The Challenge of Biometrics Laurence Edge Proposition Over-optimism Over-optimism re reaccuracy accuracy Enthusiasm Enthusiasm to todeploy deploy Immature Immature legal legalframework framework Threats Threatsto to Privacy? Privacy? Agenda Biometrics – some definitions Technical background What are the issues? Solutions?
Download ReportTranscript The Challenge of Biometrics Laurence Edge Proposition Over-optimism Over-optimism re reaccuracy accuracy Enthusiasm Enthusiasm to todeploy deploy Immature Immature legal legalframework framework Threats Threatsto to Privacy? Privacy? Agenda Biometrics – some definitions Technical background What are the issues? Solutions?
The Challenge of Biometrics Laurence Edge Proposition Over-optimism Over-optimism re reaccuracy accuracy Enthusiasm Enthusiasm to todeploy deploy Immature Immature legal legalframework framework Threats Threatsto to Privacy? Privacy? Agenda Biometrics – some definitions Technical background What are the issues? Solutions? Definition - 1 “a general term for technologies that permit matches between a ‘live’ digital image of a part of the body and a previously recorded image of the same part usually indexed to personal or financial information” (Alterman - 2003) Definition - 2 “measuring relevant attributes of living individuals or populations to identify active properties or unique characteristics” (Mordini - 2004) Definition – 3 (mine!) unique physical characteristic capable of being matched automatically possible to match at acceptably low rates of error possible to perform automatic one-to-many identification matching, with a high accuracy (near 100%) against a reference database consisting of tens or hundreds of millions of records; accepted in a court of law as a legal proof of identity Authentication Identification – selection of one from many e.g. fingerprints from a crime scene Verification – “I am who I claim to be” e.g. passports or ID cards The Technologies - Types Fingerprints Hand/Finger geometry Voice print Signatures Facial Recognition Vein Patterns Iris Recognition Retina Scans DNA Others The Technologies - Concepts Generic method Accuracy General concerns Generic Method - Enrolment Measure Generate template Record Generic Method - Operation Biometrics at the Frontiers: Assessing the Impact on Society (2005) Accuracy? Biometric Product Testing: Final report, Issue 1.0 (2001): CESG/BWG Performance Improvements - Facial Recognition Phillips et al. “FRVT 2006 and ICE 2006 Large-Scale Results”. (2007) 7 Pillars of (biometric) Wisdom • • • • • • • Universality Uniqueness Permanence Collectability Performance Acceptability Circumvention EC report: Biometrics at the Frontiers: Assessing the Impact on Society (2005) 7 Pillars of (biometric) Wisdom The Technologies - Challenges Spoofing / Mimicry / Residual Images Usability Accessibility Hygiene Safety Secondary use Public Perception DNA Physical sample required Slow to process Lowest FAR & FRR FTE & FTA of 0% DNA – Uniqueness? DNA – Acceptability? 97% were happy to include a photograph 79% fingerprints 62% eye recognition (no distinction was made between iris and retina scans) 41% approved of the inclusion of DNA details Hiltz, Han, Briller. “Public Attitudes towards a National Identity "Smart Card:" Privacy and Security Concerns” (2003) DNA – Foolproof? Scene of crime samples in particular may be contaminated, degraded, and misinterpreted (especially if mixed). Human errors (e.g. sample mix-ups) will occur. Need for corroborating evidence. Expanding databases could lead to an overreliance on ‘cold hits’. Increased potential for ‘framing’ of suspects? “The forensic use of Bioinformation: ethical issues” Nuffield Council on Bioethics (2007) Privacy Assessment - 1 Overt 1. Are users aware of the system's operation? Covert Optional 2. Is the system optional or mandatory? Mandatory Verification 3. Is the system used for identification or verification? Identification Fixed Period 4. Is the system deployed for a fixed period of time? Indefinite Private Sector 5. Is the deployment public or private sector? Public Sector Privacy Assessment - 2 Individual, Customer Enrollee Personal Storage 6. In what capacity is the user interacting with the system? 7. Who owns the biometric information? 8. Where is the biometric data stored? Employee, Citizen Institution Database Storage Behavioral 9. What type of biometric technology is being deployed? Physiological Templates 10. Does the system utilize biometric templates, biometric images, or both? Images International Biometric Group – www.bioprivacy.org Risk Assessment - DNA Positive Privacy Aspects Negative Privacy Aspects Bioprivacy Technology Risk Rating Currently Unchanging Identification: H Covert: H Physiological: H Image: H Databases: H Risk Rating: H slow and complex to process Analysis device non portable over subject’s whole lifetime Use in forensic applications Strong identification capabilities Not unique for identical twins Samples can be collected without consent/knowledge Possible to extract additional genetic information Legal Background Enabling Legislation Constraints Uses and Abuses Challenges Enabling Legislation NDNAD's – 3.8 million samples by Jan 2007 (6%) Canada Australia NZ USA UK Prum: “Member States shall open and keep national DNA analysis files for the investigation of criminal offences” Constraints Privacy Human Rights US Constitution Common Law Privacy Acts Data Protection Law Challenges UK – via HRA 1998 Articles 8 and/or 14 R v Marper – now at ECHR US – via 4th Amendment US v Kincade Johson v Quander Canada – via s.8 of CCRF R v Rodgers Uses and Abuses Collection and Retention Forensic DNAD's Other DNAD's Data Sharing Privacy Challenges Evidence Scope Creep Ethics - What is identity? Conclusion ID fraud becomes worse if there is a single strong identifier Biometrics do not offer non-repudiation Biometrics should be confined to smart cards or encrypted if on databases Biometrics are useless once compromised Questions [email protected]