Biometrics

From Wikipedia, the free encyclopedia

  (Redirected from Biometric)
Jump to:navigation, search
For the academic journal of statistics in biology, see Biometrics (journal). For the application of statistics to topics in biology, see Biostatistics.
At Walt Disney World biometric measurements are taken from the fingers of guests to ensure that the person's ticket is used by the same person from day to day

Biometrics comprises methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In computer science, in particular, biometrics is used as a form of identity access management and access control. It is also used to identify individuals in groups that are under surveillance.

Biometric characteristics can be divided in two main classes:

Strictly speaking, voice is also a physiological trait because every person has a different vocal tract, but voice recognition is mainly based on the study of the way a person speaks, commonly classified as behavioral.

Contents

[edit] Introduction

The basic block diagram of a biometric system

It is possible to understand if a human characteristic can be used for biometrics in terms of the following parameters:[2]

A biometric system can operate in the following two modes:

The first time an individual uses a biometric system is called an enrollment. During the enrollment, biometric information from an individual is stored. In subsequent uses, biometric information is detected and compared with the information stored at the time of enrollment. Note that it is crucial that storage and retrieval of such systems themselves be secure if the biometric system is to be robust. The first block (sensor) is the interface between the real world and the system; it has to acquire all the necessary data. Most of the times it is an image acquisition system, but it can change according to the characteristics desired. The second block performs all the necessary pre-processing: it has to remove artifacts from the sensor, to enhance the input (e.g. removing background noise), to use some kind of normalization, etc. In the third block necessary features are extracted. This step is an important step as the correct features need to be extracted in the optimal way. A vector of numbers or an image with particular properties is used to create a template. A template is a synthesis of the relevant characteristics extracted from the source. Elements of the biometric measurement that are not used in the comparison algorithm are discarded in the template to reduce the filesize and to protect the identity of the enrollee.

If enrollment is being performed, the template is simply stored somewhere (on a card or within a database or both). If a matching phase is being performed, the obtained template is passed to a matcher that compares it with other existing templates, estimating the distance between them using any algorithm (e.g. Hamming distance). The matching program will analyze the template with the input. This will then be output for any specified use or purpose (e.g. entrance in a restricted area).

[edit] Performance

The following are used as performance metrics for biometric systems:[3]

As the sensitivity of the biometric device increases, the FAR decreases but the FRR increases.[citation needed]

[edit] Current, Emerging and Future Applications of Biometrics

[edit] Identity Enabled Biometrics

According to a 2009 publication of Booz Allen [4] : "Biometrics-Enabled Intelligence has quickly become an accepted tool for solving immediate identity problems." The publication argues that "Biometric information exhibits an inherent reliability, whether it is collected overtly or covertly. Biometric identity data is readily indexed, sorted, and stored. Intelligence analysts and law enforcement personnel use it as the central criteria to establish identity and as a basis to recommend action."

Identity Enabled Biometrics seeks "to turn disparate pieces of data into meaningful analytics and substantive intelligence". To do this "raw biometric information is fused with contextual information to produce useful and actionable intelligence." For example, Booz Allen claim it can be used to answer questions such as:

Apparently this technology is mature, as Booz Allen claim to have supported identity-enabled intelligence missions for more than 15 years (as of 2010). Representative clients include the U.S. Department of Defense, US Army National Ground Intelligence Center, and US Army Intelligence and Security Command.

[edit] Proposal calls for biometric authentication to access certain public networks

John Michael (Mike) McConnell, a former vice admiral in the United States Navy, a former Director of US National Intelligence, and Senior Vice President of Booz Allen Hamilton promoted the development of a future capability to require biometric authentication to access certain public networks in his Keynote Speech[5] at the 2009 Biometric Consortium Conference. We quote relevant portions of McConnells speech below:

Dot com is the wild wild west. That is where huge wealth resides. That is where huge transactions of strategic importance take place. Now the civil libertarians will pick this up as, privacy. Must maintain my anonymity. I will submit, at some point of time, we are going to have to morph .com to have a sister net, or a maybe a separate net, to have .secure, or .private or dot something so if you are doing a 10 billion $ transaction, and you need to have the basics of security, the basics of security being authentication, data integrity, non-repudiation, confidentiality and availability.

and

My premise is, we can not run this global enterprise, with the values that are embedded in this information, money, power, what is so important to us, in a wild west, uncoordinated way. We have to engage in a way that gets authentication, data integrity, and an ability for non-repudiation, and that is going to require us to make decisions and involve the Government, and involve the private sector in a way that is very different, if we are going to mitigate this risk.

and

I believe those of you in this room [ed: speaking to the biometric community], inherently would understand this, and I believe those of you who make these wonderful biometric capabilities, can go a long way to building in, a relatively inexpensive way, the necessary ingredients. When you can identify a human being uniquely in the globe, why can't you build that into our infrastructure in a way that you have assurance and authentication. So you can keep the bad stuff out or when bad stuff happens, you can track it down.

A basic premise in the above proposal is that the person that has uniquely authenticated themselves using biometrics with the computer is in fact also the agent performing potentially malicious actions from that computer. However, if control of the computer has been subverted, for example in which the computer is part of a botnet controlled by a hacker, then knowledge of the identity of the user at the terminal does not materially improve network security or aid law enforcement activities.

[edit] Issues and concerns

Question book-new.svg
 This section needs additional citations for verification.
Please help improve this article by adding reliable references. Unsourced material may be challenged and removed. (March 2009)

[edit] Privacy and discrimination

Data obtained during biometric enrollment could be used in ways the enrolled individual does not consent to.

[edit] Danger to owners of secured items

When thieves cannot get access to secure properties, there is a chance that the thieves will stalk and assault the property owner to gain access. If the item is secured with a biometric device, the damage to the owner could be irreversible, and potentially cost more than the secured property. For example, in 2005, Malaysian car thieves cut off the finger of a Mercedes-Benz S-Class owner when attempting to steal the car.[6]

[edit] Cancelable biometrics

One advantage of passwords over biometrics is that they can be re-issued. If a token or a password is lost or stolen, it can be cancelled and replaced by a newer version. This is not naturally available in biometrics. If someone’s face is compromised from a database, they cannot cancel or reissue it. Cancelable biometrics is a way in which to incorporate protection and the replacement features into biometrics. It was first proposed by Ratha et al.[7]

Several methods for generating cancelable biometrics have been proposed. The first fingerprint based cancelable biometric system was designed and developed by Tulyakov et al.[8] Essentially, cancelable biometrics perform a distortion of the biometric image or features before matching. The variability in the distortion parameters provides the cancelable nature of the scheme. Some of the proposed techniques operate using their own recognition engines, such as Teoh et al.[9] and Savvides et al.,[10] whereas other methods, such as Dabbah et al.,[11] take the advantage of the advancement of the well-established biometric research for their recognition front-end to conduct recognition. Although this increases the restrictions on the protection system, it makes the cancellable templates more accessible for available biometric technologies.

[edit] International Trading of Biometric Data

Many countries, including the United States, already trade biometric data. To quote a 2009 testimony made before the US House Appropriations Committee, Subcommittee on Homeland Security on “biometric identification” by Kathleen Kraninger and Robert A Mocny [12]

To ensure we can shut down terrorist networks before they ever get to the United States, we must also take the lead in driving international biometric standards. By developing compatible systems, we will be able to securely share terrorist information internationally to bolster our defenses. Just as we are improving the way we collaborate within the U.S. Government to identify and weed out terrorists and other dangerous people, we have the same obligation to work with our partners abroad to prevent terrorists from making any move undetected.

and

So what is next? We need to aggressively pursue innovation. Those who want to do us harm continue to contemplate ways to exploit our weaknesses, so we cannot afford to slow down.

and

We recognize that with the power of biometrics and a foundation of international cooperation, we can transform and enhance the way the people travel the world and the way we protect our nations from those who would do us harm.

According to article written by S. Magnuson in the National Defense Magazine, the United States Defense Department is under pressure to share biometric data [13]. To quote that article:

Miller, (a consultant to the Office of Homeland Defense and America’s security affairs) said the United States has bi-lateral agreements to share biometric data with about 25 countries. Every time a foreign leader has visited Washington during the last few years, the State Department has made sure they sign such an agreement.

[edit] Governments are unlikely to disclose full capabilities of biometric deployments

Certain members of the civilian community are worried about how biometric data is used. Unfortunately, full disclosure may not be forth coming to the civilian community. To quote the Report of the (United States) Defense Science Board Task Force on Defense Biometrics [14]:

Often, it is wise to protect, sometimes even to disguise, the true and total extent of national capabilities in areas related directly to the conduct of security-related activities. This is a classic feature of intelligence and military operations; it also potentially applies to biometrics.

and

We may expect that biometrics-based tools and techniques will be increasingly deployed in sensitive applications, and used to achieve important successes in support of national objectives. In so doing, we must seek to preserve the security of what the intelligence community calls ‘sources and methods,’ even while being able to headline the outcomes of such use when otherwise deemed appropriate.

[edit] Countries applying biometrics

[edit] United States

The United States government has become a strong advocate of biometrics with the increase in fear of terrorism since September 11, 2001.

The FBI is currently spending $1 billion to create a new biometric database, which will store DNA, fingerprints, and other biometric data. The computers running the database will be contained in an underground facility about the size of a football field.[15]

Both the Department of Homeland Security and DARPA are heavily funding research into facial recognition systems.[16] The Information Processing Technology Office, ran a program known as Human Identification at a Distance which developed technologies that are capable of identifying a person at up to 500 ft by their facial features.

President Bush issued a presidential directive (NSPD 59, HSPD 24)[17] in 2008 which requires increased capability for sharing and interoperability in "collection, storage, use, analysis, and sharing of biometric and associated biographic and contextual information of individuals" among the departments and agencies of the executive branch of the U.S. federal government.[17][18]

Starting in 2005, US passports with facial (image-based) biometric data were scheduled to be produced. Privacy activists in many countries have criticized the technology's use for the potential harm to civil liberties, privacy, and the risk of identity theft. Currently, there is some apprehension in the United States (and the European Union) that the information can be "skimmed" and identify people's citizenship remotely for criminal intent, such as kidnapping.

The US Department of Defense (DoD) Common Access Card, is an ID card issued to all US Service personnel and contractors on US Military sites. This card contains biometric data and digitized photographs. It also has laser-etched photographs and holograms to add security and reduce the risk of falsification. There have been over 10 million of these cards issued.

According to Jim Wayman, director of the National Biometric Test Center at San Jose State University, Walt Disney World is the nation's largest single commercial application of biometrics.[19] However, the US-VISIT program will very soon surpass Walt Disney World for biometrics deployment.

[edit] Germany

The biometrics market in Germany will experience enormous growth until 2009. “The market size will increase from approximately 12 million € (2004) to 377 million €” (2009). “The federal government will be a major contributor to this development”.[20] In particular, the biometric procedures of fingerprint and facial recognition can profit from the government project.[20] In May 2005 the German Upper House of Parliament approved the implementation of the ePass, a passport issued to all German citizens which contain biometric technology. The ePass has been in circulation since November 2005, and contains a chip that holds a digital photograph and one fingerprint from each hand, usually of the index fingers, though others may be used if these fingers are missing or have extremely distorted prints. “A third biometric identifier – iris scans – could be added at a later stage”.[21] An increase in the prevalence of biometric technology in Germany is an effort to not only keep citizens safe within German borders but also to comply with the current US deadline for visa-waiver countries to introduce biometric passports.[21] In addition to producing biometric passports for German citizens, the German government has put in place new requirements for visitors to apply for visas within the country. “Only applicants for long-term visas, which allow more than three months' residence, will be affected by the planned biometric registration program. The new work visas will also include fingerprinting, iris scanning, and digital photos”.[22]

Germany is also one of the first countries to implement biometric technology at the Olympic Games to protect German athletes. “The Olympic Games is always a diplomatically tense affair and previous events have been rocked by terrorist attacks - most notably when Germany last held the Games in Munich in 1972 and 11 Israeli athletes were killed”.[23]

Biometric technology was first used at the Olympic Summer Games in Athens, Greece in 2004. “On registering with the scheme, accredited visitors will receive an ID card containing their fingerprint biometrics data that will enable them to access the 'German House'. Accredited visitors will include athletes, coaching staff, team management and members of the media”.[23]

As a protest against the increasing use of biometric data, the influential hacker group Chaos Computer Club published a fingerprint of German Minister of the Interior Wolfgang Schäuble in the March 2008 edition of its magazine Datenschleuder. The magazine also included the fingerprint on a film that readers could use to fool fingerprint readers.[24]

[edit] Brazil

Question book-new.svg
 This section needs additional citations for verification.
Please help improve this article by adding reliable references. Unsourced material may be challenged and removed. (March 2009)

Since the beginning of the 20th century, Brazilian citizens have had user ID cards. The decision by the Brazilian government to adopt fingerprint-based biometrics was spearheaded by Dr. Felix Pacheco at Rio de Janeiro, at that time capital of the Federative Republic. Dr. Pacheco was a friend of Dr. Juan Vucetich, who invented one of the most complete tenprint classification systems in existence. The Vucetich system was adopted not only in Brazil, but also by most of the other South American countries. The oldest and most traditional ID Institute in Brazil (Instituto de Identificação Félix Pacheco) was integrated at DETRAN[25] (Brazilian equivalent to DMV) into the civil and criminal AFIS system in 1999.

Each state in Brazil is allowed to print its own ID card, but the layout and data are the same for all of them. The ID cards printed in Rio de Janeiro are fully digitized using a 2D bar code with information which can be matched against its owner off-line. The 2D bar code encodes a color photo, a signature, two fingerprints, and other citizen data. This technology was developed in 2000 in order to enhance the safety of the Brazilian ID cards.

By the end of 2005, the Brazilian government started the development of its new passport. The new documents started to be released by the beginning of 2007, in Brasilia. The new passport included several security features, like Laser perforation, UV hidden symbols, security layer over variable data and etc. Brazilian citizens will have their signature, photo, and 10 rolled fingerprints collected during passport requests. All of the data is planned to be stored in ICAO E-passport standard. This allows for contactless electronic reading of the passport content and Citizens ID verification since fingerprint templates and token facial images will be available for automatic recognition.

[edit] Iraq

Biometrics are being used extensively in Iraq to catalogue as many Iraqis as possible providing Iraqis with a verifiable identification card, immune to forgery. During account creation, the collected biometrics information is logged into a central database which then allows a user profile to be created. Even if an Iraqi has lost their ID card, their identification can be found and verified by using their unique biometric information. Additional information can also be added to each account record, such as individual personal history.

[edit] India

India is undertaking an ambitious mega project (the Multipurpose National Identity Card) to provide a unique identification number to each of its 1.25 billion people. The Identification number will be stored in a central databases. consisting the biometric information of the individual. If implemented, this would be the biggest implementation of the Biometrics in the world. India's Home Minister, P Chidambaram, described the process as "the biggest exercise... since humankind came into existence". The government will then use the information to issue identity cards. Officials in India will spend one year classifying India's population according to demographics indicators. The physical count will begin on February 2011[26].

[edit] Italy

Italy has standadized protocols in use to police forces. Specialist and University Faculty *Enrico Manfredi d'Angrogna Luserna v. Staufen Rome University Tor Vergata - Siena University

[edit] United Kingdom

Fingerprint scanners used in some schools to facilitate the subtraction of funds from an account financed by parents for the payment of school dinners. By using such a system nutritional reports can be produced for parents to surveil a child's intake. This has raised questions from liberty groups as taking away the liberty of choice from the youth of society. Other concerns arise from the possibility of data leaking from the providers of school meals to interest groups that provide health services such as the NHS and insurance groups that may end up having a detrimental effect on the ability of individuals to enjoy equality of access to services.

[edit] Australia

Visitors intending to visit Australia may soon have to submit to biometric authentication as part of the Smartgate system, linking individuals to their visas and passports. Biometric data are already collected from some visa applicants by Immigration. Australia is the first country to introduce a Biometrics Privacy Code, which is established and administered by the Biometrics Institute. The Biometrics Institute Privacy Code Biometrics Institute forms part of Australian privacy legislation. The Code includes privacy standards that are at least equivalent to the Australian National Privacy Principles (NPPs) in the Privacy Act and also incorporates higher standards of privacy protection in relation to certain acts and practices. Only members of the Biometrics Institute are eligible to subscribe to this Code. Biometrics Institute membership, and thus subscription to this Code, is voluntary.

[edit] Canada

Canada has begun research into the use of biometric technology in the area of border security and immigration. Citizenship and Immigration Canada and the Canada Border Services Agency will probably be the first government institutions to fully implement the technology in Canada.

[edit] Israel

The Israeli government has passed a bill calling for the creation of a biometric database of all Israeli citizens; the database will contain their fingerprints and facial contours. Upon enrolling, a citizen would be issued a new form of an identification card containing these biometrics. The law is currently in its trial period, during which enrollment is optional; pending on successful trial, enrollment would be mandatory for all citizens.[27]

Opponents of the proposed law, including prominent Israeli scientists and security experts, warned that the existence of such a database could damage both civil liberties and state security, because any leaks could be used by criminals or hostile individuals against citizens.[28][29]

[edit] New Zealand

SmartGate was launched by the New Zealand government at Auckland International Airport on Thursday 3 December 2009. It will begin operating in Wellington and Christchurch from next year.

The kiosk and gate system will allow all New Zealand and Australian electronic passport holders over 18 to clear passport control without needing to have their identity checked by a Customs officer.

Deputy comptroller of customs John Secker said SmartGate represented probably the biggest single development in border processing in New Zealand in the past two decades. People will have a choice whether they want to use the system or go through normal passport control.

[edit] Biometrics in popular culture

Wiki letter w.svg This section requires expansion.

(many more additional examples can be found at http://pagesperso-orange.fr/fingerchip/biometrics/movies.htm)

[edit] See also

[edit] References

  1. ^ http://www.cilab.upf.edu/biosecure1/public_docs_deli/BioSecure_Deliverable_D10-2-3_b3.pdf[dead link]
  2. ^ Jain, A. K.; Ross, Arun; Prabhakar, Salil (January 2004), "An introduction to biometric recognition", IEEE Transactions on Circuits and Systems for Video Technology 14th (1): 4–20, doi:10.1109/TCSVT.2003.818349 
  3. ^ ""CHARACTERISTICS OF BIOMETRIC SYSTEMS"". Cernet. http://www.ccert.edu.cn/education/cissp/hism/039-041.html. 
  4. ^ BoozAllen (October 2009), "Biometrics-Enabled Intelligence", WhitePaper, BoozAllen, http://www.boozallen.com/media/file/Biometric-Enabled_Intelligence.pdf, retrieved 20 February 2010 
  5. ^ McConnell, Mike (January 2009), KeyNote Address., Tampa Convention Center, Tampa, Florida,, http://www.boozallen.com/consulting-services/services_article/42861927, retrieved 20 February 2010 
  6. ^ BBC News: Malaysia car thieves steal finger
    Another report, giving more credence to the story: [1]
  7. ^ N. K. Ratha, J. H. Connell, and R. M. Bolle, "Enhancing security and privacy in biometrics-based authentication systems," IBM systems Journal, vol. 40, pp. 614-634, 2001.
  8. ^ S. Tulyakov, F. Farooq, and V. Govindaraju, “Symmetric Hash Functions for Fingerprint Minutiae,” Proc. Int’l Workshop Pattern Recognition for Crime Prevention, Security, and Surveillance, pp. 30-38, 2005
  9. ^ A. B. J. Teoh, A. Goh, and D. C. L. Ngo, "Random Multispace Quantization as an Analytic Mechanism for BioHashing of Biometric and Random Identity Inputs," Pattern Analysis and Machine Intelligence, IEEE Transactions on, vol. 28, pp. 1892-1901, 2006.
  10. ^ M. Savvides, B. V. K. V. Kumar, and P. K. Khosla, ""Corefaces"- Robust Shift Invariant PCA based Correlation Filter for Illumination Tolerant Face Recognition," presented at IEEE Computer Society Conference on Computer Vision and Pattern Recognition (CVPR'04), 2004.
  11. ^ M. A. Dabbah, W. L. Woo, and S. S. Dlay, "Secure Authentication for Face Recognition," presented at Computational Intelligence in Image and Signal Processing, 2007. CIISP 2007. IEEE Symposium on, 2007.
  12. ^ Kraniger, K; Mocny, R. A. (March 2009), "Testimony of Deputy Assistant Secretary for Policy Kathleen Kraninger, Screening Coordination, and Director Robert A. Mocny, US-VISIT, National Protection and Programs Directorate, before the House Appropriations Committee, Subcommittee on Homeland Security, "Biometric Identification"", US Department of Homeland Security, http://www.dhs.gov/ynews/testimony/testimony_1237563811984.shtm, retrieved 20 February 2010 
  13. ^ Magnuson, S (January 2009), "Defense department under pressure to share biometric data.", NationalDefenseMagazine.org, http://www.nationaldefensemagazine.org/ARCHIVE/2009/JANUARY/Pages/DefenseDepartmentUnderPressuretoShareBiometricData.aspx, retrieved 20 February 2010 
  14. ^ Defense Science Board (DSB) (September 2006), "On Defense Biometrics", Unclassified Report of the Defense Science Board Task Force, Washington, D.C. 20301-3140: Office of the Under Secretary of Defense For Acquisition, Technology, and Logistics, http://www.acq.osd.mil/dsb/reports/ADA465930.pdf, retrieved 20 February 2010 
  15. ^ Arena, Kelly; Carol Cratty (4 February 2008). "FBI wants palm prints, eye scans, tattoo mapping". CNN. http://www.cnn.com/2008/TECH/02/04/fbi.biometrics/. Retrieved 2009-03-14. 
  16. ^ Frank, Thomas (10 May 2007). "Face recognition next in terror fight". USA Today. http://www.usatoday.com/news/washington/2007-05-10-facial-recognition-terrorism_N.htm. Retrieved 2009-03-16. 
  17. ^ a b Office of the Press Secretary, The White House (5 June 2008). "National Security Presidential Directive and Homeland Security Presidential Directive". Press release. http://georgewbush-whitehouse.archives.gov/news/releases/2008/06/20080605-8.html. Retrieved 2008-06-30. 
  18. ^ Bain, Ben (6 June 2008). "Bush pushes biometrics for national security". Federal Computer Week (Media, Inc.). http://www.fcw.com/online/news/152750-1.html. Retrieved 2008-06-30. 
  19. ^ Article describing Disney's 2006 biometric initiative replacing hand geometric scanners with fingerprint readers
  20. ^ a b The Biometrics Market in Germany 2004-2009: Anti-terrorism Laws Drive Growth - Market Research Reports - Research and Markets
  21. ^ a b IDABC - DE: Germany to phase-in biometric passports from November 2005
  22. ^ Migration Information Source - Germany Weighs Biometric Registration Options for Visa Applicants
  23. ^ a b Biometrics used to keep German Olympians safe - Software - Breaking Business and Technology News at silicon.com
  24. ^ CCC publishes fingerprints of Wolfgang Schäuble, the German Home Secretary, Heise Online, published 2008-03-31, accessed 2008-04-17
  25. ^ http://www.detran.rj.gov.br/_documento.asp?cod=1438
  26. ^ [2]
  27. ^ The Jerusalem Post: Knesset approves controversial Biometric Database Law
  28. ^ Digital World: Getting to know all about you and me
  29. ^ YNET: Biometric Database - A Danger to State Security
  30. ^ Video of the Mythbusters episode on how to hack fingerprint scanners

[edit] Further reading

Retrieved from "http://en.wikipedia.org/wiki/Biometrics"
Navigation
Interaction
Toolbox
Print/export
Languages