symphony Limited, were above budget.

The company, which was second-placed in the tender bid, said it had fallen victim to "unknown intrigues."

The Indian firm 4G Identity Solutions which had bid the lowest said it would respect the decision by the IEBC to cancel the tender. However, the firm appealed to the commission to rethink the cancellation since it would negatively impact them.

The Public Procurement and Disposal Act 2005 allows the IEBC to terminate the process before it awards the contract. In such case, the bidders cannot seek court intervention.

Apart from 4G and Symphony of Kenya, other companies shortlisted for the tender were Face Technologies of South Africa and Ontrack Innovations of Israel.
For a summary chronology:

1. IEBC solicits proposals

2. IEBC narrows list to four providers

3. For whatever reason, IEBC can't choose among them.

4. IEBC cancels the project foreclosing any recourse to the bidders who followed the IEBC's instructions.

5. Hilary Clinton offers Kenya free biometric registration kits.

6. IEBC rejects the offer citing (unstated) political implications that would have arisen from such a donation, and a lack of time to complete the process.

7. IEBC makes a request of the Cabinet to acquire biometric registration kits through a government to government arrangement (Ghana, perhaps).

8. Laws will be changed to ensure that there's enough time.

9. Vendors scratch heads.

10. Still, nobody is sure where the kits will come from.

That's kind of a mess.