Tuesday, July 30, 2013

A discussion of facial recognition and advertising

Consumers Have No Constitutional Protection From Facial Recognition (Internet Evolution)
Over the past decade, marketers have increasingly relied on facial recognition technology (FRT) to create personalized advertisements. FRT depends on complex algorithms to identify a person by measuring the size, angle, and distance between a person's facial features. FRT then uses this information to search a database of similar features and matches the image to a stored reference photo. Within seconds of capturing an image, FRT can detect and identify a single person in a crowded public area.
Unlike earlier discussions of the use of facial recognition technology used to ascertain demographic characteristics rather than a unique identity, this article discusses true facial recognition in advertising.

Other posts containing longer comments on demographics vs. identity with respect to facial recognition:
Burgeoning Facial Recognition: How come no pitchforks?
FTC Freestylin' on Face Recognition

Friday, July 26, 2013

Thumbs up for biometric attendance in govt offices (The Hindu)
Cutting across party lines, members of Puducherry Assembly on Thursday demanded the introduction of biometric attendance system in all government offices to avoid late arrival of employees.
TSA 'PreCheck' expansion expected to enroll 88,000 in six months (Los Angeles Times)
Starting later this year, the TSA will allow all travelers who pay a $85 fee and submit background information, including fingerprints, to qualify for the program for five years.

In a report filed this week, the TSA estimated that 88,111 travelers would apply for the program in the first six months, with an additional 383,131 fliers applying in the following year.

The vetting process will take two to three weeks, the TSA said.

US: Iris and government ID

Who Are You? NIST Biometric Publication Provides Two New Ways to Tell Quickly (NIST)
A PIV card is a government-issued smart card used by federal employees and contractors to access government facilities and computer networks. The PIV card carries a photo, fingerprint information, personal identification number (PIN) and a cryptographic credential–random computer-generated data that are recognized only by the PIV card–all of which serve to bind the card to the card holder.

To assist agencies seeking stronger security and greater operational flexibility, NIST [ed. National Institute of Standards & Technology] made several modifications to the previous version of Biometric Data Specification for Personal Identity Verification. Major additions include:

On-card comparison of fingerprints for improved privacy. The specifications describe how to place one or two compact fingerprint templates and a recognition algorithm on the card. When the user wants to sign a document digitally or open a secure file, for example, she can place her finger on a reader attached to the keyboard to verify her identity. Currently, employees have to type in a PIN for matching, which is subject to error and misuse.

Iris recognition capability for increased security. Standardized compact images of one or both irises (the images are no more than 3 kilobytes each) can be loaded on the PIV card for compact on-card storage and fast reading times. The document provides performance specifications for iris biometrics to assure high accuracy and provides specifications for iris cameras to guide implementers on camera selection. These standards-based elements support interoperability within and across agencies using iris recognition technology.

iris images
Raw iris image (left) and bit-saving, processed image (right).
Source: NIST

Agencies may choose to add iris images as an alternate biometric over fingerprints, because, for some users, fingerprint collection can be difficult. At times, the fingerprints are too dry to yield a good image, and lotions, wounds or illness also can make for poor images. Agencies now have the option of using two biometric sources to avoid such circumstances.

Several recent NIST research projects have led to improved technologies for identity management that are included in the updated specification.
The full publication is available from NIST here.

See also: Iris ID tech is ready, but agencies might not be at Deep Dive Intel.

Scolding university professors on fingerprint time and attnedance

Stories bemoaning the adoption of biometric time-and-attendance systems are a dime a dozen. This piece from Calcutta, India takes the opposite stance in a humorous way.

Look who doesn’t want to get caught bunking (The Telegraph - India)
The attendance system was introduced at the varsity some five months ago and has since burdened teachers with regular classes, a habit hitherto unseen at most colleges in the capital.

“Biometric attendance is insulting. Do professors have to punch their fingers on a machine to prove they work? Does not the varsity believe in our honesty?” said Babban Choubey, the president of Federation of University Teachers’ Associations of Jharkhand.

Wednesday, July 24, 2013

It really is a race

Apple and Samsung struggle with hurdles in fingerprint race (Biometric Update)

...yet (continued)

Google Glass Will Not Be Offering Facial Recognition (States Chronicle)

This is an appropriate time to repost what we had to say the last time Google felt compelled to disavow facial recognition technology in relation to Glass.

June 3, 2013

If it's a camera, it can be used for facial recognition

Google outlaws facial recognition apps on Glass for now (CSO)
Google announced late Friday that it will outlaw facial recognition and other biometric identification apps on Glass, its networked eyewear still in prototype phase that's expected to be commercially released later this year.

“As Google has said for several years, we won’t add facial recognition features to our products without having strong privacy protections in place,” Google’s Project Glass team said in on its Google Plus page.

Google may have publicly said this, however until now its developer policy did not explicitly rule out apps that can do facial recognition.
If it's a camera, it can be used for facial recognition. Facial recognition is really just a specific type of image analysis. It doesn't matter where the image comes from. It could be a 19th Century daguerreotype or a picture taken from space. The software doesn't care. Presumably running the open source Android operating system, as a head-mounted sensor array with a camera, there is little or nothing preventing application developers from passing images collected via the headset through facial recognition applications not developed by Google.

Google's announcement should be taken to mean that Google isn't going to integrate facial recognition into Google Glass. Facial recognition apps won't be on the Google Play store. And, at least for now, they won't be facilitating face rec. in other Google services such as YouTube, search, Gmail, and Google+. [end repost]

In a twitter exchange, John at M2SYS nails exactly why every Google Glass face rec denial sounds so silly: The device screams for facial recognition applications and everybody knows it.

Terrible with names? Suffer from prosopagnosia? Wonder where you've seen that person before? There's an app for that.

July tweet chat: Steria and their recent survey of European opinions on biometrics

July 25, 2013 11:00 am EDT, 8:00 am PDT, 16:00 pm BST, 17:00 pm (CEST), 23:00 pm (SGT), 0:00 (JST)

tweetchat.com/room/biometricchat (or Twitter hashtag #biometricchat)

John at M2SYS

Steria Group (Twitter: @Steria) will be discussing the results of a recent European survey on biometric technology they conducted which revealed that although many support the use of biometrics for criminal identification and for use in passports and identity cards, less than half of those surveyed were amenable to using the technology to replace personal identification numbers (PINs) in banking.

  • Results of recent European biometric public acceptance survey
  • Convenience vs. security
  • USA vs. European view of how biometrics impacts privacy and civil liberties
  • “Passive” biometrics
  • How vendors can advance public education of biometrics
  • Viability of new biometric modalities
UPDATE and bump:
John has posted the questions for tomorrow's discussion:
  1. How do you explain the dichotomy between public acceptance of biometrics for identity cards or passports and the use of biometrics to replace personal identification numbers (PINs)?
  2. While we see “civil liberties” and “privacy” as one of the obstacles to wider use of biometrics in the US, is that the same thing you are seeing in your European survey?
  3. One of the dynamics that appears to be evident is that while people want to guard their biometric data, if they can get to the head of the line (e.g. Clear Me airport security program) they are willing to give up their biometrics.  Can you comment on how convenience and faster transactions might impact the more pervasive use of biometrics?
  4. Some country’s public sector organizations that have collected biometrics for a specific purpose are making them available for use by the private sector to prevent fraud, assure a person’s identity, etc.  Do you believe this is a trend we will see more of?
  5. How will “passive” biometrics like facial recognition, voice recognition and iris at a distance be accepted since it doesn’t require any specific actions by a person for it to be used?
  6. What strategies can biometric vendors deploy to help advance the public’s understanding of biometric identification that may help it to be more acceptable as a replacement for personal identification (PIN) numbers?
  7. What new or forthcoming biometric modalities (e.g. – heartbeat, thermal imaging, gait, DNA, etc.) do you predict has the best chance to become sustainable in the industry? Are there any specific modalities that you feel the public accepts more readily than others?

What is the BiometricChat:
Janet Fouts, at her blog, describes the format:
Twitter chats, sometimes known as a Twitter party or a tweet chat, happen when a group of people all tweet about the same topic using a specific tag (#) called a hashtag that allows it to be followed on Twitter. The chats are at a specific time and often repeat weekly or bi-weekly or are only at announced times.
There's more really good information at the link for those who might be wondering what this whole tweet chat thing is all about.

This one, the #biometricchat, is a discussion about a different topic of interest in the biometrics landscape each month. It's like an interview you can participate in.

More at the M2SYS blog.

Earlier topics have included:
Mobile biometrics
Workforce management
Biometrics in the cloud
Law enforcement
Privacy again
Biometrics for global development
Large-scale deployments
The global biometrics industry
Biometrics markets

Modalities such as iris and voice have also come in for individual attention.

I always enjoy these. Many thanks to John at M2SYS for putting these together.

Proof that no border control system will ever be perfect

Canadian man who swam to Detroit after 8 beers sorry for all the fuss (MSN)

Tuesday, July 23, 2013

Lessons Learnt From UID Data Loss (Biztech2.com)
Flashback: Tuesday, April 23, 2013 - That's not good: 300,000 UID enrollments lost in hard drive crash

TSA set to expand pre-check, biometrics (FCW)

Ohio Woman ordered to spend next 5 Christmases in jail for driver's license scam (Columbus Dispatch)

NFL teams might start checking draft prospects’ tattoos after Aaron Hernandez mess (Yahoo)

Immigration Department audits reveal large-scale fraud of visa system by Indian students and workers (ABC)"That was a porous, very bad system"

Could Thermal Imaging Soon Replace Fingerprint and Iris Scans? (M2SYS blog) — Short answer: No, at least not any time soon. A biometric modality depending on the vasculation of the face is, however, an interesting idea because unlike most novel biometric modalities, face biometrics and vascular biometrics are fairly well understood. The further into the future you look and the higher the value of the identification transaction, the better the technology looks.

Monday, July 22, 2013

The sensor-screen: Two giant leaps

Two things struck me about the news that Christian Holz and Patrick Baudisch of the Hasso Plattner Institute in Potsdam, Germany have developed a type of digital display that can sense fingerprints. World-first: Biometric screen recognises fingerprints (Techworld)

The first is the engineering of the screen itself:
The key that allows Fiberio to display an image and sense fingerprints at the same time is its screen material: a fibre optic plate,” said Holz.

The fibre optic plate is comprised entirely of millions of 3mm-long optical fibres bundled together vertically.

Each fibre emits rays of visible light from an image projector placed below the glass. At the same time, infrared light from a source adjacent to the projector bounces off the fingerprints and back down to an infrared camera below.
That sounds like each pixel is controlled with its own fiber and, theoretically at least, should allow for two-way communication of all sorts of information through the screen. At that point the screen might eventually become the camera, too.

Then there's the approach to authentication the screen technology facilitates.
Security is one of the main issues around deploying public computers and the researchers addressed this by implementing an additional security layer, which authenticates users every time they try and do something to verify if the respective user has the authority to perform the task they are trying to complete.
The other really big idea this screen-sensor allows is authentication on a per-input-event level, or constant ID verification. Because the screen can "see," it could always "know," to some degree, who is using it. With that, the whole log-in/log-out regime could get an overdue overhaul.

Friday, July 19, 2013

Mississippi: Fingerprint verification for subsidized services, finally

Mississippi implements finger scan system for daycare (The Commercial Appeal - Memphis, TN)
Under the system being implemented by the state Department of Human Services, parents must use a finger scanner to sign their children in and out. Proponents say it will save money and cause parents to visit preschools more often, but opponents argue the system is intrusive and creates technical headaches.

About 18,000 children will be affected by the move.
You have to read between the lines, but this is at least partly a ghost-busting mission within government-subsidized child care.

We first commented on this deployment in September of last year in Biometric deployment winners and losers. Follow the links for great examples of arguments made in opposition to tightening up ID management.

More here.

Not only does a fingerprint biometric raise the burden of proof that subsidized services are actually being provided, it makes it harder for unauthorized individuals to remove a child from a child care facility.

Thursday, July 18, 2013

Citizens want strong driver licenses

MorphTrust commissioned Zogby to survey 1,000 U.S. adults.

Survey: Majority in favor of facial recognition (SecureID News)
Overall, when it comes to better driver licenses, 83% support making sure the documents are secure to protect against terror attacks, underage drinking and identity theft. In addition, 83% are in favor of biometric background checks for transportation and warehouse workers who handle hazardous materials.

Wednesday, July 17, 2013

Malaysia: Biometrics may replace inky finger

No more indelible ink? (Astro Awani)
The government is prepared to consider the suggestion for the scrapping of the indelible ink and changing to the biometric system for the general election.

Interesting usability research out of the University of Washington

Read the whole thing; it's good. My little quibbles after the quote are meant to reinforce the general point of the research which is "if people won't use it, it won't work (and vice versa)." The importance of research is the attempt to identify and quantify, and therefore perhaps predict, how much people will endure before they throw their hands up in the air and quit on the technology.

Technology to Replace Passwords Fails User Tests (PsychCentral)
University of Washington engineers are trying to figure out why fingerprint- and eye- and face-recognition authentication technology have not gone mainstream. They found in a recent study that the user’s experience could be key to creating a system that doesn’t rely on passwords.

“How humans interact with biometric devices is critically important for their future success,” said lead researcher Cecilia Aragon, Ph.D., a UW associate professor of human-centered design and engineering.

“This is the beginning of looking at biometric authentication as a socio-technical system, where not only does it require that it be efficient and accurate, but also something that people trust, accept and don’t get frustrated with.”
So true, but hardly new. Security is, and always has been, a socio-technical system. We've all seen a waste basket used to keep a self-locking door propped open. If the security measure is disproportionate to the cost of a security breach, people will reject the system. Thoughtful security planners have always known this and it's why one of our mantras around here is "biometrics is about people."

Passwords are also likely to be around for a long, long time, but if biometrics could displace passwords in certain cases and allow for simpler passwords in other cases, that's a big advance. Where simple passwords (PIN's) are sufficient today, biometrics should be able to displace them altogether. Where increasingly complex passwords are required today, applying biometrics should allow for simpler passwords such as 4-digit PIN's.

That's nothing to sneeze at.

Startup: Facial recognition for payments

Is Facial Recognition For Payments Our Future? (Arctic Startup) — Helsinki based Uniqul grasps the challenges of trying to replace tokens with a biometric for point of sale use, and they have a clever approach. It's a big job, though.

A glossary of biometric terms

A handy reference: glossary of biometric terms available at TechTarget.com

Tuesday, July 16, 2013

Dueling headlines

Soon, your voice will be the only password you'll ever need (Business Insider - July 16, 2013) 

Soon, your body will be the only password you need (DVICE - June 26, 2013)

I couldn't help it..

Expect to see a whole lot more of this...

Chicago police go high-tech with facial recognition software (Chicago Sun-Times)
Story Image
Pierre Martin
Police had a photo captured on a CTA surveillance camera on Jan. 28 of a suspected mugger, looking to the side, after he had just allegedly stolen a cellphone from a man at gunpoint on a Pink Line train.

Police also had an ocean of photos for comparison — 4.5 million criminal booking shots.

They ran the program.

And Pierre Martin ranked No. 1 on a list no one wants to top.
We at SecurLinx deploy help police deploy these capabilities. The article is correct to note that officer training is a hugely important factor in successfully adding this capability to law enforcement efforts.

...and this.

New technology allows retailers to spot a celebrity approaching (The Telegraph - UK)
...[A] purpose-built facial-recognition system has been designed to ensure no hapless shop assistant accidentally snubs their best customer again, the Sunday Times reported.

The VIP-identification technology, created by NEC IT Solutions, is already being tested in about a dozen top stores and exclusive hotels in Britain, America and the Far East.

Industries face different incentives for biometric adoption

Why Do I Get Fingerprinted at 24-Hour Fitness but Not the Bank? (Go Banking Rates)
When discussing the advancements in fraud prevention, executive vice president of the Federal Reserve Bank of Atlanta expressed that the United States is “falling behind the rest of the world in fraud protection, and I’m afraid American consumers are getting the short end of the stick.”
US banks lag behind banks worldwide and American fitness centers when it comes to tightening up ID.

Biometrics and firearm safety

Hardly Anyone Is Buying 'Smart Guns' (Motherboard.com) — Biometric safes, however, seem to sell quite well.

Monday, July 15, 2013

Good news for iris biometrics

Notice: Link goes to a 22 MB pdf...

IREX VI - Temporal Stability of Iris Recognition Accuracy (United States National Institute of Standards and Technology - NIST)
Using two large operational datasets, we find no evidence of a widespread iris ageing effect. Specifically, the population statistics (mean and variance) are constant over periods of up to nine years. This is consistent with the ability to enroll most individuals and see no degradation in overall recognition accuracy. Furthermore, we compute an ageing rate for how quickly recognition degrades with changes in the iris anatomy; this estimate suggests that iris recognition of average individuals will remain viable over decades.
There's a whole lot o tehcnical detail on the full report.

The executive summary continues on to say...
However, given the large population sizes, we identify a small percentage of individuals whose recognition scores do degrade consistent with disease or an ageing effect. These results are confined to adult populations. Additionally, we show that the template ageing reported in the Notre Dame studies is largely due to systematic dilation change over the collection period. Pupil dilation varies under environmental and several biological influences, with variations occuring on timescales ranging from below one second up to several decades. Our data suggests that the natural constriction of pupil size over decades does not necessitate re-enrollment of a well enrolled iris.

Next Generation Biometric Technologies Market: Global Forecast & Analysis 2012-2017

North America leading biometric technology market (Companies and Markets)
The global biometric technology, types, and applications market is expected to reach $13.89 billion by 2017 at an estimated CAGR of 18.7%. North America is a market leader in biometric technology market.
John at m2sys has a worthwhile post on the report.

See also..
Russia biometrics market: Over $390 million industry by 2018

Uganda rolling out updated ID

National identity card issuance starts today (New Vision)
In the program the director citizenship and immigration control Wanzira explained that members of the public, who will come in to receive the IDs, will be verified to ensure that the real owners only receive the IDs.

“This is so, to ensure that the real owners behind the pictures and biometric data are the ones who end up receiving their national IDs,” stated Wanzira.

Face recognition passport check at Oslo airport

New Passenger Record Set in Oslo Gardermon Airport (The Nordic Page)
The system was introduced initially as a trial with two machines that are placed on arrival for passengers coming from countries outside the Schengen area.

The technology is based on face recognition and has a two-stage operation. After passing the first gate, traveler’s face is scanned to compare with the picture on the passport. After the image match is completed, the next door is opened and the border control finishes. The process takes about 15 seconds.
Try it; you'll like it.

Friday, July 12, 2013


“Look, its not a question of if your computer, car, or house will use biometric-based security. It’s a matter of when,” said McAfee CTO, Michael Fey. The tools have come of age and are ready to be deployed on a massive scale within the consumer space, he noted. (Forbes)

Ireland: Better ID increases efficiency of welfare

Welfare keeps economy going, says Joan Burton (The Irish Times)
The ceiling on her department’s spend next year had been set at €610 million lower than this year. Savings as a result of measures already taken would begin to bear fruit next year, and so the “ask” was a cut of €440 million. There were also increasing “asks” being made by changing demographics. There were more pensioners who were also living longer, the Minister said.

The live register was slowly coming down – now at 13.6 per cent – but not in some of the communities worst affected by unemployment. While foreign investment in job creation was healthy, the types of jobs being created were not helping the communities worst-affected by unemployment, she said.

Ms Burton said fraud prevention measures, such as identity checks and biometric identity cards, were saving €700 million a year.
It's not easy to draw a definite conclusion from the facts prevented about how much the better ID techniques are contributing to lower budget requests from the Minister for Social Protection. Foreign investment, job creation and the changing demographics of the retired portion of the population also influence the demands upon the Ministry, but better ID management certainly helps.

Face veins

ID got you, under the skin (Phys.org)
Ayan Seal and colleagues have developed a computer algorithm that can analyze the minutiae of the blood vessels revealed by an infra-red scan of a person's face. The thermogram readily reveals the pattern of blood vessels almost down to the smallest capillary with an accuracy of more than 97%. Such a degree of precision would suffice even for high-security applications provided the thermogram scan was tied to second or third forms of identity, such as photo ID, security card, PIN number etc.
A biometric modality depending of the vasculation of the face is an interesting idea because unlike most novel biometric modalities, face biometrics and vascular biometrics are fairly well understood.

Thursday, July 11, 2013

European attitudes on biometrics

Steria surveyed 3,650 citizens from UK, France, Germany, Denmark, Norway and Sweden in June 2013 on their attitudes toward biometric ID management applications (Press Release via Businesswire India)

81% of European citizens are in favour of using biometrics to identify criminals.

69% support the use of biometrics in identity cards or passports.

69% support the use of biometrics to enter secure areas (access control).

45% are in favour of the use of biometrics to replace PIN numbers for bank cards.

More at the link

Voice Recognition Capabilities At The FBI

Hirotaka Nakasone, Senior Scientist, FBI Voice Recognition Program, examines the use and effectiveness of current speaker authentication technologies at the FBI. In this IDGA exclusive, Nakasone also highlights the various challenges that are unique to voice recognition, and discusses what plans are in place for capturing voice recordings in line with the FBI’s Next Generation Identification (NGI project).

Definitely worth checking out.

True: "Kids lose their school IDs but they don't often lose their eyeballs"

Iris scans are the new school IDs (Hartford Business Journal)
That's one of the reasons why a growing number of schools are replacing traditional identification cards with iris scanners. By the fall, several schools — ranging from elementary schools to colleges — will be rolling out various iris scanning security methods.

Tuesday, July 9, 2013

Biometrics headline of the year

2013 is just over half complete but I just don't see how this one can be topped:

Thanks are due the New Zealand Customs Service both for contributions to security, and for advancements in the art of the press release.

Liveness Detection – Iris Competition

Clarkson University researchers test latest iris recognition technology (North Country Now)
Clarkson’s Center of Identification Technology Research (CITeR), a National Science Foundation Industry/University Cooperative Research Center, is co-hosting the Liveness Detection – Iris Competition this summer.

Clarkson, along with the University of Notre Dame and Warsaw University of Technology, have invited developers of iris recognition technology worldwide to submit their devices for the competition. The researchers will test the effectiveness of each device over the next couple of months and present their findings at a conference on biometrics this fall.

Israel makes another run at biometric ID

Israel is having a go at a biometrically enabled ID document system. Participation is voluntary, for now. It's also worth noting that this isn't the first time biometrics have come up in a discussion of Israeli ID, but at least this time the biometrics part belongs there.

Sa'ar: No reason to panic over biometric database (Ynetnews)
After countless discussions, delays, objections, Israel launches database enabling smart identity cards. Interior minister says system meets 'highest standards of data protection preventing identity theft.' Labor's Yachimovich: Experiment on humans
Wow, that is some strong talk from Shelly Yachimovich. See also...

Yachimovich Opposes Biometric Database (Arutz Sheva)

Long-delayed biometric database pilot program gets underway (The Times of Israel)
Residents of the central Israeli town of Rishon Lezion were invited to trade in their current Israeli identity cards for a new “smart card” that will digitally encode not only their personal information, but also their fingerprints, photo, and facial profile (the contours and other details of the face). The government will study the results of the voluntary pilot program, searching out glitches and problems in the system before it becomes mandatory — according to plans, in two years.

Pilot begins for Israel's National Biometric Database program (+972)
The government claimed that the database is needed in order to prevent the forging of Israeli ID cards and passports. However, critics point to the fact that the government could issue “Smart IDs,” which themselves store biometric data, without keeping the personal records in one national database.

Europeans, especially the French, are open minded about biometrics

Majority of Europeans support biometrics for ID cards or passports (Biometrics Update)
Specifically, 81 percent of French citizens favour the application of biometrics for ID documents, compared to 74 percent of Danish respondents and 68 percent of the survey’s British respondents. Across Europe, 69 percent were also in favour of using biometrics as a form of access control for secure areas. In this case, the French respondents proved again to be the most supportive, with 77 percent, followed by the Danes at 75 percent and the Brits at 69 percent.
More survey results including private sector biometrics at the link. The French people surveyed seem to be way more positive on biometrics than their government.

See also: French shoppers give new payment method the thumbs up.

ID management M&A

Equifax Buys Identity Protection Startup TrustedID for About $30 Million (All Things Digital) 
As part of the transaction, TrustedID will become part of Equifax Personal Solutions, the company’s direct-to-consumer business unit that offers credit monitoring and identity protection solutions. That said, TrustedID’s 30 employees will remain at its Palo Alto, Calif., HQ.

EMC Nabs Aveksa, a Player in Identity Management (All Things Digital)
EMC said today that it had acquired Aveksa, a privately held company that specializes in identity management. It’s based in Waltham, Mass., and has significant operations in India. First reports of the deal came from the Times of India, which said EMC paid $225 million. Aveksa will become part of RSA, the security division of EMC.

Monday, July 8, 2013

United Arab Emirates

UAE ID programme model for the world, security experts say (The National)
Security, counter-terrorism and military experts speaking at a conference at the Emirates Centre for Strategic Studies and Research said the Government's approach in collecting biometric data and securing its interests was an example that should be followed by other nations.

Friday, July 5, 2013

Nigeria: The ghost worker numbers in this piece are shocking

Boyo: Ghost workers and indulgent exorcists (The Guardian - Nigeria)

♦ A 2010 staff audit of the Nigeria Police Force revealed over 100,000 ghost police officers out of 330,000 officially registered policemen.

♦ In 2011, the Rivers State Universal Basic Education Board reported losses of N2.4 billion (approx $26 million) annually to 1,477 ghost workers

♦ In the same month, after conducting a biometric audit, The National Identity Management Commission uncovered 4,000 ghost workers out of about 10,300 employees on its payroll.

♦ The Ekiti State government loses over N3 billion annually to ghost workers out of a projected annual budget of N80 billion.

There are many more examples at the link.

Wednesday, July 3, 2013

India: UID contains iris data, too.

All applications I've heard of are designed to access the UID (unique identification) biometric database have relied on fingerprints, until now.

If I'm reading this right, the state of Maharashtra (containing Mumbai & Pune) has some interest in exercising the iris end of the UID database and is preparing a pilot program to do it.

Aadhaar may soon try 'authentic' iris (DNA India)

The linked headline may have things backwards, though.

Aadhaar is UID — a database of identity information including biometrics. Anyone can develop apps that tie in to the UID database, and I'm pretty sure that the organization that maintains the UID database, the UIDAI (Unique Identification Authority of India), has scrupulously avoided competing in the app market by inventing its own apps or developing apps for outside customers whether they are public entities like state governments as in the example linked above, or private entities like banks.

That is wise. In maintaining the world's most ambitious ID repository, the UIDAI has plenty on its plate already and telegraphing to would-be app developers that they are going to be in competition with the guy that "owns" all the information would certainly hinder the app market.

So, Aadhaar is not going to "try" iris biometrics. It has already carved out a section of the database dedicated to iris biometrics. The news is that the iris part of the UID database is attracting the attention of end users and the second biggest state in India is taking the first steps toward integrating UID's iris functionality into its operations.

New Zealand extending online government services with ID innovation

Govt-backed online identity system – ‘RealMe’ ready to go (Scoop)
From this week, New Zealanders can begin signing up for RealMe - the only online identity verification service backed by the New Zealand government.

Instead of waiting in line with paper identity documents each time they want a service requiring ID from a government or private sector organisation, people will soon be able to prove their identity online with RealMe and apply for services from home.
New Zealand seems to be quietly building a very advanced ID infrastructure that links government identity documents, government services and the postal service together through biometrics, facial recognition in this case.

India to require fingerprints before issuing SIM card

Soon You Will Require Fingerprints To Buy A SIM Card (SiliconIndia)
To put an end to the unauthorized distribution and access of SIM cards by fraudsters, the home ministry has asked Department of Telecommunication to explore various measures to take biometric details including fingerprints by cell phone service providers before activating the connection.

India isn't alone. Pakistan is considering a similar requirement for purchasing a SIM (Subscriber Identity Module) card as a way of more definitively tying mobile phones to their purchasers.

Nigeria implemented a similar system beginning in 2010.

There are several reasons that countries want to do this. Most are related to making it easier (or even possible) to investigate crime. Mobile phones are critically important tools in criminal enterprises such as ransoming kidnapping victims and organized robbery. Terrorists depend upon mobile phones both for communication and to detonate explosive devices: Tele-operators briefed on biometric system (The Nation)
“NADRA being the sole custodian of biometrics of over 96 percent total population of the country, has offered the biometric solution in the wake of Interior Ministry’s grave security concerns over the use of cellular devices in terrorist plots,” the spokesperson said. It should be noted that on December 1, 2012, the Prime Minister, after taking notice of insecure sales mechanism for issuance of SIMs, directed all telecom companies to employ biometric verification for SIMs issuance within two months’ time.

Tuesday, July 2, 2013

Since heartbeat biometrics are in the news again...

Heartbeats Could Replace Passwords (NPR Boston)
Instead of memorizing all those passwords, what if the key to unlocking everything could be linked to something unique about you — like the rhythm of your heart?

That’s what biometric researchers in Toronto have come up with.
For reasons that are both scientific (research based) and economic (market based), the road to commercialization of any new biometric modality is steep.

And as we discussed last year, the electrical properties of a human heartbeat may not have the characteristics that make success likely.

South Africa: Smart IDs to be rolled out in July compatible with 2014 election

Ctizens who have been issued with the new smart identity document (ID) card by the 2014 national election would be able to use it to vote, the Independent Electoral Commission (IEC) has said. (Engineering News)

"Everybody talks about the password, but nobody does anything about it."

Mark Twain said that. Or, maybe it was Charles Dudley Warner.

See: Millions of Internet users have learned the hard way, no password is safe (mybroadband)

Monday, July 1, 2013

Biometrics and user experience

Five potential UX issues with biometrics (Econsultancy)

Biometrics are about people. Tom Stewart's post reinforces the point and highlights five "potential UX [user experience] issues" — negotiations, if you will — that take place between organizations that adopt biometric ID management technologies and end users.

In brief, they are: Privacy; Reasonableness; Proportionality; Fear; and Behaviour.

The validity of the framework he offers is supported by the observation that it can be applied to all sorts of identity management technologies, not just biometrics.