Tuesday, November 30, 2010

Ontario Lottery and Gaming Corporation To Use Facial Scans to Aid Problem Gamblers

OnlineCasinosPro.com
Across Ontario, racetracks and casinos will soon be implementing new facial recognition technology to help problem gamblers stay out of gambling venues. By the end of 2011, all 27 of Ontario’s casinos will be fitted with this new technology.
More biometrics ROI.

Many jurisdictions where gambling has been legalized have required casinos to maintain a list of problem gamblers. People may opt to place themselves on that list. Casinos are required to refuse service to those on the list.

Unfortunately, there is a high potential for abuse within this system. Needless to say, taking a casino's money is never termed a gambling problem by the winner. A registered problem gambler may enter a casino to play the odds. If she wins, she leaves with her winnings. If she loses, the casino shouldn't have served her.

While imperfect, facial recognition technology can detect people enrolled in the problem gambler registry and prevent some of the losses due to the abuse of the problem gambler rolls.

[Ohio] Middle school to get finger scanners

Modern technology utilized at the high school will soon be installed at the middle school as well (TallmadgeExpress.com)
"So far, parents and students have embraced it," Wood said. "It's gone very, very well."
...
DeCapua said the scanners are helpful to faculty and students because the lunch lines move much quicker without tangible dollars and cents exchanging hands, which also promotes sanitation.
It's about people and ROI.

I've read in other places that cafeteria staff and other school officials can spend up to three hours per day addressing the needs of students who have forgotten their paper lunch coupons.

Friday, November 26, 2010

College lecturers say no to thumb rule

They complain that biometrics system of attendance does not allow flexible timings (BangaloreMirror.com)
When BU officials insisted, a senior lecturer said, “Why is BU insisting on thumb impressions? Don’t you people have any faith in us? We are not slaves and, hence, we are not ready for this.”
This has far more to do with organizational policy than biometrics per se, but it's a slow news day in the biometrics world.

Thursday, November 25, 2010

Ports, Security and Biometrics

U.S. maritime port security being neglected (PressOfAtlanticCity.com)
Aaron Ellis, spokesman for the American Association of Port Authorities, said TWIC cards are “far superior” to what was used in the past and are issued after significant background checks and are “very difficult” to duplicate and forge.

However, TWIC cards are little more than “flash cards” without the electronic readers, he said. Some port authorities are taking the financial risk of developing their own electronic card-reading system to improve security, he said.
With all the attention being paid to airline security, it's easy to overlook seaport infrastructure.

This article broaches two issues that are of particular interest to suppliers and consumers of biometric identity management systems: regulatory risk and interoperability.

Ports are fortunate that they haven't had a one-size-fits-all solution forced upon them, because the political process has a poor track record at devising systems that appropriately balance security and commercial interests (see the TSA's airport security regulations). The TWIC (Transportation Worker Identification Credential) system regulates the ID card to be used at ports and the process for obtaining one but it does not mandate how the individual ports use it. This offers ports the opportunity to adopt the security protocols that best match their individual circumstances.

This, however, puts the onus on ports to adopt the security protocols that best match their individual circumstances which presents challenges of its own.

As with many organizations, Ports can recognize a significant ROI (Return on Investment) by integrating biometric identity management techniques into their business processes, but calculating ROI involves weighing the cost and benefits of a decision over time.

If a port does everything perfectly, implementing a biometric identity management system that accomplishes the task of getting people into the facilities with dramatically reduced time and labor costs, risks remain that will alter the ROI calculation. Regulations might be enacted that impose other costs (regulatory risk), or other ports may adopt a different system that is incompatible with the system they use (interoperability risk).

Regulatory risk and interoperability risk are real, but technologies do exist that can help firms ameliorate these risks. SecurLinx has developed technology (middleware) that address both of these risks. Our middleware enables scalable and modular biometric deployments that facilitate integration with all major biometric service providers.

With SecurLinx technology, a firm that invests in a biometric identity management system and then opts to integrate that system with another system can do so cheaply and effectively. Moreover an organization that finds success with one type of biometric system (ex. fingerprint time-and-attendance) can integrate another type of system (ex. face-recognition) without starting from scratch or being forced to run two parallel and incompatible IT systems.

Biometrics should deliver maximum ROI. We can help.

Wednesday, November 24, 2010

Report finds biometrics ‘fallible’, but SIA disagrees

In the security world, biometrics are accepted as a viable solution for authorization and identification (SecuritySystemsNews.com)
This is not new information, said Mark Visbal, director of research and technology for Security Industry Association. “There’s nothing that’s definite in security. There are always going to be problems and loopholes with any security system you use,” he said. That’s why it’s so critical for security professionals to maintain a layered approach to securing assets.
Related thoughts:
National Research Council: Biometrics 'Inherently Fallible'
Pushback on the National Research Council (NRC) Report

Tuesday, November 23, 2010

Thank You, DHS & TSA

Around here, we frequently ask the question: Compared to what?

Usually, we use this question to address the fact that many people expect biometric identification systems to be perfect when they don't hold anything else in the security realm to that standard.

Judging by the recent news surrounding the TSA's enhanced interrogation techniques, it makes sense to apply the same question to the degree to which biometrics invade privacy.

The Dept. of Homeland Security and the Transportation Safety Admin. have probably done more in the last two weeks to increase public acceptance of biometrics than anything we've seen before. A search of today's Bing News site using the terms "biometric airport" is extremely revealing.

Monday, November 22, 2010

More on Pilot ID's

FAA to require photos on pilot's licenses but not biometric identifiers (NextGov.com)
The Federal Aviation Administration has proposed that all pilot certificates include a photo of the licensee, but one lawmaker wants to know why the passport-size cards will not include biometric identification five years after Congress passed a law requiring such unique identifiers.
Rep. John Mica, (R-Fla) isn't the only one who will be curious as to why the FAA has so far refused to adopt biometric ID management techniques even though the Congress has mandated them and the pilots' unions are lobbying for them.

To be as fair as possible, the photo on an ID is a biometric even if a human rather than a computer is used to process it.

For additional information on the subject, please see this post.

Thursday, November 18, 2010

UPDATE: Pilot's Licenses don't have photos?

UPDATE: TSA, Pilots Weigh Biometric System for Airport Screening (NationalJournal.com)
Pilots who fly passenger and cargo planes want the U.S. government to implement a program under which their identities will be confirmed using biometrics so they can pass quickly through airport security checkpoints and avoid -- for the most part -- controversial screening procedures involving body scanners or pat-downs.
The recent controversy over airport screenings has had at least one positive effect. All of a sudden, pilots are embracing biometrics as an identity management technique that is far less intrusive into privacy and conducive to security than many alternatives.

--Original October 21, 2010 post follows--
Today, the only pilots pictured on FAA licenses are flight pioneers Wilbur and Orville Wright (MSNBC.com)
In an attempt to improve security, Congress told the Federal Aviation Administration in 2004 to come up with a pilot's license that included the pilot's photo and could contain biometric information like fingerprints or iris scans. Today, the only pilots pictured on FAA licenses are flight pioneers Wilbur and Orville Wright, and the licenses lack biometric data.

This is astounding, especially when read together with this, via Drudge: Pilot Refuses Full-Body Scan, Says TSA Doesn’t Make Travel Safer (NewYork.CBSLocal.com)

Then there's this from two days after 9/11: Police investigating theft of American Airlines uniforms, key card (CNN.com)

There's always a risk that changes in security measures will be resisted or skirted by those falling under the new rules. That's why it's always a good idea to consult with the people the new measures will affect when implementing or changing a security plan. These are the people that can make or break your efforts to achieve your security goals.

A common refrain around here is that security, biometrics and ID management are all about people.

The civilian air travel bureaucracy really has people problems everywhere they turn. Their customers/stakeholders don't like them and their employees don't like them, either. Skipping obvious, low tech solutions like photo ID's for pilots while instituting intrusive, annoying, expensive and time consuming solutions falling on everyone seems calculated to communicate the appearance of security over substantially increasing the safety and, hence, value proposition that government agencies offer their stakeholders and airlines offer their customers.

Wednesday, November 17, 2010

Montgomery recreation department moves ahead with finger vein scanners

Biometric technology to be piloted in three centers in January (Gazette.net)
The move is expected to save the county $50,000 annually in the materials cost of the plastic cards and printers, Riley said.
More positive return on investment (ROI) for our communities.

Tuesday, November 16, 2010

NYPD Commences Use Of Iris Scans Of Suspects

Department Spending $24,000 Per Unit; Will Have 21 Around City (Reuters.com via Drudge)
The NYPD says the images will be used to help avoid cases of mistaken identity. The process takes about five seconds. Every suspect will be scanned again using a handheld device shortly before they are arraigned to make sure the irises match.
The iris is establishing itself as the biometric of choice for identifying compliant subjects, especially in jails.

Monday, November 15, 2010

Privacy vs. Anonymity

Falling costs and error rates (TheRegister.co.uk)
The state of the art can be illustrated by some of the examples given by the US National Institute for Standards and Technology (NIST) in their presentation on testing biometrics.

* A “1 in 1.6m” (that is, looking for one photo in a database of 1.6m photos) search on a 16-core 192Gb blade (about £25,000 worth of machine) takes less than one second (and the speed of such a search continues to improve). So if you have a database of a million people, and you’re checking a picture against that database, you can do it in less than second.

* The false non-match rate (in other words, what proportion of searches return the wrong picture) best performance is accelerating: in 2002 it was 20 per cent, by 2006 it was 3 per cent and by 2010 it had fallen to 0.3 per cent. This is an order of magnitude fall every four years and there’s no reason to suspect that it will not continue.

* The results seem to degrade by the log of population size (so that a 10 times bigger database delivers only twice the miss rate). Rather fascinatingly, no one seems to know why, but I imagine it must be some inherent property of the algorithms used.
The linked article is an opinion piece by David GW Birch, a smart man and (unashamed) Ramones fan. The piece is very interesting and I encourage people to read the whole thing.

A common refrain around here is: Identity management is about people, and Mr. Burch seems to get this, too. Towards the end of the piece, however, he seems to conflate privacy with anonymity.

Privacy in public is something we all take for granted. It is not difficult to assert an assumption of privacy covering observable public acts. If those acts are, however, assembled together by someone else and communicated to a third party, privacy can be greatly undermined.* The difference between having a private detective following you and not having one follow you makes for a useful illustration. Violation of public privacy has simply been a matter of resources and efficiency for the entirety of human history. Granted, modern technology stands to make undermining public privacy cheaper.

Anonymity in public is something different, and has probably only existed since the advent of rapid transit and the modern megalopolis -- and it's not necessarily a good thing.

We're all used to hearing about a "right to privacy" however overused the phrase may be. But it's unusual to hear someone posit a blanket, public right to anonymity, though in certain circumstances one undoubtedly exists: Political speech against oppressive regimes or religious confession, for example.

Mr. Burch subtly transitions to "online" anonymity when he begins the discussion of anonymity, but it's unclear how biometrics in general or facial recognition in particular stand to undermine online anonymity. Google's doing yeoman's work in this regard already.

Utilitarian thoughts:
It is possible that we value public privacy because it improves interpersonal relations among strangers.

Is it reasonable to view public anonymity with more skepticism because the opposite may be the case?

*UPDATE: The preceding two sentences were edited for clarity.

Friday, November 12, 2010

Cyprus: Biometric passports here at last

The long-awaited biometric passports will be available in Cyprus by the end of the month (Cyprus-Mail.com)
Cyprus has until now, been kept out of the US visa waiver programme because the island’s passports were not biometric. It now remains to be seen how long it will take for the US to give the green light for visa-free travel to the States by Cypriots.

Thursday, November 11, 2010

OmniPerception defends accuracy of biometric technology

More push-back on the NRC report (PRFire.co.uk)
The point is to design in the probabilistic nature of the technology. Make sure you know how to cope when people cant enrol. Make sure you understand the impact on your system if someone fails to be correctly recognised and then you never know, the solution might be as simple as even putting a microphone or camera next to the reader.

It's about people and ROI, not infallibility.

Wednesday, November 10, 2010

Eye movements as biometric identifiers?

For Your Eyes Only (TechnologyReview.com)
The way you view the world is unique, so why not use it to identify you?

A company in Israel has developed a security system that does just this--exploiting a person's unique pattern of eye movements to identify them. Most biometric security systems measure physical features that are constant, such as fingerprints or iris patterns. An eye-tracking system has the potential to be harder to fool and easier use, its creators say.
My first thought was to compare this to using a handwritten signature as a biometric. The biometric consists of the unique way in which someone moves a part of their body.

This would seem to be analogous to handwriting analysis because the way the system induces a subject's eye movements (by visually tracking a moving icon) isn't the same in each verification, the way your signature is meant to be (approximately) the same each time you sign something.

Report Forecasts the Global Biometric Market To Grow At A CAGR of Around 22% between 2011 and 2013

PRInside.com Press Release
Purchase from Research and Markets
At the regional level, North America dominates the global biometric market and is expected to account for a market share of over 30% in 2010. The Asian, Middle East and Africa region are also expected to emerge as growing markets for biometrics by 2013. In fact, the Gulf and African countries have already taken several initiatives and started various biometric programs.

Tuesday, November 9, 2010

California University Campus Reports 300% Return On Investment After First Year Of Using Biometric Technology

300% Return On Investment After First Year (PR-Inside.com)
LAS VEGAS --(November 8, 2010) – Cal Poly Pomona Foundation, Inc. reported today that it has realized a 300% return on investment in biometric technology during the first year of deployment. It has implemented M2SYS Technology’s biometric fingerprint technology with its Kronos time and attendance software, enabling employees to use fingerprint readers to clock in and clock out at the beginning and end of shifts and lunch breaks.
A common theme around here has been making the case that biometric implementations are too frequently expected to provide perfect identification regimes, rather than improving upon real-world results while saving money. What makes adoption of biometric identity management techniques worthwhile isn't perfection, it is return on investment ROI.

Congratulations to all involved.

Other posts touching upon ROI

Monday, November 8, 2010

Queensland biometric driver licence rollout begins

The rollout follows successful trials by the Queensland Government (ComputerWorld.com.au)
A biometric driver licence system has been unveiled in Toowoomba as the Queensland Government begins replacing old licences to combat identity fraud.
...
Transport Minister, Rachel Nolan, said the move was significant, describing the new system as "the most secure driver licence system in the country".

New Zealand police won right to capture biometric information outside the police station environment

Police ponder portable computers (Stuff.co.nz)
Police won the right to capture biometric information, such as fingerprints, of people they intended to charge outside the police station environment in the Policing Act – passed by the former Labour government in 2008.

The devices, which spokeswoman Claire Harman said were "very much at the concept stage", would replace computers installed in a small number of police cars that will become redundant in 2012 when Telecom switches off its CDMA mobile network.

Ms Harman said police were looking at handheld, in-car portable and fixed in-car options. "Neither fingerprinting, nor photographing would be deployed as part of the initial rollout."
These days, hand-held computer technology often far outstrips the capabilities of police Mobile Data Terminals (MDT's, in-car computers), at a fraction of the cost.

As a practical and evidentiary matter, it would seem capturing biometric information such as mugshots and fingerprints in a controlled environment will be preferred by law enforcement agencies in the vast majority of instances.

Friday, November 5, 2010

Govt tells officials to stay off porn sites

HindustanTimes.com
A government official, however, indicated that it wasn’t “the most realistic set of guidelines”.
OK. That was a little bit out of context but I couldn't resist.

Germany's e-ID Cards Spark Privacy Debate

MaximumPC.com
The problem many Germans have is that the e-ID cards simply store too much personal information, including date of birth, place of birth, address, biometric photo, and voluntary fingerprints. It's basically a digital goldmine for data thieves. Or Big Brother.

Thursday, November 4, 2010

News Round-up: Border Controls

Today's Biometrics news is all about border control:

State Dept's Amin presses for expanded use of biometrics
(Federal News Radio) Streaming Audio and MP3 download at the link
In order to better protect the nation's security, one of the State Department's top IT officials says Americans need better biometrics in the visa and passport process.
EU seeks to strengthen rules on border patrols (EuropeanVoice.com)
The European Union is considering setting up a reserve of border guards to respond to surges in illegal migration such as that experienced in recent months in Greece.
Skipping the Line at Customs (Wall Street Journal)
International frequent fliers are hailing a program called Global Entry, a "trusted traveler" program run by U.S. Customs and Border Protection.

Wednesday, November 3, 2010

L-1 Identity Solutions Reports Third Quarter 2010 Financial Results

L-1 Expects Sale of L-1 Intelligence Services in Q4 2010 and Acquisition of L-1 by Safran SA in Q1 2011 (BusinessWire.com)
L-1 expects revenue for the full-year ending December 31, 2010 of $685.0 million - $690.0 million, revised from $715.0 million - $725.0 million due to the delay in commencing recently booked biometric and credentialing international programs, coupled with multiple Federal credentialing opportunities sliding into 2011 and a postponement of HIIDE and PIER sales to government customers (see footnote 1).

Tuesday, November 2, 2010

Honest! Abe Lincoln's earliest photo finally 'confirmed'

Facial-recognition software examines daguerreotype bought for $27 (World Net Daily)
Facial recognition expert Robert Schmitt has produced a video in which he analyzes a daguerreotype that may be the earliest photographic image taken of Abraham Lincoln against well-known images of the 16th president.

The daguerreotype, identified only as a "Portrait of a Young Man," was obtained in 1977 by collector Albert Kaplan, who purchased the image for $27 from among a group of 100 being sold by an art gallery on 57th Street in New York City.
The exercise described in the article is very different than the type of identification we usually discuss here, but it is fascinating nonetheless. Video and many more photos at the link.

Delaware Newspaper Endorses...

...Fingerprint Biometrics in Schools! Well, sort of...
Schools should consider usefulness of fingerprinting (Delaware Wave)
In an era of computer hacking -- the ultimate in human technological malfeasance -- that's no privacy assurance.

Human ingenuity will eventually take care of that problem.

For now, Delaware schools should consider the usefulness of this technology.
On this election day, the most interesting endorsement I found in the morning news wasn't for a political candidate. Rather, it was for keeping an open mind on biometrics in schools.

Monday, November 1, 2010

Biometrics & Elections

It's election season in many places around the world. Two elections, in particular, have gotten attention for their adoption of biometric identity management techniques.

Brazil elects Dilma
(CNN.com)
In 60 Brazilian cities, voters used their thumbs instead of ballots on a newly launched biometric system, where voters scan their fingers to log in and vote.
Brazil and Cote d'Ivoire have very different reasons for their decisions. In Brazil, voting is compulsory, so practically every adult cast a vote. Anything that increases the efficiency of the voting process is likely to pay dividends at such high turnout rates. An earlier post about the Brazilian elections is here.

Ivory Coast election a crucial crossroads (Forbes.com)
Cote d'Ivoire has a very different set of challenges.
"Ivorians want to have peaceful elections. People are tired," said journalist and political analyst Abdoulaye Sangare. But if any party fails to accept the outcome, "there could be violence. And if there is, nobody can say where it might stop."

From Travel.State.gov:
Cote d'Ivoire has been a divided country since a 2002 failed coup attempt evolved into an armed rebellion that split the country in two. Ivorian President Laurent Gbagbo and New Forces leader Guillaume Soro signed the Ouagadougou Political Agreement (OPA) in March 2007, and a new government was formed with Soro as Prime Minister (PM). Implementation of the accord, including federal elections, is ongoing, but long-awaited elections have been postponed repeatedly.
In such a fragile country, the integrity of the vote is of paramount importance. It's not too much of a stretch to assert that thousands of lives are at stake, depending upon a clean election to maintain peace.