Friday, March 29, 2013

Biometrics for newborns in hospital maternity units?

Maha govt asks hospitals to ensure biometric ID of infants (IBN Live)
In order to prevent thefts of babies from hospitals, the Maharashtra government has asked state-run medical centres to ensure biometric identification of infants within two hours of birth.
As far as I know, it's easier to apply biometric identity management techniques to the adults who have a right remove a baby from a hospital than it is to biometrically account for the identity of each infant. Face recognition doesn't work very well on infants and newborns aren't going to be able to help with the more participatory biometric modalities like iris and finger even if the algorithms are applicable to infant morphology (and I'm not sure that they are).

Footprints have been collected from newborns for a long time, but even though human experts can match properly executed paper and ink footprints, I'm not aware of any matching algorithms for the foot to automate that process.

So that leaves biometrics for the adults that are allowed in the maternity ward including parents/soon-to-be parents and a special category for individuals that are allowed to remove a newborn from hospital property: new parents exclusively.

Granted, that won't prevent baby mix-ups, but it can go a long way to making baby theft much more difficult.

In a more passive approach, SecurLinx has experience providing facial recognition capabilities to monitor a watch list of individuals restrained from approaching a maternity wing.

If anyone out there has any information on biometric algorithms intended for use on newborns, please send it along.

Thursday, March 28, 2013

Twitter: March Biometric Chat - Large Scale Deployments with Accenture's Cyrille Bataller




UPDATE March 28, 2013:
John has posted the chat transcript at Storify.





When:
March 28, 2013 11:00 am EST, 8:00 am PST, 16:00 pm BST, 17:00 pm (CEST), 23:00 pm (SGT), 0:00 (JST)

Where:
tweetchat.com/room/biometricchat (or Twitter hashtag #biometricchat)

What:
Tweet chat on the use of biometric identification for border control, ePassports, visa applications, and voter registration with @CyrilleBataller of @Accenture. Mr. Bataller appears in the video Biometrics and Privacy: A Positive Match available at the Accenture site here. I'd embed it if I could.

Topics:
Topics: The use of biometrics to secure borders, process visa applications & ePassports, and secure voting registries

More at the M2SYS blog.
UPDATE: Questions for the upcoming chat

Earlier topics have included:
Privacy
Mobile biometrics
Workforce management
Biometrics in the cloud
Law enforcement
Privacy again
Biometrics for global development

Modalities such as iris and voice have also come in for individual attention.

I always enjoy these. Many thanks to John at M2SYS for putting these together.

Market Analysis: Iris biometrics

Iris Biometrics - Global Strategic Business Report (Research & Markets)
Prominent among the contactless biometric identification technologies, Iris biometrics identifies an individual by analyzing random colored patterns within human irises, which are unique to each individual and do not easily alter over lifetime. Relatively young in the biometric identification market with commercial availability only since 1995, iris biometrics, thanks to its swift results, low failure to error rates and high accuracy levels, is however fast proving to be a preferred choice of biometric identification in a range of applications.

Growth in the iris biometrics market until now has been largely driven by increased adoption of the technology in travel and immigration segment and physical access control applications.
The summary of the report is very optimistic about the future of iris biometrics.

Market Analysis: 2012 Physical Security in Financial Services in the United States

"Card readers and keypads are more widely used in financial services facilities than biometric readers. However, use of biometrics is expected to grow significantly within the next five years." (WCAX.com)
Roughly one-third of the surveyed companies from the financial sector do not measure return-on-investment (ROI) on their physical security investments. Security of data, assets, clients, and employees is top priority; thus, ROI measurement is sometimes not a neccessity. In cases for which ROI is measured, it is typically done via indirect measures (e.g., general increase of safety), and generally managers do not employ quantitative indices.

Africa news

SOUTH AFRICA:
Court upholds biometric social security procurement tender (ITWeb) 

Social grant tender is valid (IOL)


NIGERIA:
Telecoms firm to Boost Efficiency with Biometric Solutions (All Africa) — access control and time-and-attendance

Kenyan High Commissioner, CODER advocate for Nigerian biometric voting system in 2015 (The Nation)

RWANDA: 
Techno Brain Launches Operations in Rwanda (All Africa) — IT leapfrogging includes a dose of biometrics.


Wednesday, March 27, 2013

UK: Immigration politics and biometrics

The United States isn't the only place where immigration politics — and the role of biometrics — are coming to the fore. They're very timely issues in the UK, as well.

WorkPermit.com covers Prime Minister David Cameron's policy prescriptions like the dew covers Dixie, here: Cameron announces tough reforms to UK immigration.

The Guardian provides some analysis here: Immigrants' residents permits: how would they work?
The repeated refusal of GPs, social housing officers and social security staff to act as immigration officers also means that if more robust residence tests are to be introduced for other EU nationals then an easy and authoritative way is needed of checking how long they have been in the country and what their immigration status is.

Ministers have confirmed that they are looking at plans to take fingerprints and other biometric data to be stored on a card with a photograph and electronic signature from new arrivals from next year.
It is within this context that the beleaguered UK Border Agency is being broken up (BBC). The UKBA is currently responsible for border protection, visa & passport issuance, asylum cases, immigration law enforcement, etc.

Tuesday, March 26, 2013

Law enforcement interoperability

Law enforcement, NIST making fingerprint files easier to search (GCN)
Not all AFIS are alike, however. State and local agencies often maintain their own databases, and although there can be some interoperability in a vertical hierarchy of local, state and federal databases, there is very little interoperability horizontally between neighboring jurisdictions. To search different databases, examiners must mark distinctive features for fingerprints manually for different systems, using different coding, notation methods and data definitions.

Another go at biometric payments

One day, someone will crack this nut.

Fingerprints Instead Of Credit Cards? YC-Backed PayTango Aims To Make Payments Work Through Biometrics (Tech Crunch)
One YC-backed startup is betting that fingerprints and other forms of biometric identification may be the payment method of the future though. Called PayTango, they’re partnering with local universities to offer a quick and easy way for students to use their fingerprints to pay instead of credit cards.

The four-person team is basically almost fresh out of Carnegie Mellon University. The co-founders, Brian Groudan, Kelly Lau-Kee, Umang Patel and Christian Reyes, graduating later this summer and have experience in human-computer interaction and information systems.
Read the whole thing. The comments section is unusually lively, though severed-digit-phobia (or is it simple glibness?) seems endemic there. Really, folks. It's a point of sale terminal. I'm pretty sure severed fingers would attract some attention at a cash register, perhaps even more than a stolen credit card.

If you wade those comments there are some enlightened ones there, too.

Biometric passenger service, CLEAR, reaches milestone

CLEAR Speeds Millionth Traveler Through Airport Security (Press release via PR Web)
Certified by the Department of Homeland Security as Qualified Anti-Terrorism Technology, CLEAR transforms the travel experience by allowing members to use their biometrics (fingerprint or iris) to speed through security at major US airports.

“We estimate that CLEAR members have saved over 30 million minutes that would have been spent waiting in line at airport security,” said Allison Romano, Director of Member Services. “The predictability of CLEAR is crucial for our members. Since 42% of members travel at least once per month, 15% travel once per week, and 50% travel during peak hours, CLEAR has a significant impact on their travel experience. That means more time living and less time waiting.”
Visit CLEAR here.

Monday, March 25, 2013

Walt Disney World expands biometric ticketing

Passholders can now exchange their passes for updated technology (Examiner)
Before you leave another cast member will show you how to use the new pass and will make sure that your biometric data is in the system. The next time you head to a park a cast member will direct you where you should go. You will then hold your ticket to the scanner and place your finger on the pad. When the light turns green, you're in.
It's my impression that Disney does this mostly for the purposes of making sure that discounted longer-term passes aren't shared among different individuals. It's not hard, however, envisioning that this might point the way toward future security applications.

UPDATE:
Biometric Update picks up the story and runs with it, quoting this post. Our thanks go to the piece's author, Adam Vrankulj, and Biometric Update.

Industry report: Video tech and analysis market

Intelligent Video Surveillance, VCA & Video Analytics (ReportsnReports)

Technologies & Global Market:
2011 = $12.1bn
2012 = $13.5bn
2020 = $39bn by 2020

Face recognition is only a tiny slice of the market analyzed but almost tripling the video technology and analysis market over eight years represents a pretty healthy rate of growth.

Malawi opts for 2019 rather than 2014 for biometric elections

Malawi wont use biometric voter registration for 2014 polls-official (Star Africa)
“We have resolved that the implementation of the biometric system be used in the 2019 elections,” he [MEC Chief Elections Officer Willie Kalonga] said.

Kalonga said the commission will conduct a comprehensive field tests and civic education programmes on the solution.
Countries that haven't rushed the process have done a better job implementing biometrics into election ID.

Thursday, March 21, 2013

The con is mightier than the hack

'If you stopped 10 people in the street with an appropriate story you'd get one or two to give their passwords up.' Be afraid, very afraid (The Examiner - Tasmania)

India: UID applications without biometrics highly likely fraudulent

Sometimes it seems as though headline writers don'e even bother to read the articles.

India removes 384K Aadhaar biometric IDs (ZDNet) — Properly speaking, they weren't biometric ID's because they were created under the "biometric exceptions" provision that allowed for enrollments to be created without an acceptable biometric identifier. That provision was exploited by unscrupulous registrars who created fake enrollments for which they were paid.

The "biometric exception" was created out of necessity to account for those with unreadable fingerprints or for those who lacked fingers or hands altogether, however three quarters of the IDs generated under the biometric exception clause have been found to be fraudulent.

It is also interesting to note that if UID lacked a provision for the collection of a biometric identifier, it is unlikely that the large scale fraud would have been detected at all.

Wednesday, March 20, 2013

Saudi Arabia to introduce biometric visas

Saudi Arabia: Biometrics to ease entry of visitors, pilgrims at airports (Arab News)
The Foreign Ministry said yesterday it has signed contracts with specialized international companies to set up biometric centers for providing visa services to prospective visitors to the Kingdom, including pilgrims.

Biometrics in school busses

Kidtrack biometric system keeps track of kids on school buses (gizmag)
A lot of parents worry when their kids first start taking the school bus by themselves. What if they’re snatched from the bus stop? What if they get off at the wrong stop? What if the bus is hijacked? Well, while the Kidtrack system can’t keep any of those things from happening, it can at least keep track of which children are on which buses, and where.

There's a real business opportunity here...

Swiss consulates to privatize visa processing (World Radio Switzerland)

"The majority of applications from people seeking visas to come to Switzerland will soon be processed by private companies..."

Looks like another opportunity for ID Entrepreneurs. See - ID Entrepreneurs: Criminal Background Checks.

Tuesday, March 19, 2013

Better training leads to better face recognition

AUSTRALIA: Crims outed by Vic cops' facial recognition system
Key to the accuracy of the system was the composition of photos according to strict positioning criteria.

Victoria Police senior sergeant Cameron Tullberg said the quality of suspect photographs had degraded over decades.

At a recent police technology conference in Melbourne, Sgt Tullberg showed fellow officers recent photographs of such low quality that identification of suspects was almost impossible. In one photo an entire face was cropped out.

He said the requirements had been "turned all the way up", forcing police officers to properly compose a photo before it would be accepted by the system.
We have often made the point that facial recognition systems are best used by skilled operators. Their operation is far more complex than, say, fingerprint systems. This story from Australia draws attention to the fact that sensitivity to facial recognition "best practices" on the front end (data-gathering phase) leads to better matching down the road.

Biometric time-and-attendance & Return on Investment (ROI)

Top 5 Reasons Businesses Increasingly Switching To Biometrics (Minute Hound Press Release via San Francisco Gate)

The press release extols the virtues of Minute Hound's solution but the bullet points covered in it are relevant to any discussion of biometrics for time-and-attendance and ROI.
  •  Saving the Company Money 
  •  Making Information Private 
  •  Organizing Details Efficiently 
  •  Making Life Easier 
  •  Fits any Budget



Notice, they don't claim perfection, just improvement - the true standard of ROI.

See also: Brazilian ghost doctors have rubber fingers

Monday, March 18, 2013

Face rec false rejects, organizational false accepts and ROI

Britain's passport and ID service seeks facial recog tech suppliers (The Register)
The Home Office plans to spend up to £16m on facial recognition technology for the Identity and Passport Service.

A tender notice in the European Union's Official Journal (OJEU) popped up this week that showed that Theresa May's department was now on the hunt for providers of a Facial Recognition Engine and a Facial Recognition Workflow for the IPS.
The article then proceeds to a brief discussion of the pros and cons of the tender. The pros follow the benefits of a facial database search before issuing new photo ID documents (click for a good example). In this case the ID documents are British passports. The cons presented in the article come in two flavors, price and performance.

The money issues are common to any governmental expenditure.

The performance issue in the article that I want to address is "false reject rate." The false reject rate of a facial recognition system in the case at hand should be taken apart and put into two categories. The first category is the performance of the core face-matching technology, the second category is the performance of the entire Home Office organization.

What constitutes a "false reject" in the core technological sense is any "match" made by the face recognition system between a submitted image and the images in the searchable database that turns out to be an incorrect/inaccurate match. In other words, "matches" that aren't real matches are false rejects.

But in this case, the Home Office is ultimately judged, by how many bad passports it issues (false accept), not by the perfection of one mechanism in a rigorous process by which the organization arrives at its go/no-go decision. After all, if my name is John Smith and I submit my passport application to the Home Office, they will probably search their databases for "John Smith." If they find several, does that constitute an automatic false reject? Does that mean I can't get a passport? Of course not. Someone will look at the list of John Smith's to see if I'm pretending to be someone else with the same name.

Here, facial recognition is used to add an image capability to go along with the search the Home Office already does with new passport applications. It is not an automated decision-making engine. Even though facial recognition systems at very large scales or in chaotic environments are very difficult to automate, they can be extremely useful investigative tools for trained users.

Humans are pretty good at matching faces with small data sets. The processes people use to identify other people with high confidence levels are extremely complex and may take into account all sorts of information that facial recognition software doesn't. People, however, aren't very good at identity management among large numbers of people they don't know.

In biometrics, the software takes in a mere fraction of the information people use. It doesn't make any inference about it, and it does its job extremely quickly by treating the problem in a way that closely resembles Nikola Tesla's famous critique of Thomas Edison: “If Edison had a needle to find in a haystack, he would proceed at once with the diligence of the bee to examine straw after straw until he found the object of his search.”

When dealing with people we don't know, humans are relegated to the needle-in-the-haystack process and unfortunately, they do it so slowly as to make it impractical with large data sets. Even if you believe that computers running facial recognition software aren't very good at recognizing people, they're way better at dealing with the problem of large populations than people are.

The assumption buried in the "false reject" critique for this face-rec application is that narrowing a list of 300,000 down to ten possible matches represents 9 failures. More accurately, because pre-face-rec no image-based comparison is being conducted at all, it represents 299,991 successes

When biometric software is used to sort a large population according to the probability of a match, then to present the list of top candidates to a person trained to detect fraudulent passport applications, the result is a fraud-detecting capability that did not exist before. So, even though facial recognition software by itself may have a "false reject" rate, it does not operate in a vacuum and will almost certainly help the organization as a whole reduce the inappropriate issuance of passports, i.e. its "false accept" rate

So we finally arrive where we should have been attempting to go all along — Return on Investment (ROI). ROI can be hard to calculate in security applications. It can also be hard to calculate for government expenditures, but ROI is where the rubber meets the road. The proposition does not turn on whether facial recognition can dictate to human beings whether or not to issue a passport. It can't, and even if it could, most people would probably be uncomfortable giving up their right to appeal to a person in a decision-making capacity. Facial recognition can certainly help people make better decisions, though, and biometrics and ID are ultimately all about people.
Analysts forecast the Global Biometric Readers market to grow at a CAGR of 17.1 percent over the period 2012-2016 (Report Buyer)

Friday, March 15, 2013

Quick links

Afghanistan prepares for ePassports (Security Document World)


Kenya: a poor implementation of voting technology (E-lected)


Zambia to pilot biometric National Registration Cards (All Africa)


Aadhaar-linked biometric device to replace plan for smart cards at ration shops (The Hindu)


South Africa struggles with social welfare fraud (UPI)



Long-form posts from the blog this week...

Who's in my country? That's a tough one. - With or without biometrics, automated entry/exit systems are complex.


Brazilian ghost doctors have rubber fingers - Does the scam argue for, or against, biometric time-and-attendance systems?


Keeping school lunch biometrics in perspective - If schools are unable to keep data private, biometric template information is the last thing that should concern parents.


Kenya botches biometric election ...which should surprise no one.



Older posts that made relevant by this week's biometrics news...

Schools should consider biometrics to protect personal information


Biometrics and Biostatistics Revisited


The challenges confronting any new biometric modality


Biometrics & ID infrastructure: Perfect is the enemy of good

Wednesday, March 13, 2013

Keeping school lunch biometrics in perspective

Maryland: Bill from Carroll senator would ban collection of students' biometric data (Baltimore Sun)
Earlier this school year, Carroll County Public Schools had biometric scanners in place in about 10 school cafeterias, where they were used to help expedite the process of paying for school meals. Officials said the scanners would be more efficient than processing cash transactions or using a PIN keypad system.

But officials fielded complaints from some parents who felt the scanners were an invasion of privacy.
If you think biometrics for school lunch payment are bad, you're not going to like this:

Joy Pullmann: Data mining kids crosses line (Orange County Register)
The U.S. Department of Education is investigating how public schools can collect information on "non-cognitive" student attributes, after granting itself the power to share student data across agencies without parents' knowledge.

The feds want to use schools to catalogue "attributes, dispositions, social skills, attitudes and intrapersonal resources – independent of intellectual ability," according to a February DOE report, all under the guise of education.
Read the whole thing.

Like we've said before, "If schools are unable to keep data secure, biometric template information is the last thing that should concern parents." "Secure" doesn't really apply in the situation described above but the observation that schools already possess very detailed information about students stands.

For the curious: This is an actual biometric template created using one finger, an off-the-shelf fingerprint reader and their freely-circulated software development kit (SDK). It consists of 800 hexadecimal characters.
2aba08229b3b2a44e72c8f14da168a560a3caf2257add068a7fc1636215bff53152546da3fc8071ea84433a42261f4ff7bc3b455199be8980eea2bb1e922f18aa309e050130d72ca124ecd6e9e86459e60858ff44f71d0c1c4e23b97a9a6554619543e8d347f79ea8fa70db87eaea7f37bf2cac4e697d5525479cc72fb653b5d32089e7b3cbcd01f8dba60eda95a50a31b2dc9ebaf0d5f602a64ff47f06cf97c1b2dc9ebaf0d5f602a64ff47f06cf97c1b2dc9ebaf0d5f602a64ff47f06cf97c1b2dc9ebaf0d5f602a64ff47f06cf97c1b2dc9ebaf0d5f602a64ff47f06cf97c1b2dc9ebaf0d5f602a64ff47f06cf97c1b2dc9ebaf0d5f602a64ff47f06cf97c1b2dc9ebaf0d5f602a64ff47f06cf97c1b2dc9ebaf0d5f602a64ff47f06cf97c1b2dc9ebaf0d5f602a64ff47f06cf97c1b2dc9ebaf0d5f602a64ff47f06cf97c1b2dc9ebaf0d5f602a64ff47f06cf97c1b2dc9ebaf0d5f602a64ff47f06cf97c1b2dc9ebaf0d5f602a64ff47f06cf97c1b2dc9ebaf0d5f602a64ff47f06cf97c1b2dc9ebaf0d5f602a64ff47f06cf97c
Something similar could be used instead of a PIN number for lunch purchases in Maryland schools unless the state bans the technology.

Now which is more risky to student privacy, those 800 characters which I've freely put online and made public, or other types of records schools routinely and uncontroversially* keep?





*Ms. Pullmann seems to find the potential sharing of information without parental knowledge and the chipping away of existing privacy protections that prevented sharing of non-academic information (including biometric information) more problematic than the fact that schools know a lot of non-cognitive details about students.

On another note the mention of "a biometric wrap on kids' wrists" caught my eye. Within the large and growing list of biometric modalities, I've never heard of wrist biometrics. I suspect that this is another example of confusion that arises when "biometrics" and "biostatistics" are needlessly lumped together, a subject we have covered in some detail.

US Senate: Biometric worker ID sticker shock

Lindsey Graham: Federal ID for Workers Too Expensive (WLTX - Columbia, SC)
Senators working on a bipartisan immigration bill are likely abandoning the idea of requiring a new high-tech federal ID for workers because it's too expensive.

Republican Sen. Lindsey Graham of South Carolina says cost estimates for the biometric ID card he favors came in higher than expected. The card was intended as a way to ensure employers don't hire illegal workers.

Tuesday, March 12, 2013

Brazilian ghost doctors have rubber fingers

Note: all links in this post go to Portuguese language sources. Translations are a collaboration between Google and me.

My brother in São Paulo tipped me off to a rubber finger scandal in the Greater S.P. health service.

Doctor busted in SP for falsifying colleagues fingerprints with silicone (Floha de S. Paulo - Portuguese)
A doctor was arrested red-handed on Sunday, March 10 for using silicone fingers to fake the fingerprints use to mark the attendance of colleagues. She and the other doctors are employees of Samu Service (Emergency Medical Care) for Ferraz de Vasconcelos, in Greater São Paulo.

According to police, Thauane Nunes Ferreira, 28, registered the attendance of 11 doctors and 20 nurses. She told police she practiced the irregularity because she was coerced by her boss. 
Greater SPDoctors suspected of faking attendance are removed (Floha de S. Paulo - Portuguese)
Six Samu Service (Emergency Medical Care) doctors  in Ferraz de Vasconcelos, Greater São Paulo, paid R$ 4,800 [ed. $2,450 US] to the coordinator of the service in the city, Jorge Luiz Cury, in order to avoid working four 24-hours shifts per month for which they were paid, City Hall says. Police are investigating the case. The city pulled the servers allegedly involved in the fraud.

The day before yesterday [ed. see above], when the scheme was discovered, doctor Thauane Nunes Ferreira, 28, was arrested in the act of using mock fingers with silicone fingerprints to mark the attendance of six colleagues.
Where they have been adopted, biometrics have made ghostbusting easier. In this case, with time-and-attendance biometrics deployed someone had to create and use 31 rubber fingers (pictured at both links above). That draws attention. Without biometrics, scaling up the time-and-attendance fraud while decreasing the risk of detection would have been much easier. If this allegedly corrupt boss was willing to go up to at least 31 rubber fingers, how many paper employees would he have tried?


According to Wikipedia, Ferraz de Vasconcelos, where the fraud took place, is second-poorest of Greater São Paulo's 39 municipalities. Congratulations to all involved for stopping this instance of the corrupt stealing resources meant to provide health care to people far less fortunate than the doctors and administrators involved.


UPDATE:
[Via] Drudge and the BBC are now on the story. If you didn't want to wade through the Portuguese pieces linked above, you may be interested in these.


UPDATE II:
Upon closer examination of the the photos of the fake fingers used, another thought comes to mind. It certainly appears as though the fake fingers were created with the participation of their owners, making them evidence for the prosecution that they were complicit in the fraud.  As it is, the fake fingers used in the fraud come from a variety of live finger models. In the two examples pictured below, the one on the left appears to belong to a male and the one on the right appears to belong to a female. If the counterfeiter wasn't working from live models, there would be no reason to add a fingernail to the back of the fake finger.

Image edited from original photo at Folha de S. Paulo

Had the doctors' prints been somehow lifted via subterfuge and placed onto a silicone finger without their knowledge, we might expect all of the fake fingers to look very similar as the finger counterfeiter might have used his own finger as a model and simply placed the doctors' prints on it. Alternatively, as with The Old Gummi Bear Trick, the item bearing the fingerprints needn't look much like a finger at all.

Without biometrics (and with a more careful set of individuals), it might have been very difficult to prove that the doctors involved weren't just victims of identity theft by a corrupt official. With the evidence on hand (!) it should be a simple matter to determine if the fake fingers match those of the ghost doctors.

A larger question is whether this story argues for or against the adoption of biometric systems for time-and-attendance. Nobody should claim that biometrics or any other security or ID management measure is perfect and infallible. Nothing is infallible. In this case, however, it appears that having a biometric rather than a paper-based time-and-attendance system increased the costs and complexity of committing the fraud. It made executing its daily function (clocking in) more difficult to do without being noticed. And (at least in this case) it forced those complicit in the scheme to create pretty significant evidence of their involvement.

As a manager or law enforcement official, which case would you rather prosecute: one with rubber fingers or one with only a paper trail?

Note: This post has undergone a few revisions for the purposes of updating the post, correcting typographical or grammatical errors and to add clarity.

Who's in my country? That's a tough one.

Philippines will deploy biometrics for documenting the arrival and departure of international travellers (FutureGov Asia)
BI Commissioner Ricardo David Jr said the programme will enhance the country’s border security and boost the agency’s capability to thwart the entry of foreign terrorists and other illegal aliens.

The new scheme involves the use of an ink-less device and digital camera in capturing the fingerprints and photographs of the foreign visitors.
Doing something like this is easier for some countries than others. The Philippines has some advantages and challenges. Advantages include the lack of land borders with other countries. Since it's an archipelago, they can be pretty sure that no one is walking or driving there, so except for clandestine boat or plane landings, covering the sea- and airports takes care of it. But there are a surprising (to me) number of those, so the integration challenges are real.

Also relevant to integrating the entry and exit points is the percentage of international travelers who enter a country through one international travel node and depart the country from another.

The more nodes, the more travelers, the more complex the travel patterns of international visitors, all of these things place additional pressures on any sort of entry/exit system and these complexities don't necessarily increase as a linear function.

Of course all of this has bearing on the United States which has every challenge there is. It's not surprising that, biometrics or no biometrics, the US lacks a comprehensive integrated entry/exit system. A couple of good pilot projects might go a long way towards getting an idea of the exact scope of some of the challenges, though.

Monday, March 11, 2013

Kenya botches biometric election

The consensus view seems to be that Kenya really dropped the ball on integrating biometrics into its voter ID process. The few following examples should provide sufficient illustration, especially the item from the Turkish Weekly where a member of the Independent Electoral and Boundaries Commission acknowledges  the failure of the biometric system.

Then the biometric identification kits started to crash. (NPR)
"Then we have to look at why our biometric voter identification system did not work..." (Turkish Weekly)
"The Biometric Voter Registration also failed." (All Africa)

A partially dissenting view is here: Kenya polls: A Ugandan eye-witness’ account.

Who could have seen that coming? Well, anyone who paid attention to the procurement process, that's who.

For review see:
JULY 17, 2012 - Kenya: Procurement for Biometric Voter System Gets Messy
AUGUST 9, 2012 - Strange Things Afoot in Kenya Biometric Voter Registration Procurement
AUGUST 31, 2012 - Kenya Biometric Election Registration Update

It became clear last summer that little would be allowed to stand in the way of spending large sums of money: not laws governing the timing of voter registration and elections; not stated procurement processes; not offers of free equipment; and not the technical and organizational inability to execute on election day.

The bad news is it looks like that ordinary Kenyans, who deserve better, didn't get much for the money borrowed from Canada. Inevitably, some will use the occasion to discredit biometric voter ID in elections in general. That would be unfortunate, too.

The good news is that, at least so far, there has been no replay of the violence that took place following the last Kenyan national elections in 2007. We hope that continues to be true.

Friday, March 8, 2013

Real fake ID's

Facial recognition system leads to thousands of fraud arrests
After kicking off facial recognition technology, the Department of Motor Vehicle says the state was arresting people by the thousands for possible identity fraud. They were even a bit surprised at the number of people trying to cheat the system.

"We've arrested 2,500. We've taken 5,000 to administrative hearings," said Owen McShane from the DMV.
Read the whole thing for an education about how lax issuance of legitimate ID documents enables crime.

See also similar items from Washington and Texas.

Thursday, March 7, 2013

Malawi: Biometric voter registration

Malawi electoral commission adopts electronic voter registration system (Nyasa Times)
“The old method of registering voters did not have the inbuilt mechanism for accurate capturing of fingerprints which will assist in detecting multiple registrations and, therefore, there were instances where some unscrupulous individuals registered more than once.

“Biometric technology will make the detection and hence removal of multiple registration from the system resulting in the production of a more accurate and reliable register for all elections,” says the statement.

This means that the upcoming registration exercise will have an entirely new voters’ register that will replace the existing one and all voters identity cards.

In addition to capturing fingerprints, a voter’s photograph will also be taken on the spot. The photograph will be printed on the new securer voter identity card that will be issued to the voter at the point of registration as well as in the voters register.
Biometric voter registration without biometric voter verification leaves some gaps.

UID: Over a quarter of a billion served

Over 28 cr Aadhaar numbers generated till Feb (Deccan Herald)
"28,78,41,507 Aadhaar numbers have been generated as on February 28, 2013," Minister of State for Parliamentary Affairs and Planning Rajeev Shulka said in a written reply in Rajya Sabha today.

Andhra Pradesh generated 5.36 crore Aadhaar numbers -- the highest in the country--, followed by Maharashtra at 4.85 crore, Kerala at 2.29 crore, Madhya Pradesh at 1.85 crore, Rajasthan at 1.49 crore, Punjab at 1.34 crore, Jharkhand at 1.33 crore, Delhi at 1.29 crore and Tamil Nadu at 1.28 crore, he said.

The government has taken various steps such as increasing number of registrars from 90 to over 100 for speedy Aadhaar generation, uploading resident data packets within 20 days of enrolement, and engaging multiple printers to print Aadhaar letters, the Minister said.

But, there are some problems during enrolment, he said.

"Availability of proper infrastructure such as access to villages, public buildings for enrolment electricity, availability of verifiers appointed by the registrars, are some of the problems being faced during Aadhaar enrolment."

Friday, March 1, 2013

Can respect for privacy be a competitive differentiator?

Though biometrics get quite a lot of attention from people interested in privacy, the real action is in the internet browser and online services. Just remember — If you are not paying for it, you're not the customer; you're the product being sold*.

The Microsoft "Scroogled" ad campaign against Google is interesting because it indicates that the high-level marketing types at Microsoft believe the public is open to the message that some web services are taking too much information from users compared to the value the users receive in "free" services. Whether respect for privacy is a competitive differentiator among web services remains to be seen, but the fact that Microsoft has spent real time and money on the assumption that it is should not go unnoticed.

Google Privacy Chief Blasts Microsoft’s “Scroogled” Campaign at RSA Conference (CIO)

The bulk of the article linked above is devoted to privacy standards, privacy policy and corporate management. While that's not nearly as eye-catching as a slug fest between Information Age titans, it is a much more substantial issue and one worth of serious attention.