Ethics Issues with Biometrics

/in /by

The use of biometric information to identify or authenticate individuals gives rise to ethical concerns around the improper use of the identification and authentication processes because the biometric data is considered personal data. It is important for the public to be aware of some of the ethical concerns with regards to biometrics:

Tracking you down – Although biometrics measurements are used to identify individuals as agreed by the end user, it can also be used to track their movements and activities in ways completely unrelated to the task for which the identifying information was originally collected. When using biometric data, there is no way to decouple the identifying information from the person. That is, every place where the biometric information is captured can be linked with every other time and place that biometric information has been presented, forming a complete picture of the individual’s activities, tastes, financial position, associates, affiliations, and whereabouts. Although this may be desirable when talking about criminal activity, it’s an extreme violation of personal privacy for normal citizens going about their noncriminal lives. It is important to realise that many of the biometric measurements can be captured without the individual’s knowledge or consent.

Some biometric measures — such as gait, iris, facial imaging and voiceprint — cannot easily be concealed in public places, and might allow entities in possession of this kind of biometric information to know far more about the subject than would be possible otherwise. Indeed,

focuses on the Invasion of Privacy as one of the essential biometric scenarios to plan for. The use of biometrics has numerous benefits as highlighted in previous articles. However, the use of biometrics also risks biometrics data and results in data creep, in which biometric information given voluntarily to one recipient for one purpose may be transferred, without permission, to another recipient, linked with other data and applied to a new purpose. The risk of invasion of privacy has increased as the number of organisations implementing biometric based solution has increased significantly and most of these organisations never plan for this vital biometric scenario.

The events of September 11th have spurred an increased activity of private and public interest in security and especially, biometrics. The rapid implementations of biometric technology by some organisations with limited knowledge on the subject may result in sacrificing privacy rights in the name of security. In fact, it is so common for most organisations to tell employees who have concerns with regards to biometrics privacy that the implementation of biometrics is for their benefits and fail to address the privacy concerns. It is normal for people to feel that collecting and storing biometric information about them is a personal violation of their privacy. It is important to get to the practical root of the problem by asking exactly what bothers them about the chosen biometrics. The idea is to fully understand their concerns and try to address them. For example, What if the stored biometric data could be used to create a false version of the same biometric data (such as fingerprints) and the imposter now has accesses to all resources. Biometrics security is secure and therefore it is difficult to detect when biometric has been compromised.

Therefore it is essential that any organisation planning to embark on biometric based projects plan for at least the following biometric scenarios:

  • High security hosting which focuses on a high volume of people requiring access to a highly secure facility and access is granted if you are on a master list of authorized individuals.
  • Other Entry Access which focuses securing all the entry accesses to the facility including side entrances.
  • Port of entry which focuses a high volume of people requiring access to a highly secure facility without the advantages of a master list for authorised individuals.
  • And biometrics limitation scenarios which focuses on situations where the chosen biometrics technology may not be suitable.
  • Malicious software, malware, which focuses on malware on the biometric system. The impact of malware on a biometric server can be devastating depending on the actions performed by the malware.

Researchers at Biometric Research Laboratory (BRL) within Namibia Biometric Systems (NBS) will continue to further highlight the most common use scenarios and some possible pitfall scenarios for biometrics in the next few articles.

More information on the implementation of biometrics based solutions can be requested from info@namibiabiometricsystems.com

Biometric System Threats and Vulnerability

/in /by

A biometric system can generally be thought of just like another information system with a few exceptions. Like any information system, biometric systems contain sensitive information that must be protected from authorized disclosure, modification or corruption.

However, unlike most other information systems, a biometric system is used to protect other systems and assets. Therefore the value of the biometric system is equal to the value of all the assets that it protects. In particular, the value of a security failure associated with the biometric system is defined as the sum of all the value associated with systems it protects. It is obvious that the level of attention to the security of a biometric system should be quite high.

It is important to understand the vulnerabilities present in biometric systems and the threats that endanger them, the typical attacks on biometric systems, steps to be taken to strengthen the security of a biometric system and the assets in the organization that such strengthening helps to protect.

Like any other technology used to protect valuable business assets, biometrics security can be relentlessly attacked until its weaknesses can be found and exploited. The biometric systems may also contain valuable information that becomes the target of attackers. Thus, it is important to understand the threats to biometric systems and the vulnerabilities those threats target before we can hope to adequately protect our assets.

It is a must that we understand the meaning of the terms threat, vulnerability and risk. Vulnerability is a weakness in a system that may permit an attacker to compromise it. Threat is a potential activity that would, if it occurred, harm a system. Risk is the potential negative impact if a harmful event were to occur. It is vital to realise that not all vulnerabilities are of the type that can be attacked or exploited by someone of malicious intent. Vulnerabilities could lead to human error, whether of omission or commission, that could result in harm to a system. For example, a computer program whose users interface is so obscure that it leads to users who select the wrong options or perform the wrong tasks, resulting in errors and mistakes. An attacker may not have intent or means to attack this kind of vulnerability, the vulnerability still exists and can still result in trouble. The interface to a biometric system may have vulnerabilities.

More information on the implementation of biometrics based solutions can be requested from info@namibiabiometricsystems.com

Common Mistakes when Implementation Biometrics Based Systems

/in /by

In today’s modern society biometric identification is integral to improved security and information management in both private and government applications to reduce risk and improve business efficiencies.

The 1st step in implementing a biometrics solution is been able to select a suitable biometric system meeting predefined criterions. It is important to understand not just the differences between the biometric systems, but also which factors are the most importance for a particular environment and target population. There are quite a large number of biometric technologies and applications out there. For example, usability may be more important than uniqueness for clocking into an engineering plant, whereas uniqueness is likely to be the main consideration in a corrections facility. The factors to consider are:

Universality – How common is the biometric characteristics? Every individual accessing the application should possess the trait. For example, signature biometrics might not be suitable for illiterate users who may not be able to sign. Similarly, a biometric system may not be able to acquire meaningful biometric data from a subset of individuals resulting in a failure to enroll (FTE) error. For example, a fingerprint system may fail operate on some individuals due to the poor quality of their fingerprints.

Uniqueness – It is desirable that the given trait is sufficiently different across individuals comprising the population. It is critical to understand how similar a biometric characteristic is to that of others and therefore how likely it is to be mistaken for another? One of the most common biometric questions is that of uniqueness, how unique is a human face, human fingerprints or DNA? Such a measure is important for biometric system vulnerabilities, especially as a measure of the strength of cryptosystems and for privacy measures.

Permanence – It is desirable that the biometric trait of an individual is sufficiently invariant over a period of time with respect to the matching algorithm. Therefore it is vital to understand to the extent to which the trait remains unchanged over a lifetime. For example, signature biometrics might low permanence, as the handwritten signature tends to vary along time and vulnerability to direct attacks using forgeries.

Collectability –It is desirable that the biometric trait can easily be captured using suitable devices that do not cause undue inconvenience to the individual. For example, face recognition might be convenient for recognizing suspected criminal from a distance by the authorities while retina scan would be inconvenient for the policy. It is important to further understand if the biometric technology will operate indoors where lighting, temperature and other variables are controlled, or outdoors where things are more variable.

Performance – It is desirable that the associated technology is robust in terms of speed. Different biometric technologies can perform human verification at different speeds. In addition, a biometrics system operating in verification mode is significantly faster than a similar system operating in identification mode. See previous articles for reference.

Acceptability – Individuals in the target population that will utilize the application should be willing to present their biometric trait to the system. It’s important to be familiar with the target population who’ll be using the biometric solution. For example, are they members of the general public with a mix of ethnic and education levels and a variety of attitudes?

Circumvention – How likely it is that a person could find a way around the technology and therefore achieving unauthorised access? This requires a good understanding of the False accept and false reject rate which was introduced in the previous articles.

More information on the implementation of biometrics based solutions can be requested from info.@namibiabiometricsystems.com.

An Introduction to Statistical Measures of Biometrics

/in /by

The main aspect used to measure or evaluate the performance of a biometric system is its accuracy. From the user’s point of view, an error of accuracy occurs when the system fails to authenticate the identity of a registered person or when the system erroneously authenticates the identity of an intruder. For example, for Cars we can measure fuel consumption. Biometrics systems have their own similar performance measures unlike traditional authentication methods based on Something You Know or Something You Have.

To know if a car has a good fuel economy or not, we look at how much fuel it consumes per kilometre on average. We then compare to our expectations or some other accepted measures. Therefore, knowing what a performance measurement means is significantly important. The statistical performance measures employed for biometrics are:

  • FAR (False Acceptance Rate)
  • FRR (False Rejection Rate)
  • FTE (Failure to Enroll)
  • EER (Equal Error Rate)

False acceptance rate, or FAR, is the measure of the likelihood that the biometric security system will incorrectly accept an access attempt by an unauthorized user. For example, if Mr. A goes to a biometrics system and claims to be Mr. B, Mr. A has just made a false claim that he is Mr. B. The biometrics system then measures Mr. A’s biometric for verification. If the biometric system agrees that Mr. A is Mr. B or matches Mr. A to Mr. B, then there is a false acceptance. The reason why this can occur will be discussed in later articles.

False rejection rate, or FRR, is the measure of the likelihood that the biometric security system will incorrectly reject an access attempt by an authorized user. For example, if Mr. B goes to a biometrics system and claim to be Mr. B, then Mr. B has just made a true claim. If the biometric system does not match Mr. B to Mr. B, then there is a false rejection. The reason why this can occur will be discussed in later articles.

Failure to Enroll Rate or FTE is the measure of the likelihood that the biometric security system will fail to enrol a user. For example, Mr. A attempts to have his biometric trait enrolled. At this time, he is unable to be enrolled. The reason why this can occur will be discussed in later articles.

Equal Error Rate, or EER, is the measure of the likelihood that the biometric security system has the FAR equal to the FRR. This is a very important measure for any biometrics system. The reason why this can occur will be discussed in later articles.

Why Use Biometric Authentication

/in , /by

The primary aim of Biometrics is to solve the limitations of the old traditional access controls to humans. More traditional means of access control include token-based identification systems, such as a driver’s license or passport, and knowledge-based identification systems, such as a password or personal identification number. In particular, traditional methods have the following limitations:

Weak passwords are easy to guess (by non legitimate user) and difficult passwords may be hard to remember (by a legitimate user). This could lead to a security breach where personal or business secrets are stolen by an outsider.

Sharing credentials is generally common with colleagues although this is forbidden by policy. A computer user shares his or her password with a colleague who requires access — even though, in most organizations (and in many security-related laws and regulations), this is forbidden by policy.

User convenience may not be possible using traditional security techniques. For example, users maintaining different passwords for different applications may find it challenging to recollect the password associated with a specific application.

Lost key cards can easily be obtained by non legitimate users. Often they have the name of the organization on them, so it’s like finding a key with an address on it, permitting the person who found it a free after-hours tour of the organisation.

Sophisticated Criminals have acquired great expertise in circumventing the old identification systems. This has resulted in a global rise of identity fraud and theft and the use of sophisticated means to evade detection.

By using biometrics it is possible to establish an identity based on `who you are’, rather than by `what you possess’ (e.g., an ID card) or `what you remember’ (e.g., a password). Biometrics is based on Physiological and Behavioural characteristics. Physiological characteristics include fingerprints, hand geometry, facial image, retina and iris. The behavioural characteristics are actions carried out by a person in a characteristic way and include signature, voice pattern, keystroke sequences and gait (the body movement while walking).

How Biometric Authentication Works

/in /by

In general, biometric systems collect a sample of a physiological or behavioural characteristic, then, utilizing an algorithm, translate the sample into a unique template. A template is the digital representation of a biometric characteristic. In many cases, characteristics are recorded as images, but for speaker recognition a waveform is recorded and for signature recognition, time series data. This phase is called enrollment. This reference may be stored in a central database or on a card (or both) depending on the needs of the application. The enrollment phase is similar to a user registering their password to protect access to their valuable data such as an online banking account.

Once an individual has been enrolled an algorithm will allow the matching of an enrolled template with a new template just created for verifying an identity called a live template. When a stored template and a live template are compared, the system calculates how closely they match. If the match is close enough, a person will be verified. If the match is not close enough, a person will not be verified and rejected. Physiological or behavioural characteristics of non legitimate users who are rejected could be stored and shared with local or international authorities. This is similar to a user claiming ownership of protected information and using their password for verification.

There are two modes for biometric recognition: verification and identification. In verification, an identity is claimed and the comparison process is limited to checking the reference corresponding to this identity. In identification, no claim of identity is necessary and the system searches its reference database to find if a stored reference matches the biometric characteristics recorded.

Planning for Biometrics Scenarios – Part 4

/in , /by

This article focuses on malicious software, malware, on a server that contains biometrics sensitive information. This scenario happens hundreds or thousands of times each day around the world. The impact of malware on a biometric server can be devastating. It is therefore critical to plan for this scenario. Planning for this scenario must consider at least the followings:

  • Clear definition of what is a malware.
  • Clear guidelines on the use of biometric systems.
  • Clear action plan to follow in an emergency situation.

The problem in this scenario is what you don’t know: Suppose you discover that a program with some sort of ill intent has been installed on a system containing your biometric database and you don’t know for sure what that program code may have done or had access to. In the worst-case scenario, it granted hackers direct access to that server (and possibly the rest of your network) and the hackers downloaded all the information to see what they could do with it. All the information on that system may be in the hands of someone that intends to do you harm. The biometric data on the database could have been compromised. The action plan to follow will depend on what action the malware performed on the database. If the biometric information was not compromised, all you need to do is eliminate the malware. On the other hand, if the biometric data was compromised, a strict action plan is required to ensure that the impact to the system and users is minimal.

Any action on the biometric database must address the followings:

  • What are the security requirements for the installation?
  • What is the legal, regulatory and public relations environment for the organization?
  • If the malware is well known to the antivirus/antispyware community, do you also know what it really does?

The other biometric scenarios to plan for are (i) high security hosting which focuses on a high volume of people requiring access to a highly secure facility and access is granted if you are on a master list of authorized individuals. (ii) Other Entry Access which focuses securing all the entry accesses to the facility including side entrances. (iii) Port of entry which focuses a high volume of people requiring access to a highly secure facility without the advantages of a master list for authorised individuals. (iv) And biometrics limitation scenarios which focuses on situations where the chosen biometrics technology may not be suitable.

Researchers at Biometric Research Laboratory (BRL) within Namibia Biometric Systems (NBS) will continue to further highlight the most common use scenarios and some possible pitfall scenarios for biometrics in the next few articles.

More information on the implementation of biometrics based solutions can be requested from info@namibiabiometricsystems.com

Planning for Biometrics Scenarios – Part 3

/in , /by

The previous two articles outlined three main biometric scenarios to plan for such as high security hosting, other Entry Access and Port of entry. In summary so far:

  • High security hosting – Mainly concerned with a high volume of people requiring access to a highly secure facility. A master list of authorized individuals is kept and a manual check of each incoming person’s identification (usually a photo ID) is also conducted. It is obvious that the manual checks are challenging even for the highly trained guards to remember every individual on the master list.
  • Other Entry Access – Mainly concerned with securing all the entry accesses to the facility including side entrances. Consider a building which has a lobby with a security guard, does it actually require a biometric entry control for the lobby? Or does it depending on the size of the company and the size of the building, the security guard may recognize everyone who has a legitimate need for access.
  • Port of entry – Mainly concerned with a high volume of people requiring access to a highly secure facility without the advantages of a master list for authorised individuals. Traditional port of entry system depends to a large degree on how hard it is to modify or create a passport without being detected.

This article focuses on the fourth biometric scenario known as biometrics limitation scenarios. Badly researched biometric solutions are likely to encounter scenarios where the chosen biometrics technology may not be suitable. Biometrics limitation scenarios will present itself sooner or later depending on the size of the user population and how long biometrics has been employed as a solution. There may be situations where the specific biometric been captured doesn’t apply to someone because the required body part is either missing or just doesn’t conform to the parameters that the biometric system expects. It is also common for biometrics to fail even if the required body part or biometric trait is available for a variety of reasons. The problem is that there’s a pretty broad variation across our species, and some measurements make a lot of assumptions that are based on statistical norms. In order to a biometric solution to work effectively and efficiently, it is important to make accommodations for individuals who are not able to use the system.

Researchers at Biometric Research Laboratory (BRL) within Namibia Biometric Systems (NBS) will continue to further highlight the most common use scenarios and some possible pitfall scenarios for biometrics in the next few articles.

More information on the implementation of biometrics based solutions can be requested from info@namibiabiometricsystems.com

Planning for Biometrics Scenarios – Part 2

/in /by

The previous article outlined two main biometric scenarios to plan for, high security hosting and Other Entry Access. High security hosting has to deal with a high volume of people requiring access to a highly secure facility via a guarded access point which makes impossible for highly trained guards to remember every individual who should be allowed in the facility without the unnecessary delays. Remembering all the individuals on the master list is a big challenge for even the most qualified guards. Other Entry Access deals with the size of the organisation and the volume of people entering and accessing the facilities which impacts the decision processes for selecting a suitable security solution. Organisations must plan for all biometric scenarios as required by their organisation including side entrances and parkinglot elevators with no human supervision, so anyone who happens to know the door code from watching someone else punching it in would be able to gain access to the facility. This article focuses on the 3rd biometric scenario to plan for, Port of entry.

Port of entry scenarios are similar to high-security hosting, only on a massively larger scale and without the advantage of a master list of authorized persons. In general, traditional port of entry system utilises traditional passports which are relatively difficult to duplicate identification. Traditional passports employ manual biometrics whereby the officer at the gate compares the passport picture with the person presenting it. Traditional passport system depends to a large degree on how difficult it is to modify or create a passport without being detected. In addition, manual biometrics is prone high error rates especially when the officer is suffering from tiredness. The outlined challenge can easily be circumvented by biometrics by include electronics with the passport itself so it has these two features:

  • An electronic key to verify that the information on the passport was encrypted using a key belonging to the country of origin.
  • Encrypted biometric data that can be compared to the biometrics of the person presenting the passport.

Biometric based systems are not perfect, but make the data somewhat harder to forge and do not require a master database. Another port of entry concern is the identification of individuals on the watch lists or those who have been expelled from the country for some reason. With biometrics, it’s possible to collect biometric information from the subjects with or without their cooperation and then use that information to identify them as they try to cross the border. This scenario does require a master list of persons and their biometrics but it’s much smaller than the list of everyone on Earth who might decide to travel.

Researchers at Biometric Research Laboratory (BRL) within Namibia Biometric Systems (NBS) will continue to further highlight the most common use scenarios and some possible pitfall scenarios for biometrics in the next few articles. Are our borders equipped with the technology to monitor international watch list?

More information on the implementation of biometrics based solutions can be requested from info@namibiabiometricsystems.com.

Planning for Biometrics Scenarios

/in /by

Biometrics encompasses a large field of research and there are more interesting scenarios where biometrics can be employed. Biometrics may have associated possible pitfall scenarios. Examples of interesting uses of biometrics are as follows:

  • High-Security Hosting – A high volume of people requiring access per second to a highly secure facility via a guarded access point would make it impossible even for a highly trained guard to remember every individual who should be allowed in the facility without unnecessary delays. In addition, any delay in communication from the facility officials to the security guards can result in a significant delays and loop holes in the security of the facility. For example, suppose that an employee gets fired and the employee is not allowed back in the building. This will require efficient communication to all the guards to avoid any breach in security. The situation can easy become impossible if more employees are fired and new employees are hired simultaneously. The most common entry access control is to computer-network hosting facilities. In computer-network hosting facilities, a hosting company offers rack space, network connections, environmental controls and power to clients who want to host services at such a facility instead of building it themselves. The hosting provider is likely to have a lot of clients and therefore it will have to prove physical security to its clients. It is usual that each client submits a list of people who are allowed to enter the facility on their behalf, updating that list as people are hired and as they leave the company. The hosting company is expected to only allow authorized persons into the facility. The options available to the hosting company are either keep a list of authorized persons and manually check each incoming person’s identification or utilise biometrics and let the system sort people out.
  • Other Entry Access The size of the organisation and the volume of people entering accessing the facilities will impact the decision processes for selecting a suitable security solution. Many organisations fail to plan and implement a highly secure access control for side entrances where security guards are not utilised. Side entrances and parking lots are a different matter entirely. Most side entrances and parking-lot elevators have no human supervision, so anyone who happens to know the door code from watching someone else punching it in (or has a proximity card picked up from the parking lot) would be able to gain access to the facility.

Researchers at Biometric Research Laboratory (BRL) within Namibia Biometric Systems (NBS) will continue to further highlight the most common use scenarios and some possible pitfall scenarios for biometrics in the next few articles.

More information on the implementation of biometrics based solutions can be requested from info@namibiabiometricsystems.com.