Tuesday, December 23, 2014

BYOD driving demand for mobile biometric hardware

In 2011, we observed that:

Mobile hardware is a tricky business. There is a tension between the market signals coming from the "make 'em cheaper" vs the "make 'em more secure" crowds.


It looks like that is set to change in a big way...

BYOD Security to Improve With Mobile Device Biometrics
IHS technology supports that claim and reports that mobile companies will drive that growth through the use of fingerprint sensors, a market that could be valued at $1.7 billion by 2020. "Fingerprint sensors have arrived in force and we are forecasting that shipments of fingerprint enabled handsets and tablets will reach 1.4 billion units by 2020," Marwan Boustany, senior analyst at IHS Technology, told the publication.
As with many things in the technology world — domestic air travel, vehicle air bags, mobile phones, etc. — mobile biometric hardware started out with high cost and limited appeal. If International Data Corporation (IDC) is correct in its assessment, mobile biometrics could take a similar path to ubiquity.
Juniper: Biometrics, NFC top tech trends of 2015 (SecureIDNews)
The number one trend is secure data by using encryption, tokenization and biometric authentication. In the wake of a number of high profile security breaches, cloud service providers need to regain trust at both the enterprise and consumer level.

Monday, December 22, 2014

US: Los Angeles County acquiring multimodal biometric ID system

LA County Sheriff’s Department to Start Collecting Face and Eye Scans (The Epoch Times)
Thai argues the new data collection will actually protect people from identity theft and will avoid wrongful arrests.

“Sometimes we arrest people, and they don’t use their real name, so by having a better way to identify that person, it will protect the public [from] those that will get their name used by somebody else,” he said.

The technology will be used by all of the approximately 46 law enforcement agencies in Los Angeles County. It will take about 15-18 months to be installed and fully operational.
LA County may be one of the more complex law enforcement environments in the developed world.

Technology is neutral

WikiLeaks Releases Alleged CIA Documents Detailing Travel Tips For Undercover Agents (IBT)
“The two classified documents … detail border-crossing and visa regulations, the scope and content of electronic systems, border guard protocols and procedures for secondary screenings,” WikiLeaks said, in the statement. “The documents show that the CIA has developed an extreme concern over how biometric databases will put CIA clandestine operations at risk.”

In the leaked documents, the CIA also expressed concerns over the impact the implementation of a biometric security system in the Schengen Area would have on its undercover operatives traveling under false identities, adding that it would “increase the identity threat level for all US travelers.” The Schengen Area comprises of a bloc of 22 European nations that have relaxed passport and border controls at their common borders.
Biometrics can be used to suss out identity fraud among organized criminals. Biometrics also appear to be greatly complicating the activities of intelligence agencies to move assets from country to country.

The technology doesn't care.

Monday, December 15, 2014

Being realistic about passwords

Ping Identity engineer: On second thought, passwords may be okay (FierceEnterpriseCommunications)
In the first part of a new discussion with Paul Madsen, a senior technical architect in Ping's office of the CTO, I first asked whether Ping truly did intend to resurrect the password as a viable mechanism by way of supporting FIDO 1.0.

Paul Madsen, Senior Technical Architect, Ping Identity: It's less a resurrection than just trying to be a little bit realistic about what FIDO does, and what it can do. Half of the FIDO specification set--U2F, specifically--pretty much assumes that there are still passwords in the mix. FIDO, arguably more so than killing off passwords, just mitigates some of their worst problems, particularly the risk of bulk compromise of the password database, as we see more and more.
Two things jump right out of this article. The first is the realistic treatment of the fact that passwords aren't going the way of the dodo any time soon. The second is that passwords that control access to databases of passwords are very different than passwords that control access to an individual account.

The big scores are database hacks.

See also:
FIDO is not the end of passwords (and that's OK) at the Ping Identity blog. It's well worth it.

Friday, December 12, 2014

Face rec ATM debuts in Baltimore

Face-scanning ATM test in Baltimore (PYMNTS)
Securityplus Federal Credit Union is installing the biometric ATM at one of its seven branches. Instead of calling in each member for a photo session, the ATM will snap a picture after members enter their eight-digit PIN. When the member later returns to the ATM for another transition, if the face is deemed a match, the transaction is granted without requiring the PIN again.

Predicting the future of security

IDC Reveals Worldwide Security Predictions for 2015 (TMCnet)

Some excerpts:

2. Biometric Identification - Mobile devices have biometric capabilities and in 2015 we expect that 15% of those devices will be accessed biometrically, and that number will grow to 50% by 2020.

5. Security SaaS - Enterprises will be utilizing security software as a service (SaaS) in a greater share of their securiy spending. By the end of 2015, 15% of all security will be delivered via SaaS or be hosted and by 2018 over 33% will be.

6. User Management - By 2016, multi-factor authentication will be the primary method of access control used by 20% of enterprises for highly privileged or otherwise sensitive accounts.

There's a lot more good information at the link.

Wednesday, December 10, 2014

Vascular biometrics have a lot to offer

Hitachi finger vein scanner could secure large venues (Network World)
The scanner is able to confirm a person’s identity by detecting finger vein patterns, which are unique to each person. It works regardless of the number of fingers used or their orientation above the scanner surface, allowing it to process about 70 users per minute.
Vascular biometrics have a lot to offer. There's no latency (i.e. no prints left behind). They're contactless, and they're getting faster.

Well, he will be soon, he's very ill.


The Dead Collector: Bring out yer dead.
Man With Dead Body: Here's one.
The Dead Collector: That'll be ninepence.
That Claims It Isn't: I'm not dead.
The Dead Collector: What?
Man With Dead Body: Nothing. There's your ninepence.
The Dead Collector: 'Ere, he says he's not dead.
Man With Dead Body: Yes he is.
That Claims It Isn't: I'm not.
The Dead Collector: He isn't.
Man With Dead Body: Well, he will be soon, he's very ill. [Source]

FIDO 1.0 Specifications are Published and Final Preparing for Broad Industry Adoption of Strong Authentication in 2015 (FIDO Alliance)
“Today, we celebrate an achievement that will define the point at which the old world order of passwords and PINs started to wither and die,” said Michael Barrett, president of the FIDO Alliance. “FIDO Alliance pioneers can forever lay claim to ushering in the ‘post password’ era, which is already revealing new dimensions in Internet services and digital commerce.”
FIDO is doing great work at developing standards for managing online identity without passwords.
FIDO's press release and this article at PC World explain what FIDO is up to quite well and the people behind FIDO are to be commended for tackling a serious issue, the solution to which could add significantly to the value proposition for businesses and customers interacting over electronic networks.

Just don't fall for all the "death of passwords" hype that is out there in other places.




Passwords are going to be around for a long, long time but FIDO is doing a great job of corralling them back to where they can do the most good with the least annoyance.

See also:
Why Passwords are Great

Fingerprint credit cards headed to the UK

New Biometric MasterCards Take Norway; Britain is Next (findBIOMETRICS)
So next year the card is going to make its debut in Britain, a country that seems to have recently come around to the benefits of biometric technology, having fully embraced biometric airport screening after a disastrous initial go of it a decade ago. The fingerprint scanners in MasterCard’s new credit cards are, of course, for authentication purposes, and will replace the PIN system currently in use in Britain.

Thursday, December 4, 2014

Tech firms developing privacy expertise

Eid Passport Lawyers Up On Biometric, Data Issues (findBIOMETRICS)
To those outside the industry it may seem like an odd thing to announce, but those in the fields of identity management and biometrics are likely well aware of the anxieties percolating as data-collecting technology steadily creeps into many facets of contemporary life...

Biometrics for secure medical records access

NSTIC pilot uses biometrics to bring identity management to seniors (Fierce Government IT)
Members of AARP, a nonprofit group that serves adults 50 years or older, are testing technology to help them better manage their digital identities in a simple, but more secure way using biometrics. It's just one of 15 federally funded pilots that was recently highlighted by the National Institute of Standards and Technology.

Access control upstages video surveillance

The Press Release for this Memoori market research study contains a lot of great information...
The Physical Security Business in 2014

This steady consistent growth since 2011 has been driven by a combination of factors including strong growth in IP Video Networking and IP Access Control products, buoyant markets in Asia and North America and higher levels of penetration in vertical markets such as transport, retail, health and education.

ACCESS CONTROL MOVES TO IP AND DELIVERS CUSTOMER VALUE PROPOSITIONS

Access Control, for so long the poor relative of Video Surveillance, this year it has come out of the shadows and upstaged it by delivering a higher growth rate and we forecast that it will continue to increase its growth rate over the next 5 years.
This will be achieved by moving to IP Technology and integrating Access Control with Identity Management. There can be no doubt about the business case for integrating these services. Identity Management for the purpose of Access Control has given rise to a number of major acquisitions in the last 5 years. September 2010 saw a flurry of activity with the purchase of L-1 Identity Solutions by Safran for $1.1 billion, 3M’s purchase of Cogent Systems for $430m, the merger of AuthenTec and UPEK. In 2014 whilst the number of deals declined, this group accounted for 19.2% of the total number of acquisitions and 5.6% of the total value.
Access control through a standard card reader system is a weakness particularly at a time when risk of corporate theft, malicious damage to staff and property and terrorism has increased. The need for a more secure system incorporating biometric devices to authenticate identity and manage the process is becoming a standard requirement for new systems in high security areas.
Physical Identity and Access Management (PIAM) is also a service that promises to deliver further growth opportunities. It enables common policy, workflow, approval, compliance automation and life cycle management of the identity / badge holder (employee, contractor, visitor, temps) across disparate physical security systems. The key benefit from PIAM solutions is operational cost reductions that can be delivered through this platform providing a bridge between the disparate systems, without stripping out and starting again. PIAM has so far failed to attracted the mainstream PACS business.
There is a steady stream of alliances and partnerships between PIAM Software companies & PACS companies but so far we have not identified any mergers and acquisitions. Information on the business is pretty sparse and most “best estimates” on the market size range around $150 million. This if accurate is quite small considering that virtually all Fortunes Top 500 companies must have installed one.

IMPROVED PERFORMANCE, ROI & REDUCED TCO

Now has to be the time to dig even deeper and for manufacturers to increase their efforts to align the motivation of security buyers to invest in better performing systems through educating and training both themselves and those in the distribution channel in order to drive out all the benefits.
Whilst technology has been the enabler of change, the driver and motivator is now clearly to channel this to deliver products and services that increase productivity and provide a better ROI and reduce the TCO. This is gradually changing the buyers culture from believing that physical security is a pure cost centre to a profit centre.
Security, sadly, is still regarded by most end users as a cost center and as such has been towards the end of the food chain for capital investment. This can be crucial when budget reductions are on the agenda. However a gradual change in attitude by buyers is taking place. Specifically that security can be a cost saver when reducing shrinkage (retail) and that when integrated with other services it can increase productivity in the business enterprise and therefore reduce operational costs. This has been made possible through IP convergence and in some vertical markets such as retail there is a growing belief that IP Video Surveillance should be treated as a profit centre.
This has had a major impact on increasing the value-add on security projects. The market has not been slow to see the opportunities and changing requirements for more converged and integrated solutions. In order for companies to deliver such systems many have decided that it is necessary to acquire, merge or form alliances and partnerships with other suppliers. In order to maximize the opportunities of delivering on ROI it is vital for suppliers to have specialist knowledge and experience in vertical markets. But equally important is to have the networking skills to join all the vertical and horizontal layers of product together with the analytical software and interface with the other building services software and finally join them to the business enterprise. Video Surveillance is already on route to establishing an important role in the Building Internet of Things (BIoT) and the wider IoT.

Wednesday, December 3, 2014

Marketers look to "facial coding" program

The new technology that can read your face, and your mind (Yahoo - Australia)
Using the camera in your personal device, the new facial recognition software interprets your emotions by mapping the minute movements of your eyes when you smile, your mouth when you gasp or the furrow of your brow when you are confused.

“They use the technology to make sure that people have understood their content,” Matt Newcomb from Proctor and Gamble said.
Some (me included) might quibble that this isn't technically a facial recognition system because it isn't used to uniquely identify an individual within a larger set of individuals even though true face-rec and this emotional response detector use some of the same underlying technologies.

Some organizations that opt for this type of technology will do a better job of explaining its use than others.

Ghana: Praise for biometric health insurance scheme

Government has been commended for giving full backing to the Biometric Registration System adopted recently by the National Health Insurance Authority (NHIA) to ensure greater patronage. (Spy Ghana) — the new system has completely abolished the three months waiting period which, hitherto, newly –registered members had to go through before getting their membership Cards.

The Nitty Gritty of fingerprint algorithm testing

re:ID podcast — The Minutiae Interoperability Exchange Test
Gina Jordan and NIST researcher Patrick Grother discuss the ins and outs of how some fingerprint templates are made and how the US National Institute of Standards and Technology (NIST) provides the service that allows algorithm developers to test them (6:26 min.).

Biometrics in US v ISIS Co-In

U.S. expects some familiar faces among Syria rebel recruits (Reuters)
The Pentagon has estimated that it can train 5,400 recruits in the first year and that up to 15,000 will be needed to retake areas of eastern Syria controlled by Islamic State. It hopes more training sites might allow training of more recruits.

They will face a thorough vetting, including psychological exams and gathering of biometric data, the official said. Candidates' names would be run through U.S. databases and shared with regional allies for checks.

Tuesday, December 2, 2014

Ghana streamlines payments to employees

GhIPSS hails National Service e-zwich agreement (Ghana Web)
The National Service Scheme announced a change in the mode of payment of allowances last week, saying from January 2015 payment of allowances to all national service personnel at post shall be effected through the biometric e-zwich platform.

This is to ensure that payments are made directly to national service personnel by cutting down on the existing long chain of effecting payments.

Monday, December 1, 2014

India linking UID to voter rolls

India: EC to check bogus voting, link Aadhaar with electoral rolls (Hindustan Times)
“We keep getting complaints of bogus and duplicate votes. One of the best ways to ensure that a person votes only once in the country is to link electoral rolls with Aadhaar numbers. It will be a very tedious and time-consuming exercise and we can start it only when elections are over,” Delhi’s chief electoral officer Vijay Dev said.

“We will organise special camps for people to first enrol for Aadhaar and then for the electoral rolls, especially in areas where the enrolment for both Aadhaar and voter card is extremely low. We will tie up with the district administration for this,” Dev said.

Former chief minister and Aam Aadmi Party national convenor Arvind Kejriwal had complained to the CEO that fake votes were allegedly being cast in different constituencies. The electoral office also stumbled upon some names in the electoral rolls, pointing towards a bigger racket.

Push notifications to bust truant Saudis

Saudi School Goes Biometric to Curb Student Bunking (New Indian Express)
In a novel step to monitor students' attendance, a school in Saudi Arabia has introduced fingerprinting system, also enabling parents to be updated about their children's arrival and departure time via a cellphone message.

A way out of "Authentication hell"

Biometric authentication could help solve online fraud (bobsguide)
Darren Hodder, Director of Fraud Consulting told delegates at the SMi 2nd Annual Big Data in Retail Financial Services last week that the easiest way to solve online fraud is for banks to know exactly who their customer is, which could be achieved through biometric authentication.

Hodder believes that we are currently in “authentication hell” and that the authentication processes used by biometrics such as facial, iris, finger print or vein recognition could help to reduce the risk of fraud and enhance customer experience by enabling banks to recognise exactly who their customers are.

Friday, November 28, 2014

Everything old is new again: Bringing back the Bertillion system...


...also known as anthropometry or Bertillonage, the Bertillon system was established in 1882 by Alphonse Bertillon.

Bertillionage relied upon recording various measurements of the human body that were assumed to remain constant over an adult's lifetime. The example above from Jersey City, New Jersey shows ten measurements.

If one accepts "body measurement" as a rough translation of "biometrics," it's hard to argue that Bertillon wasn't the very first proponent of biometrics for identity management.

Unfortunately for the Bertillion system, twin brothers with the same name, same measurements and at the same prison precipitated its abandonment for the new science of fingerprints, aka dactyloscopy.

All of which brings us to this news from Australia...

"Body recognition" compares with fingerprint ID (Medical Xpress)
University of Adelaide forensic anatomy researchers are making advances in the use of "body recognition" for criminal and missing persons cases, to help with identification when a face is not clearly shown.

PhD student Teghan Lucas is studying a range of human anatomical features and body measurements that can help to identify a person, such as from closed circuit television (CCTV) security videos, no matter what clothing the person may be wearing.
As we have said before, any biometric modality can be useful, especially when it is the only piece if information available and this one is obviously conceived of being helpful in forensic investigations rather than in wide-scale identity management applications. Nevertheless, it's good to see the work of one of the early giants of criminal investigation being carried forward into the 21st century.


See also:
The Bertillon System: An Early ID Management System
The History of Fingerprints (and the Death of the Bertillon System)

Wednesday, November 26, 2014

Chip-level vs. App-level security

They're not the only ones — Intel, McAfee working to eliminate passwords by using biometrics (PC World)

Where one deploys a particular security feature can be an interesting call. For computers, most biometrics are deployed somewhere in the software at either the OS (operating system) or application layer. That makes a lot of sense in terms updates and trouble-shooting, but there are more secure approaches.

Is Intel/McAfee looking closer to the chip for the sweet spot to apply biometric ID for access to the computer? This would make a lot of sense, too. It's very secure but it does foreclose some user support options. If the security is in the hardware, it really has to be completely reliable.

A useful metaphor might be a Microsoft update versus a product recall.
OPINION: The tipping point for biometric security (ABC - Australia)
Currently most of us depend on passwords to protect our online identities. But passwords may be the largest security liability of the internet. They have numerous weaknesses that put consumers, corporates and the wider online world at significant risk.
...
Ultimately, convenience, ease-of-use, speed and accuracy are appealing attributes for authentication and this will drive the adoption of biometrics.

Secure Communities, RIP

Obama Finally Puts an End to Unpopular Secure Communities Program (AllGov)
As part of broader immigration reforms, the Obama administration announced Thursday that the Secure Communities program, which mandated that local law enforcement submit biometric information on those suspected of being undocumented immigrants to the federal government, is going away. In its place will be the Priority Enforcement Program, which specifies that those held must be likely deportable or have a removal order in effect against them.
See also: Obamnesty ends Department of Homeland Security’s Secure Communities program (USA Today)

The tone of the two headlines provides an interesting contrast. Few who knew about the Secure Communities program were ambivalent about it.

Our discussion of the program (maps, statistics, etc.) peaked in 2012.

Friday, November 21, 2014

For some things, 90 minutes is "rapid"

The FBI Is Very Excited About This Machine That Can Scan Your DNA in 90 Minutes (Mother Jones)
The RapidHIT represents a major technological leap—testing a DNA sample in a forensics lab normally takes at least two days. This has government agencies very excited. The Department of Homeland Security, the Department of Defense, and the Justice Department funded the initial research for "rapid DNA" technology, and after just a year on the market, the $250,000 RapidHIT is already being used in a few states, as well as China, Russia, Australia, and countries in Africa and Europe.
One hugely important thing DNA analysis can do that other biometrics can't is to establish familial relationships. This 2011 piece about the RapidHIT technology mentions that the government found in one audit that 80% of relationship claims among asylum-seekers were fraudulent.

That, by itself, guarantees a certain level of demand for DNA analysis. The other use cases mentioned in the Mother Jones article linked at top are interesting, too.

Thursday, November 20, 2014

New Saudi biometric visa policies meet some resistance

PAKISTAN: Travel agents protest implementation of biometric system for Saudi visa applicants (Express Tribune)
“We have written to Etimad three times to come and discuss with us the system but they are not contacting us,” said Khalil, adding that if the system continues in the same manner, then the number of pilgrims from Pakistan would be reduced by half.
Pakistan already uses biometrics pretty extensively in elections and travel documents, so this seems to be more about implementation than biometric acceptance.

Whose ghosts are these?

KENYA: Government officials to be probed over 12,000 ghost workers (Daily Nation)
The Cabinet has ordered government officials be investigated for allegedly colluding to pay 12,000 staff unaccounted for after the conclusion of the biometric registration exercise.

Wednesday, November 19, 2014

Japanese vascular biometrics tech in the banking news...

Hitachi: Malaysian bank keen to adopt biometric reader technology (Astro AWANI)
A Malaysian bank is keen to adopt Hitachi Asia Ltd's finger vein authentication technology solution.

Its senior vice-president/general manager ICT Solutions Business Regional, Mitsuhisa Kajiyoshi, said the new solution would enable the customers to easily access their online bank accounts and authorise payments within seconds, without the need for personal identification numbers, passwords or authentication codes.


Fujitsu Looks To Secure Card Payments With Biometric Data (Tech Week Europe)
Fujitsu says its new PalmSecure ID Match device will make identity verification and card payments more secure by combining a chip and PIN system with its palm-vein scanning technology for multi-factor authentication.

The unit is similar to current point of sale systems and comprises a multi-card reader, its PalmSecure sensor, a touchscreen and a processor board powered by an ARM chip.
It really does seem that Japanese tech firms dominate in hand-vein biometrics.

Face recognition gaining appeal

Analysis of the Global Face Biometrics Market (Companies and Markets)
The global market for face biometrics across government and commercial applications is at the growth phase of the Gaussian curve. North America (NA) and Europe account for a major share of the world market, with this trend expected to continue over the forecast period. Emerging economies such as Brazil, India, South Africa, the Middle East, Russia, and China are expected to embrace this technology, thereby offering considerable growth opportunities.

Biometric visitor exit monitoring back in the news

SIA forms 'Airport Entry and Exit Working Group' with SIBA (Security Info Watch)
The Security Industry Association (SIA) and Secure Identity & Biometrics Association (SIBA) on Tuesday announced the formation of the Airport Entry and Exit Working Group and release of its Identity and Biometric Entry and Exit Solutions Framework for Airports.
A biometric entry and exit monitoring system has been required under U.S. law for a long time now. Maybe the time is right to give it a real try.

Monday, November 17, 2014

Kenya removes 12,500 from public payroll following biometric enrollment

12,500 workers struck off payroll after vetting snub (Business Daily)
More than 12, 500 civil servants were Monday struck off the payroll after they failed to list afresh during the two-month registration exercise that was aimed at weeding out ghost workers.

Wednesday, November 12, 2014

Forecast: North American market

New Report Suggests North America as Growth Leader in Biometric Technology Market (M2SYS)
The report suggests that, “the global biometric technology, types, and applications market is expected to reach $13.89 billion by 2017 at an estimated CAGR of 18.7%,” and that, “North America is a market leader in the biometric technology market.”

What’s interesting about the prediction that North America is positioned as a market leader in biometric technology is that it is arguably the region with the most opposition and resistance to it.
Is that irony, or has the American public's opposition to biometrics been overstated?
How the threat landscape challenges authentication - old and new (SC Magazine)  — The growing cyber-threat landscape poses some awkward questions for present and future authentication methods.

India using biometrics to streamline government interactions with citizens

Technology Can Surely Help Reduce Hardships (The New Indian Express)
Prime minister Narendra Modi on Monday launched the “Jeevan Pramaan” project, a digital version of the “life certificate” scheme that could eventually benefit 10 million claimants. The biometric-based software means pensioners will now no longer have to visit banks every year to give proof of their being alive to continue receiving benefits. Around 50 lakh people draw pension from the central government, and an equal number from state and UT governments. Several PSUs also provide pensions, and over 25 lakh retirees draw pensions from the armed forces. The software will be made available to pensioners and other stakeholders on a large scale at no extra cost. It can be operated on a personal computer or smartphone, along with an “inexpensive” biometric reading device.
For thousands of years, more security meant less convenience. Biometric technologies have the power to change that.

Forecast: Germany law enforcement biometrics CAGR 17.6% through 2018

Law Enforcement Biometrics Market in Germany 2014-2018 (Companies and Markets)
A major driver of the market is the high demand for security. The Government sector, especially the law enforcement bodies, is in need of more secure and protected security measures. The increase in investments by the government in biometric solutions is a major boost for the Biometrics market in Germany.

Further, one of the major challenges that hinder the growth of the market is the accuracy of biometric systems. The accuracy of the biometric system may not be high enough in certain applications such as negative identification or if the fingerprints are faded, which is a special physical characteristic.

Analysts forecast the Law Enforcement Biometrics market in Germany to grow at a CAGR of 17.6 percent over the period 2013-2018.

Turks ready themselves for new ID regime

Turks embrace biometric data for new ID card system (TMC - Cloud Computing)
Next month's roll-out of a compulsory biometric system will end the present different-colored card system – pink for women and blue for men – which Turks have been using for almost 40 years.

While many countries today do not require their citizens to carry ID cards, for Turkey this is just the latest evolution of a well-established identity system. The first Turkish IDs were issued in 1882 and contained essential details such as height, eye color – or whether men wore mustache or beard.

Next month's change takes place against a backdrop of much more modern concerns. As society becomes more conscious about identity theft and hacking, the new cards have created a debate about the security of storing personal data.

Financial account security and biometric modalities

The 5 Best Ways to Protect Your Financial Data From Crooks (The Street)
“It’s premature to declare fingerprints the winner,” said Gil Mermelstein, a managing director with technology-focused consulting firm West Monroe Partners.
The lowest-hanging fruit would seem to be protecting customer information databases with biometric access control systems. Passwords, however complex aren't enough protection against the huge data losses making the news lately.

This article discusses account-level (rather than database level) security and which type of biometric might work best.

London: Biometrics improve the airport experience

Gatwick CIO Eliminates Lines at the Airport (Wall Street Journal)
For two years, nearly 95% of passengers have passed through security at Gatwick in less than five minutes each, said Mr. Ibbitson, speaking Tuesday at a conference. Using technology such as biometrics and touch screens with efficient interfaces, Gatwick has automated processes such as security checks and immigration, improving their performance. This year alone Gatwick has added 2 million additional passengers. “Predominantly, this is down to better airfield management and part of that is down to implementing software as a service tools,” he said.

Tuesday, November 11, 2014

Mobile fingerprint technology will be commonplace

Biometrics: the future of payments (New Zealand Herald)
"The adoption of biometrics is on an exponential curve and is largely as a result of the financial services and payments industry," said Dunstone.

The core uses of biometric data to date have been largely confined to government agencies such as passports and visa application processing as well as in policing but the technology is now starting to be adopted in consumer level devices.

A survey of mobile biometrics adoption

Mobile users safer with biometric security: Report (Planet Biometrics)
A new mobile security report published by Javelin Strategy & Research and Nok Nok Labs has found that mobile users are putting themselves at risk of fraud with flawed password strategies, and that users often prefer fingerprint authentication.

Large company CTO's should read the DHS biometrics RFI

The Office of Biometric Identity Management (OBIM) of the Department of Homeland Security (DHS) stores and analyzes biometric data, digital fingerprints and photographs, and links that data with biographic information to identify/enroll identities and subsequently match or verify the established identities. OBIM is proactively addressing its next-generation architecture and capabilities for replacing the current biometric system. The vision for this activity represents a major investment to ensure that OBIM can continue to accommodate the expected growth of populations and new applications of multimodal biometric identity screening based on OBIM mission and our customers' identity service needs.
Below are some of the things the government is interested in learning more about [warning: link downloads a .pdf file]. Reading through the items below, scalability, interoperability, accuracy and integration with other systems seem to be real priorities for DHS.

It's also worth noting that while these issues have become pressing for this early adopter of large-scale biometric technologies, all large-scale biometrics deployments will have to meet some or all of these challenges eventually. Strategic planners in some of the larger organizations contemplating biometric solutions would be wise to consider the following as early in their development process as possible and to plan for the future.

A. Identity Deconfliction:
OBIM desires a system that has the ability to determine a person’s unique identity based on a combination of biometric and biographic traits and contextual data. Respondents should also detail the best approach to determine a level of confidence based on the combination of traits used in the identification, and should provide methods for continuous identity management, including enrollment of identities, splitting/merging of identities, and updating identity confidence levels based on new information.

B. Advanced Biometric Matching:
OBIM is requesting information on a system through the application of state- of-the-art techniques that can improve the accuracy and efficiency of its biometric services. Specifically, OBIM is interested in learning about:
1. Approaches and architectures for leveraging multiple biometric modalities in very large-scale systems to improve accuracy and identity assurance and to decrease failure-to-enroll rates. The provided information must address multimodal fusion techniques and include the known benefits and architectural limitations of such approaches.
2. Methods to reduce the computational requirements of biometric matching without decreasing accuracy. Examples of such techniques could include ways to decrease the need for full gallery searches (1:N), decrease the penetration rate of 1:N searches, and leverage multiple modalities to reduce computational intensity.
3. Approaches and architectures for decreasing operations and maintenance (O&M) costs for large-scale systems, including system virtualization, footprint, energy usage, and licensing costs.

C. Advanced Biographic Searching:
OBIM is requesting information on a system through the application of state- of-the-art techniques that can improve the accuracy and efficiency of its biographic pre-verify services. OBIM is interested in various approaches for using biographic information to assist in the deconfliction and disambiguation of identity information. The biographic information would typically contain various elements and combinations of biographic information, including name, birth date and location, gender, and citizenship. In particular, OBIM is interested in performance in terms of accuracy, speed, and other performance profiles and products in production or currently in technical readiness testing and evaluation to facilitate more 1:1 transactions.

D. High-Performance Transaction Processing:
OBIM requests information on the status, trends, and direction of large-scale biometric and biographic transaction processing systems and related technologies, including processing speeds and high-volume, high-reliability, and high- availability systems and architectures. Information should also be provided on demonstrated scalability and managing a high volume of transactions with varying response requirements.

E. Business Intelligence Capabilities:
Respondents should provide information on business intelligence architectures, techniques, and software where these capabilities provide better historical, current, and predictive analysis of available biometric and biographic information, including the analysis of both operational and content data.

F. Storage:
Respondents should provide information on current capabilities, trends and alternatives to store, index, and correlate structured and unstructured data in all formats regardless of type or size. In addition respondents should present their ability for organizing and retrieving large quantities of data and/or images (>109). This should also include hardware specifications. The Government is interested in industry’s experience and offerings for tiered and/or distributed storage and in minimizing processing and storage overhead, while maximizing input/output performance, the retrieval of data, application independence, portability, and data integrity.

G. Information Linking:
OBIM seeks information on the best methods and techniques to link data items to unique identities, and to maintain the linkage on an ongoing basis, including capturing additional links, removing links, and providing linkage information to stakeholders as permitted according to a predefined set of business rules. Linked information could be made available in a variety of ways, including publish/subscribe methods. It is assumed that the actual data would still reside in separate systems/databases within and outside DHS.

H. International Biometrics:
Respondents should provide information on developing an architecture capable of supporting and managing a federated international biometric and identity- verification schema with multiple stakeholders worldwide that ensures responsiveness while tailoring privacy, security, and person-centric data to individual stakeholder needs. An analogous business and technical construct might be the topology for international automated teller machines, banking, clearinghouses, and credit/debit cards.

Monday, November 10, 2014

Ghostbusting in Kenya

KENYA: Civil Servants who did not register during the biometric data registration exercise will be removed from the national payroll. (KBC)
The biometric data registration exercise targeted an estimated 300,000 civil servants.

The move was occasioned by regular complaints of a blotted public service full of ghost workers and the soaring wage bill.

EPIC success

Privacy group wins $20,000 in lawsuit against FBI biometric ID program (Red Alert Politics)
Privacy advocates won a lawsuit demanding information on the FBI’s biometric identification program, “Next Generation Identification” (NGI). A federal judge has now awarded the privacy group $20,000 in legal fees and ruled that the public has an interest in obtaining information on the program, the National Journal reported.
The Electronic Privacy Information Center (EPIC) is the group that won the suit.

NEC applying recognition systems to detect counterfeit goods

NEC system enables smart phones, tablets to spot counterfeit goods (IT World)
The system employs what NEC calls “object fingerprint authentication technology” to identify unique patterns in the grain of materials such as plastic or metal. These patterns that are developed during the production of the goods are invisible to the human eye and can be used as indicators to trace the origin of the product and identify if they originated from a company’s factory or are illegal copies. The technology can also be used to improve maintenance and repair work processes in the industrial space.

India: Biometrics for pensioner proof of life

PM Modi launches digital life certificate 'Jeevan Pramaan' for pensioners (Yahoo)
The proposed digital certification will do away with the requirement of a pensioner having to submit a physical 'life certificate' in November each year, in order to ensure continuity of pension being credited into his account. The Department of Electronics and IT has developed a software application which will enable the recording of the pensioner's Aadhar number and biometric details from his mobile device or computer, by plugging in a biometric reading device.

The earlier requirement entailed that a pensioner either personally presents himself before the Pension Disbursing Agency, or submits a Life Certificate issued by authorities specified by the Central Pension Accounting Office (CPAO).
This application sounds like a real benefit to everyone. The pension can be more assured that it isn't making payments to the deceased and pensioners and/or their care-givers save a trip to the "prove you're alive" office.

Thursday, November 6, 2014

Voice biometrics and "the right to remain silent"

Passcode vs. Touch ID: A Legal Analysis (9TO5MAC)
With the suspect in handcuffs, the agent swipes the student’s finger across the phone to access his call history and messages. Once the FBI swipes the suspect’s finger and bypasses the biometric security, the phone asks for the student’s passcode. The FBI agent asks for his password but the student refuses to speak. How can the FBI agent access the phone? Whereas a fictional Federal Agent like Jack Bauer would simply pull out his gun, jam it in the suspect’s mouth and scream, “WHERE IS THE BOMB?”, in our example, the FBI agent would hit the proverbial brick wall.
This is where a gray area might still exist for hardware protected with voice biometrics.

I'm no criminal or constitutional lawyer, but it seems plausible that while a criminal suspect can be legally compelled to give over their fingerprint, the "right to remain silent" remains.

Commonwealth v. Baust probably isn't the last word on all biometric modalities that could prove useful in criminal investigations.

Wednesday, November 5, 2014

Hollywood Tech

Comment: Biometrics and the chances of owning a hoverboard (Planet Biometrics)
If all goes well, movie directors and script writers may in part be responsible for fulfilling my dream of one day owning a hoverboard. I'd hate it if they were also responsible for me not being able to use biometrics as a great technological step forward.

Layering of eye technology for better performance

Computer scientist sees new possibilities for ocular biometrics (Phys.org)
[Oleg Komogortsev and a team at Texas State University] are developing a three-layered, multi-biometric approach that tracks the movement of the eye globe and its muscles, and monitors how and where a person's brain focuses visual attention, in addition to scanning patterns in the iris. The iris is the colored part of the eye.

SecurLinx makes appearance in list of top biometrics blogs

The Top 5 Biometric Identification Management Industry Blogs (M2SYS)
1. Biometric Update
2. Planet Biometrics
3. Find Biometrics
4. SecureID News
5. M2SYS Blog
6. SecurLinx
For details on what they liked about each of the fine resources in the 1-5 spots, you'll have to click over to the M2SYS blog post.

We'd also like to thank Mohammad Shahnewaz, Sr. Executive – SEO, SEM, PPC Business Development & Interactive Marketing Dept. at M2SYS Technology, for including us in his rankings.

A good sign for biometrics

Skills in demand: Biometric security, account executive (SC Magazine)
Salaries for talented account executives in this space typically range from $120k-140k base and on-target estimates for total compensation tend to fall somewhere in the $200k-300k range depending on the amount of business closed each year.

Monday, November 3, 2014

Virginia court rules fingerprint security not protected by 5th Amendment

Police can demand fingerprints but not passcodes to unlock phones, rules judge (Naked Security)
Cops can force you to unlock your phone with your fingerprint, but not with your passcode, according to a judge in the US state of Virginia.
We touched on this in early 2012 in United States: ID Technology & the Bill of Rights which drew inspiration from a bank fraud case in Colorado.

I still think that voice-based technologies may still exist in the legal gray area this case attempts to clear up.

As for fingerprints, those may be taken from persons at the time of their arrest, so it's hard to argue that they are somehow out of bounds for investigative purposes. One may be forgiven, however for wondering what's the big deal. After all, I've been reading for years that finding a latent fingerprint and using it to hack biometric security systems is child's play. So, either the police would rather go to court than use such a simple workaround, or the rubber finger trick is much harder to pull off than some suggest.

Tuesday, October 28, 2014

Biometrics against criminal aliases

Suspect in deputy deaths arrested in Utah in 2003 (Boston Herald)
Police in West Valley City, Utah, said they took a fingerprint from a man using the name Marcelo Marquez during a misdemeanor hit-and-run arrest in 2003. Court records show that he pleaded guilty, received a year of probation and was fined about $500.

However, Utah authorities never connected him to his real name or his previous criminal record.

In Utah, fingerprint data is entered into a biometric database for all people booked into jail. But for those who are cited and released, police take a print from a single finger that's kept in state criminal records.

Unless there's a request from an investigator, the print is not run against the biometric database to determine whether the person has a prior record outside Utah or is using an alias, said Alice Moffat, director of the Bureau of Criminal Identification.
Biometrics are a great way to root out criminal aliases, but only if procedures are in place to run the biometric search.

NYPD getting mobile fingerprint tech

NYPD Equips Officers With Biometric Smartphones (Government Technology)
New York Police Department officers and vehicles are to be outfitted with new technology as part of a $160 million program that will lead to fewer arrests and more summonses after being fully implemented next year, Mayor Bill de Blasio told reporters on Oct. 23.

All 35,000 NYPD officers will be equipped with smartphones that allow officers to search databases, view wanted posters and scan suspects’ fingerprints.

Friday, October 24, 2014

Interpol meeting to discuss facial recogntion

INTERPOL to begin the process of developing international facial recognition standards (Eurasia Review)
The two-day meeting (14 and 15 October) gathered 24 technical and biometrics experts and examiners from 16 countries who produced a ‘best practice guide’ for the quality, format and transmission of images to be used in facial recognition. It will be circulated to all 190 INTERPOL member countries to serve as a guideline for improving the quality of images necessary for accurate and effective facial recognition.

Thursday, October 23, 2014

India: Critics coming around on UID?

Home Ministry praises the Aadhaar project (Economic Times)
Once a strong critic of the Aadhaar project, the Union home ministry has now effusively praised the project in a letter to all states, saying Aadhaar's biometric identification process eliminates "the threat of any fraud or bogus activity."

LA County: Stop and Scan

The Pasadena Weekly has just published an article purporting to describe LA County's plans to populate the FBI's next generation ID system with data gathered in the field.
On Sept. 15, the FBI announced that the Next Generation Identification System was fully operational. Now that the central infrastructure is in place, the next phase is for local jurisdictions across the country to update their own information-gathering systems to the FBI’s standards.

When the system is up and running in L.A., any law enforcement official working in the county, including the Los Angeles Police Department, would collect biometric information on people who are booked into county jails or by using mobile devices in the field.

This would occur even when people are stopped for lesser offenses or pulled over for minor traffic violations, according to documents obtained by The Center for Investigative Reporting through a public records request.

Officials with the Sheriff’s Department, which operates the countywide system, said the biometric information would be retained indefinitely — regardless of whether the person in question is convicted of the crime for which he or she was arrested.
If this report is corroborated, I suspect we'll be hearing a lot more about this.

Tuesday, October 21, 2014

Spain-Gibraltar border getting biometrified

Spain’s Ministry of Security to implement biometric border control management system (Biometric Update) — "The budget to implement all changes for the smart border between La Linea de la Concepcion and Gibraltar will amount to 7.3 million euros."

Turkey looks to biometrics to enable structural change

Upcoming reforms in Turkey to ban any actions against statehood (Trend)

UPDATE:
Via twitter, @canmutlu writes that the article linked above refers to biometric national ID cards rather than (as the article states, twice) passports.

This rings true from a practical standpoint, and based upon this short article from Planet Biometrics: Turkey’s PM unveils biometric ID card plan.

We very much appreciate his pointing this out.

UPDATE II:
It looks like someone at Trend got the message, as well.

New biometric identity cards to be issued in Turkey (Trend)

Monday, October 20, 2014

Protecting customer data

After Massive Data Breaches, Businesses Move to Make ID More Personal (ABC News)
The cost of a data breach is terrifyingly high. Home Depot estimates that the massive data breach that affected 56 million customers this summer will cost the company several hundred million dollars—and that’s the figure they are using to assuage fears on the Street. The reality is probably much higher. Target’s breach may top out at the $1 billion mark. While the jury hasn’t even been empanelled as to what the JPMorgan breach will cost, it will leave a mark that will no doubt make news down the line.

With so much to lose, the implementation of biometrics-based consumer authentication may be the cheaper option for companies that handle the kinds of information hackers find so irresistible.
We've been saying it for years. All databases containing sensitive customer information should be biometrically protected. It's just good business.

Australia: "Foreign fighters" bill invites debate

Opposition grows to storage of photo and biometric data (Sydney Morning Herald)
The legislation specifically clears the way for all Australians as well as foreigners to be photographed when they leave Australia and when they return if they go through automated passport gates – which are set to become far more commonly used.

The department estimates that between 40 and 60 per cent of the 35 million travellers leaving and entering Australia each year would be photographed, many millions of them Australians.

The department can also share the biometric information for "specified purposes" according to the bill's explanatory memoranda, though it does not explain what these purposes are.
"Critics say the danger of such information being hacked is profound, given many personal electronic devices are now secured by fingerprints and iris scans."

A couple of points that we've made before come to mind here.

First, if the government of Australia is incapable of keeping citizen information secure from hackers, is the biometric information of international travellers really a top-order concern? Surely, the government already secures information that is much more valuable to hackers than that.

Second, passports are interesting in that they aren't just ID's. They're also an interoperability technology, a way two governments facilitate their agreement related to the treatment of civilian citizens traveling abroad. They only work unless there's a government on both sides of the equation and any government on its site of the border can collect just about whatever information it desires as a condition of allowing a non-citizen entry into its territory.

Even if Australians reject the "foreign fighters" bill, they will still be subject to the information requested of them by the countries they visit, and that information can be shared back with Australia on a government-to-government basis.

With globalization and the lowering of cultural boundaries among the international travel set, it can seem like international travel is no big deal. Brussels is, in many ways, a lot like Washington, DC. But international travel is not without security risks to the visited country and international travelers should always be aware that their legal status outside their home country is very different than it is at home.

Abu Dhabi bank to introduce voice recognition technology

UAE: End of the Pin number? ADCB to launch voice recognition service (The National)
The biometric technology used by ADCB works by comparing the caller’s voice to a pre-recorded sample given by the client, ADCB said.

That will allow customers to get on the phone with a bank representative quicker while reducing the chances of fraud.

“In this competitive environment we need to make sure that customer convenience and ease of access are effectively balanced with information and transaction security,” said Ravi Nair, the head of customer experience at ADCB. “The voice biometrics technology will play a vital role in ensuring increased security and convenience at the same time, while making client calls shorter and reducing our overall cost to serve.”

Friday, October 17, 2014

Here we go

MasterCard teams up with Zwipe to launch first payment card with fingerprint sensor (CIO)  — The built-in biometric sensor is used to authorise payments in less than a second instead of the traditional chip and pin method.


Alipay, the Alibaba Group unit that is China’s largest electronic payments service, is now rolling out biometric authentication (Pymnts.com)

Wednesday, October 15, 2014

No need to mischaracterize voice biometrics in call centers

Amidst all the attention banks are receiving over the use of voice biometrics to prevent fraud, It's worth noting a couple of things.

First, according to the widely linked AP article, "The technology, sometimes called voiceprinting, is aimed at bad guys rather than legitimate customers, but legal and privacy experts alike still have reservations about the practice." So, the systems in place seem to work by collecting information on known and suspected fraudsters and placing them on a watchlist (listenlist?). This makes sense. Technically, it's far easier to be on the lookout for a handful of persons of interest than it is to make a positive ID on every single caller.

Second, there are a lot of way over-hyped headlines out there that make it appear as though financial institutions are collecting voice biometric information on unwitting customers on a vast scale.

Take:
Some Banks Collect Voiceprints During Service Calls to Identify You (Salon) 

Technically, this Slate headline isn't even true since according to the source it cites, the voiceprints are being used to identify fraudsters, not to verify the identities of account holders.

Then there's this.

Banks Harvest Callers' Voiceprints to Fight Fraud, which is the unfortunate headline of the very AP article that acknowledges that the systems function as criminal watchlists rather than a "harvest" of biometric information.


Monday, October 13, 2014

New iPad Air Leak Shows Touch ID Sensor (Web Pro News)


Indians give nod to surveillance of govt officials (Today Online) — The new transparency scheme for government employee time-and-attendance seems popular.

Banks Use Callers' Voiceprints to Fight Fraud

Computers with voice recognition are being used--sometimes discreetly--to add extra security during calls with customers. (Inc.)
"We lost everything," she said. "Can you send me a card to where we're staying now?"

The card nearly was sent. But as the woman poured out her story, a computer compared the biometric features of her voice against a database of suspected fraudsters. Not only was the caller not the person she claimed to be, "she" wasn't even a woman. The program identified the caller as a male impostor trying to steal the woman's identity.
The mechanics of how the banks are using voice analysis are pretty interesting. By focusing on known or suspected fraudsters, it reminds me a little bit of the Nevada Gaming Commission's Excluded Person List.

Friday, October 10, 2014

Why biometrics will be the key to mobile payments adoption (Bank Systems & Technology)
Until making a mobile payment becomes faster than using a credit card, mobile payments will be stuck in low gear. And the key to making mobile payments fast is to use biometrics to solve the authentication problem and eliminate the need for consumers to enter a password.

Maybe one day



The White House Cybersecurity Czar Wants to Kill Your Password (Roll Call)
Michael Daniel, the White House cyber czar, says he isn’t just worried about bad passwords as a security liability. He doesn’t even want the password around anymore at all as a big part of computer security.

“Frankly, I would really love to kill the password dead as a primary security method, because it’s terrible,” Daniel said Thursday.
I reckon the password will live a good while longer, yet. Simply put, it does so much work for so little effort. It's return on investment is through the roof. Also, we're at a point where things that aren't people need to identify themselves to computer systems and they don't have biometrics.

Biometrics can be used to eliminate passwords in many applications. For higher security identifications, biometrics can be used to stem the tide of increasingly complex passwords and move back toward the simplicity of the PIN.


See also: More on the Awesomeness of Passwords

Airline biometrics for security & convenience

Forget E-Tickets, Alaska Air Mulling E-Thumb for Boarding (Bloomberg)
Alaska Airlines (ALK) is exploring using passengers’ fingerprints to replace travel documents, driver’s licenses and credit cards now needed to navigate from airport curbs to jetliner seats. If successful, it would be the first U.S. carrier to employ biometrics for boarding passes and inflight purchases and could spur wider adoption across the industry.
Biometrics can add security and convenience at the same time. It looks like people are starting to recognize it.

Hungary: Some fans bristle at stadium palm vein scanners

Soccer-Ferencvaros fans upset by biometric 'intrusion' (Yahoo!)
Szebasztian Huber, editor of the Fradi fan website ulloi129.hu said many fans also fear that technological developments would help clubs pass Hungarian Football Association fines -- which they regard as too strict -- on to them.

Stricter stadium rules also puzzle fans because the number of violent incidents in and around Hungarian stadiums is much lower than 10 or 20 years ago, he added.

"The culture of soccer fans is different everywhere, in some countries (vein scanners) would be tolerated, while elsewhere fans could be upset," Huber said. "Launching the system highlighting its comfort functions could increase tolerance."

Thursday, October 9, 2014

Smartgates and the tightening of UK & Australia borders

AUSTRALIA: 'Foreign fighter' laws leave door open on biometric data collection (Computerworld)
The government's second tranche of national security legislation, the Counter-Terrorism Legislation Amendment (Foreign Fighters) Bill 2014, includes measures that potentially allow a significant increase in the types of biometric data collected at Australian airports.

Provisions in the bill also extend to Australian travellers data collection practices that have previously been confined to non-citizens.


UK: New biometric border controls at Stansted Airport at heart of terrorism fight (Herts and Essex Observer)
"We are using resources and intelligence to ensure the border is as strong as we can make it."

He said the Government was also committed to tackling the problem of those travelling from the UK to the Middle East to join the IS jihadists and a new counter-terrorism Bill was set to include measure to temporarily remove the passports of those suspected of being radicalised and ready to fight abroad.

More on India's public employees time-and-attendance portal

Big Brother Modi is watching bureaucrats (Reuters)
"This is Big Brother stuff but very effective. It's not just the central government. The state governments are trying to emulate this."

The Prime Minister's Office will also take part in the scheme, said Dash, although it was not clear whether Modi would be enrolled.

Project mastermind Sharma, who holds the rank of secretary at the government's Department of Electronics and Information Technology, could not immediately be reached for comment. The Biometric Attendance System showed he had signed in at work at 13:55:16 p.m. on Thursday.

Screen grab: attendance.gov.in



Meet the man who built the awesome online attendance system for India’s government officials (Quartz India)
Now, 59-year old Sharma is building an attendance system for India’s central government employees that is inexpensive, publicly available on the internet—and potentially, a simple tool that could revolutionise governance in the country.
...
The entire system is searchable, down to the names of individual central government employees, and all the data is available for download. And with that single step—making the entire platform publicly accessible—the government has introduced a level of accountability and transparency that India’s sprawling bureaucracy is unaccustomed to.

Wednesday, October 8, 2014

ESPN does "Biometrics"

ESPN does "Biometrics" and the results leave the ten or twenty, or so, of us who believe that a heart monitor isn't a biometric device a little disappointed.

Indeed, it appears we are losing the great Biometrics vs. Biostatistics debate. Back in 2011, we made the case for distinguishing between biometrics and biostatistics as follows.

Biometric = body measure.

Biostatistic = body status, state, or condition.


Biometrics for identity management concern facts about the physical human body that don't change (or don't change much) over time.

Biostatistics, on the other hand, are useful precisely because they change, sometimes radically over short or long time-frames.

ESPN provides the latest evidence that our plea has fallen upon deaf ears in New biometric tests invade the NBA.
But what might come as a surprise is how significant that explosion has been, and how far its blast radius might soon reach. The literary specter haunting sports' burgeoning Information Age is no longer Michael Lewis and Moneyball but George Orwell and 1984.

The boom officially began during work hours. Before last season, all 30 arenas installed sets of six military-grade cameras, built by a firm called SportVU, to record the x- and y-coordinates of every person on the court at a rate of 25 times a second -- a technology originally developed for missile defense in Israel. This past spring, SportVU partnered with Catapult, an Australian company that produces wearable GPS trackers that can gauge fatigue levels during physical activity. Catapult counts a baker's dozen of NBA clients, including the exhaustion-conscious Spurs, and claims Mavericks owner Mark Cuban as both a customer and investor. To front offices, the upside of such devices is rather obvious: Players, like Formula One cars, are luxury machines that perform best if vigilantly monitored, regulated and rested.

But to follow this logic to its conclusion is to understand why the scope of this monitoring is expanding, and faster than the public knows. Teams have always intuited that on-court productivity could be undermined by off-court choices -- how a player exhausts himself after hours, for instance, or what he eats and drinks. Now the race is on to comprehensively surveil and quantify that behavior.
It's possible that some employers have delusions tending rather to Big Brother. The article linked here, however, has nothing to do with biometrics as we discuss them here: as identity management tools.


Also...
The headline writer's passive voice has "biometric tests"ex nihilo "invading" the NBA. Tests and monitoring, biometric or otherwise, can't assert themselves. Technology, biometric or otherwise, is about people.


Tuesday, October 7, 2014

Philippines: Biometric voter registration in shopping malls

Voters’ satellite booths open in malls (Inquirer.net)
The Commission on Elections (Comelec) has opened satellite voters’ registration booths in selected Robinsons malls in Metro Manila to encourage more people to register and have their biometrics taken for the 2016 national elections.

UAE to open biometric visa enrollment center in Sri Lanka

UAE opens its first visa issuing centre outside the country in... (Emirates 247)
The new visa centre serves 500 customers every day and uses passport authentication and biometrics such as fingerprints, eyeprints and faceprints, and medical tests conducted at 15 Sri Lankan centres accredited by U.A.E. Ministry of Health, in order to identity, and prevent entry of individuals with contagious disease.

The procedures will save costs of recruitment, quarantine and deportation and improve customer service as they are aimed at providing excellent consular services fulfilling internationally recognised standards.

India: Biometric time-and-attendance with a web portal

Indian government launches website to track attendance of government employees (Economic Times)
Using UIDAI, Prime Minister Narendra Modi-led NDA government has launched a Biometric Attendance System (BAS) for government employees. Attendance.gov.in has been launched to keep a track on the attendance records of employees.

Under the system, an organisation needs to register on the website. According to the website, "A back-end administrator will check the details of the organisation submitted and make the organisation active by assigning it a unique sub-domain which will be the first name of the website."
This is similar to a system we designed for a customer serving an education ministry in West Africa, only much bigger.

Also, from Business Insider:
In a bid to ensure improved work culture in central government offices, the NDA government has taken a revolutionary step. It has introduced Aadhaar-based biometric attendance systems to monitor and track the work of Central Government employees. The attendance system is now up and running; and you know the best part is that it is accessible even to general public on attendance.gov.in.

Monday, October 6, 2014

No, they won't.

Lip Movements may be Your New Password! (Indian Republic)
A new study has now found that each person moves their lips slightly differently when they talk, and this new information opens up the possibility of computers that can be unlocked with a word through lip-reading.
This one is going on "the list."

IDC Comment: Biometric Identification in Financial Applications

International Data Corporation (IDC) Analyst: Banks should precede with caution (IDC)
"While improving authorization experience is attractive and will help adoption of mobile banking services, financial institutions should not just blindly commit to mass market biometric identification solutions, especially those provided by third parties via publicly-available APIs", says Andrei Charniauski, Research Manager at IDC Financial Insights.

Security screening market forecast

The global security screening market is expected to reach $9.10 Billion by 2020; at an expected compound annual growth rate (CAGR) of 9.46% from 2014 to 2020 (Markets and Markets)

Wednesday, October 1, 2014

Exorcising the biometric bogeyman

Shedding light on Florida’s biometric ban (Secure ID News)
For Florida State Rep. Jake Raburn (R – Valrico) one of the bill’s sponsors, it’s a privacy issue. “No one, including the federal government, should be allowed access to our students’ personally identifiable information,” Raburn said. “This legislation will protect this sensitive information and prevent its misuse.”

The Pinellas County school district, near Tampa, uses palm scanners to move kids through lunch lines. Barbara Dalesandro, a food service technology coordinator for the district, tried to convince lawmakers to reject the legislation.

“When we had cards and PIN numbers, there was constant fraud. Other students always drained the accounts. There was a significant loss of revenue in that regard,” Dalesandro said. “We’ve been using palm scanning for four years with no problems from our parents.” - See more at: http://secureidnews.com/news-item/shedding-light-on-floridas-biometric-ban/#sthash.EBTXaPnZ.dpuf

Tuesday, September 30, 2014

Samsung, fingerprint & mobile payments

Samsung Integrates Fingerprint Technology on Smartwatches (Payment Week)
Samsung Electronics has teamed up with e-commerce company PayPal and human interface solutions provider Synaptics to integrate mobile payment fingerprint-identification technology on its smartwatches.

Iris and Somaliland elections

Computer science professor aids Somaliland’s election (Notre Dame & St. Mary's Observer)
“Someone in Somaliland sent me an e-mail asking me to help with improving their voting register,” Bowyer said. “They said they wanted to use iris-recognition technology and asked us for help.”

Private companies to help populate TSA traveler biometric database

US airports to introduce new online biometric screening technologies (Companies and Markets)
The United States Transportation Security Administration has announced its plans to allow private companies to enrol passengers for expedited screening at airports.

The initiative, known as PreCheck, will allow US citizens to go through an online pre-enrollment process by providing biometric information.
This reminds me of India's UID system where private companies populate government databases. India had some trouble with this arrangement partly due to the way revenues flowed. In India the government payed companies to enroll people (many without ID's) in UID. Some unscrupulous agents there were signing up vegetables and getting paid for it.

Presumably, because the TSA system will involve people who already have a verified identity and the customer will be footing the bill, the opportunity for that type of graft won't be there.

Thursday, September 25, 2014

A case for voice for mobile ID

Many reasons to use biometrics to secure mobile payments (Payments Source)
Much is being researched and written on the subjects of mobile payment security and the use of biometrics as a replacement to traditional user names and passwords. As more mobile devices that contain our identification and personal information hit the market, the securing of these devices to recognize and authenticate their rightful owners will likely determine who succeeds and those who fail.
Author Mike Goldgof is the Vice President of Marketing at AGNITiO.