Why Biometrics in Military

The Military is a core unit of most governments authorised to use deadly force and weapons, to support the interests of the country and its citizens. The task of the Military is to defend the State, its citizens and the prosecution of war against another State. In addition, the Military may have additional functions within a society such as the promotion of a political agenda, protecting corporate economic interests, internal population control, construction, emergency services, social ceremonies, guarding important areas, etc. The Military further employees thousands and thousands of tax paying citizens. The role of the Military can be seen as the security spine of many nations. Therefore, it is critical that the security system for the Military is as solid as it can be.

In a unfortunate case that the Military goes to war in response to protecting its citizens from external attacks, sending troops with traditional methods of soldier identification is likely to result in the following limitations:

Soldier Identification – It is likely that some soldiers may get life changing injuries and some may even lose their lives. The Military has commitment toward positive identification and proper burial of the dead. The Military may have sent thousands of troops from different units in addition to allied troops who might not even know each other. The allied troops will require a common way of identification for injured or soldieries who lose their lives in order to avoid intrusion from the enemy. The enemy soldiers are likely to wear the allied troops’ uniform should they try to infiltrate the allied forces. It is clear that traditional methods of Military identification using uniform or dog tags to identify soldiers can easily be breached as dog tags can be lost, stolen or both uniform and dog tags can be switched. Biometric circumvents the limitations mentioned above. Injured soldieries can conveniently and efficiently be identified.

Soldier Counting and Resource Management – It is likely that some of the soldiers may risk been left behind in the war zone if the Military is using traditional means of identification and counting. Biometrics solutions can provide enhanced methods of registering and counting soldiers. For example, soldiers who have lost their lives can quickly be registered by their colleagues by simply clicking their fingerprint on the biometric reader, similarly for injured soldiers and thus the Military can manage their resources efficiently. This is a powerful tool is winning any war.

More information on the implementation of biometrics based solutions can be requested from info@namibiabiometricsystems.com.

Why Biometrics in Healthcare

National healthcare systems in the 21st century generally face the following challenges: an aging population; increase in long-term illness; better survival rates due to improved health technologies; shortage of skilled health care workers; health inequality; and increased expectations in the healthcare system to deliver a world class service to its citizens. This has resulted in a need for a healthcare system which efficiently utilizes the interaction between hospital patients and care providers to achieve maximum impact on health outcomes. In addition, the healthcare system must effectively utilize the scarce financial and human resources. This has paved a way for biometrics in hospitals. Some of the benefits of biometric based solutions are as follows:

Patient Focused Care: Generally patients have limited access to their health information as this information is stored in many different locations across the health care system. This health information could be stored in paper based form or a combination of electronic and paper based forms. The main problem of such a system is that it relies on the patient’s knowledge of their health information. This has the risk of diagnosis or treatment errors due to incomplete or inaccurate information being provided at the point of care. It is important to realise the burden put on both patients (in some cases patients might be mentally ill) and the healthcare providers. It is a big task to expect senior citizens to remember all their healthcare history. A patient’s medical record stored in a biometric based system will ensure the right patient health information is electronically available to authorised care provider at the right time to enable informed care and treatment decisions.

Efficiency: Generally patients end up repeating the same information to multiple care providers which could result in patients receiving duplicate treatment. Biometrics based solutions ensures that patients rely on the health system to effectively coordinate their healthcare information. In addition, biometric solutions results in better patient information, better diagnosis which minimize medicine wastage (saving the healthcare money) and provide healthcare management with vital statistical data for better management. Healthcare providers will be able to make more informed decisions as a result of better access to accurate and complete consumer health information. Biometric based healthcare systems provide healthcare providers better access to improved evidence base for treatment decisions.

However, implementing biometric based solution has its own challenges and requires consultations as the costs of getting such a project wrong can be significant.

More information on the implementation of biometrics based solutions can be requested from info.@namibiabiometricsystems.com.

Ethics Issues with Biometrics

The use of biometric information to identify or authenticate individuals gives rise to ethical concerns around the improper use of the identification and authentication processes because the biometric data is considered personal data. It is important for the public to be aware of some of the ethical concerns with regards to biometrics:

Tracking you down – Although biometrics measurements are used to identify individuals as agreed by the end user, it can also be used to track their movements and activities in ways completely unrelated to the task for which the identifying information was originally collected. When using biometric data, there is no way to decouple the identifying information from the person. That is, every place where the biometric information is captured can be linked with every other time and place that biometric information has been presented, forming a complete picture of the individual’s activities, tastes, financial position, associates, affiliations, and whereabouts. Although this may be desirable when talking about criminal activity, it’s an extreme violation of personal privacy for normal citizens going about their noncriminal lives. It is important to realise that many of the biometric measurements can be captured without the individual’s knowledge or consent.

Some biometric measures — such as gait, iris, facial imaging and voiceprint — cannot easily be concealed in public places, and might allow entities in possession of this kind of biometric information to know far more about the subject than would be possible otherwise. Indeed,

focuses on the Invasion of Privacy as one of the essential biometric scenarios to plan for. The use of biometrics has numerous benefits as highlighted in previous articles. However, the use of biometrics also risks biometrics data and results in data creep, in which biometric information given voluntarily to one recipient for one purpose may be transferred, without permission, to another recipient, linked with other data and applied to a new purpose. The risk of invasion of privacy has increased as the number of organisations implementing biometric based solution has increased significantly and most of these organisations never plan for this vital biometric scenario.

The events of September 11th have spurred an increased activity of private and public interest in security and especially, biometrics. The rapid implementations of biometric technology by some organisations with limited knowledge on the subject may result in sacrificing privacy rights in the name of security. In fact, it is so common for most organisations to tell employees who have concerns with regards to biometrics privacy that the implementation of biometrics is for their benefits and fail to address the privacy concerns. It is normal for people to feel that collecting and storing biometric information about them is a personal violation of their privacy. It is important to get to the practical root of the problem by asking exactly what bothers them about the chosen biometrics. The idea is to fully understand their concerns and try to address them. For example, What if the stored biometric data could be used to create a false version of the same biometric data (such as fingerprints) and the imposter now has accesses to all resources. Biometrics security is secure and therefore it is difficult to detect when biometric has been compromised.

Therefore it is essential that any organisation planning to embark on biometric based projects plan for at least the following biometric scenarios:

  • High security hosting which focuses on a high volume of people requiring access to a highly secure facility and access is granted if you are on a master list of authorized individuals.
  • Other Entry Access which focuses securing all the entry accesses to the facility including side entrances.
  • Port of entry which focuses a high volume of people requiring access to a highly secure facility without the advantages of a master list for authorised individuals.
  • And biometrics limitation scenarios which focuses on situations where the chosen biometrics technology may not be suitable.
  • Malicious software, malware, which focuses on malware on the biometric system. The impact of malware on a biometric server can be devastating depending on the actions performed by the malware.

Researchers at Biometric Research Laboratory (BRL) within Namibia Biometric Systems (NBS) will continue to further highlight the most common use scenarios and some possible pitfall scenarios for biometrics in the next few articles.

More information on the implementation of biometrics based solutions can be requested from info@namibiabiometricsystems.com

Biometric System Threats and Vulnerability

A biometric system can generally be thought of just like another information system with a few exceptions. Like any information system, biometric systems contain sensitive information that must be protected from authorized disclosure, modification or corruption.

However, unlike most other information systems, a biometric system is used to protect other systems and assets. Therefore the value of the biometric system is equal to the value of all the assets that it protects. In particular, the value of a security failure associated with the biometric system is defined as the sum of all the value associated with systems it protects. It is obvious that the level of attention to the security of a biometric system should be quite high.

It is important to understand the vulnerabilities present in biometric systems and the threats that endanger them, the typical attacks on biometric systems, steps to be taken to strengthen the security of a biometric system and the assets in the organization that such strengthening helps to protect.

Like any other technology used to protect valuable business assets, biometrics security can be relentlessly attacked until its weaknesses can be found and exploited. The biometric systems may also contain valuable information that becomes the target of attackers. Thus, it is important to understand the threats to biometric systems and the vulnerabilities those threats target before we can hope to adequately protect our assets.

It is a must that we understand the meaning of the terms threat, vulnerability and risk. Vulnerability is a weakness in a system that may permit an attacker to compromise it. Threat is a potential activity that would, if it occurred, harm a system. Risk is the potential negative impact if a harmful event were to occur. It is vital to realise that not all vulnerabilities are of the type that can be attacked or exploited by someone of malicious intent. Vulnerabilities could lead to human error, whether of omission or commission, that could result in harm to a system. For example, a computer program whose users interface is so obscure that it leads to users who select the wrong options or perform the wrong tasks, resulting in errors and mistakes. An attacker may not have intent or means to attack this kind of vulnerability, the vulnerability still exists and can still result in trouble. The interface to a biometric system may have vulnerabilities.

More information on the implementation of biometrics based solutions can be requested from info@namibiabiometricsystems.com