Biometrics how to put to use and how not at all?

Similar documents
Biometrics how to put to use and how not at all?

Biometrics How to Put to Use and How Not at All?

Biometrics in Border Management Grand Challenges for Security, Identity and Privacy

Second wave of biometric ID-documents in Europe: The Residence Permit for non-eu/eea nationals

1/10/12. Introduction. Who are you?? Person Identification. Identification Problems. How are people identified?

4/2/14. Who are you?? Introduction. Person Identification. How are people identified? People are identified by three basic means:

Research Article. ISSN (Print)

Opinion 3/2012 on developments in biometric technologies

Why Biometrics? Why Biometrics? Biometric Technologies: Security and Privacy 2/25/2014. Dr. Rigoberto Chinchilla School of Technology

LEGISLATION. The "BIOMETRIC AND SOCIAL SECURITY NUMBER RELIGIOUS EXEMPTION ACT"

COUNCIL OF THE EUROPEAN UNION. Brussels, 11 November /04 LIMITE VISA 203 COMIX 684 NOTE

Machine Readable Travel Documents: Biometrics Deployment. Barry J. Kefauver

(Approved December 30, 2010) AN ACT

TECHNICAL ADVISORY GROUP ON MACHINE READABLE TRAVEL DOCUMENTS (TAG-MRTD)

Smart Voting System using UIDAI

EDPS Opinion 7/2018. on the Proposal for a Regulation strengthening the security of identity cards of Union citizens and other documents

MINISTRY OF INTERIOR AND COORDINATION OF NATIONAL GOVERNMENT Department of Immigration Services. East African Community e-passport: Kenyan Journey

CPSC 467b: Cryptography and Computer Security

Implementation of aadhar based voting machine using

Biometric Authentication

This tutorial also provides a glimpse of various security issues related to biometric systems, and the comparison of various biometric systems.

PRIVACY IMPLICATIONS OF BIOMETRIC DATA. Kevin Nevias CISSP, CEH, CHFI, CISA, CISM, CRISC, CGEIT, CCNA, G /20/16

Voting Corruption, or is it? A White Paper by:

fraud prevention done right

EVIDENCE OF IDENTIFICATION

Hong Kong General Chamber of Commerce Roundtable Luncheon 13 April 2016 Collection and Use of Biometric Data

REPORT VOLUME 6 MAY/JUNE 2017

Running head: GAP ANALYSIS OF THE DEPARTMENT OF HOMELAND 1

BIOMETRIC RESIDENCE PERMITS General Information for Applicants, Employers and Sponsors

Biometrics & Accessibility

INTERPOL s face programme for a safer world. Mark Branchflower Monday 17th March 2014

Act on Identity Cards and Electronic Identification (Personalausweisgesetz, PAuswG)

Changes in Schengen visa application process

SUB-REGIONAL WORKSHOP ON BEST PRACTICES IN TRAVEL DOCUMENT SECURITY. Welcoming Remarks and Objectives

Case Study. MegaMatcher Accelerator

LATEST IN BIOMETRIC TECHNOLOGY IN THE SERVICE OF TRAVEL SECURITY. Presented By: Cristian Morosan - University of Houston

COMMISSION OF THE EUROPEAN COMMUNITIES. Proposal for a COUNCIL REGULATION. on standards for security features and biometrics in EU citizens' passports

An Open Letter to the ICAO

FastPass and EasyPASS ABC from science to solution

Confronting Biometric Detractors

[To be published in THE GAZETTE OF INDIA, EXTRAORDINARY, Part II, Section 3, Sub-section (i) of dated the , 2011]

Ad-Hoc Query on identity documents issued by EU Member States. Requested by EE EMN NCP on 2 nd June Compilation produced on 9 th August 2010

Topics. Current Challenges at the Land Border. Western Hemisphere Travel Initiative (WHTI) Identity and Security at the Border

SMART VOTING. Bhuvanapriya.R#1, Rozil banu.s#2, Sivapriya.P#3 Kalaiselvi.V.K.G# /17/$31.00 c 2017 IEEE ABSTRACT:

e-passports: Uses, Limitations, and Impact on Simplifying Passenger Travel Initiatives

Identity Management Transcending Markets in Today's Society. October 11th, 2005 Patrick McQuown Adjunct Professor - Georgetown University

Identity management in Belgium

Biometrics: primed for business use

APPLICATION REVIEW A SILICON TRUST PUBLICATION. May Utilising the synergies between passports and eid cards

Overview Purpose of the EU-VIS

Biometrics from a legal perspective dr. Ronald Leenes

SUMMARY INTRODUCTION. xiii

STRATEGIES AND USEFULNESS OF ID-e (DNI-e) Benito Fernández Fernández, Head secretary at CNP Identification Department.

ICAO MRTD & emrtd Specifications: High Level Overview

Biometrics Overview. Introduction. Biometrics is a general term used alternatively to describe a characteristic or a process. As a characteristic:

Moving to the Second Generation of Electronic Passports

CRS Report for Congress

BIOMETRICS - WHY NOW?

Mauritania integrated epassport Project. JW ter Hennepe Sales Manager Morpho. October 10, 2012 Montreal

ICAO: THE TECHNICAL ADVISORY GROUP FOR MACHINE READABLE TRAVEL DOCUMENTS

5/6/2009. E toll Database. Census Database. Database. Database. Consumer Balance and Bill Subscriptions. Mobile Connections.

TECHNICAL ADVISORY GROUP ON MACHINE READABLE TRAVEL DOCUMENTS (TAG-MRTD)

E- Voting System [2016]

IMPRESS The Identity Management Press

Ad-Hoc Query on Implementation of Council Regulation 380/2008. Requested by FI EMN NCP on 10 th September 2009

6. Presentation of Pakistan. Economic Cooperation Organization - ECO. Syed Mushabir Hussain, 15th April, Registration initiatives

1/12/12. Introduction-cont Pattern classification. Behavioral vs Physical Traits. Announcements

An overview of the European approach to the cross-jurisdictional and societal aspects of biometrics

Users Guide to the Automated Gates (For Foreign Nationals)

The Philippine Department of Foreign Affairs began the issuance of the Philippine epassport (electronic passport) on 11 Aug 2009.

UTAH IDENTITY THEFT RANKING BY STATE: Rank 31, 57.8 Complaints Per 100,000 Population, 1529 Complaints (2007) Updated December 30, 2008

Introduction-cont Pattern classification

Semlex, one print ahead

SECURITY, ACCURACY, AND RELIABILITY OF TARRANT COUNTY S VOTING SYSTEM

Now, in the interest of full disclosure, I must begin my remarks with the following important announcements. These include:

The Manitoba Identification Card. Secure proof of age, identity and Manitoba residency

Ad-hoc query on fingerprint biometry and facial image in identity documents. Requested by EE EMN NCP on 19 th February 2014

CHAPTER 2 LITERATURE REVIEW

Ontario Enhanced Driver s Licence Applicant s Guide

The Manitoba Identification Card. Secure proof of age, identity and Manitoba residency

THE GENERAL ASSEMBLY OF PENNSYLVANIA HOUSE BILL

Estonian eid Infrastructure ITAPA 2009 International Congress November 3, 2009 Bratislava

Novel E-Voting System with Biometric Authentication and Distributed Server System

MRTD & Biometric Seminar. 7-8July 2010 Montevideo, Uruguay

TRAVEL DOCUMENTS ACT, official consolidated version, (ZPLD-1-UPB3)

International Journal of Research and Review E-ISSN: ; P-ISSN:

Enhanced Drivers' License Eases Border Crossing for Washington State Residents

edriver s Licenses The Convergence of Identity in Society and the future role of the Driver s License.

BEST PRACTICES WORKSHOP ON TRAVEL DOCUMENT SECURITY ORGANIZED BY THE OAS/CICTE AND ICAO SAN SALVADOR, EL SALVADOR JUNE 9-11, 2008

MoneyPad, The Future Wallet

Enhanced Driver s Licence (EDL) and Enhanced Identification Card (EIC) Program

Background and Status of the Tanzania National ID System

Consumer Attitudes About Biometric Authentication

Case studies. Swedish Police Board, Swedish Migration Board and Swedish Road Authority

Ad-Hoc Query on Residence Permit Cards. Requested by FI EMN NCP on 4 th May Compilation produced on 27 th September 2012

Polycarbonate datapage from Trüb Switzerland

Checklist for Conforming Laws Related to Remote Online Notarization ( RON )

BILL, Explanatory. (These notes form no part of the Bill but are intended only to indicate its general purport)

While adapting to your new home you will have to fulfil several obligations, depending on your nationality, purpose and period of stay.

SECURE REMOTE VOTER REGISTRATION

Transcription:

1 Biometrics how to put to use and how not at all? How to handle security problems of biometrics and how to handle security and privacy problems caused by biometrics? Andreas Pfitzmann TU Dresden, Fakultät Informatik, D-01062 Dresden Hans-Grundig-Str. 25, Room 120 Phone: +49 351 463-38277, e-mail: pfitza@inf.tu-dresden.de, http://dud.inf.tu-dresden.de/

Structure of Talk 2 1. What is biometrics? 2. Biometrics for what purpose? Authentication vs. Identification 3. Security problems of biometrics FMR vs. FNR 4. Security problems caused by biometrics Devaluation of classic forensic techniques Safety problem: Stealing a finger to steal a car Wanted multiple identities could be uncovered 5. Privacy problems caused by biometrics Sensitive personal data, e.g. by retina scan or fingerprint Processing of personal data without the data subject getting to know of it, e.g. face recognition 6. How to put to use and how not at all? Only between the data subject and his/her devices! 7. Outlook

1. What is Biometrics? 3 Measuring physiological or behavioral characteristics, e.g.: (Shape of) Face Facial thermograms Fingerprint Hand geometry Retinal patterns... Handwritten signature Voice print...

2. Biometrics for what Purpose? 4 Physiological or behavioral characteristics are measured and compared with reference values to Authenticate (Is this the person (s)he claims to be?) or even to Identify (Who is this person?).

3. Security Problems of Biometrics 5 Figure taken from: Anil Jain, Lin Hong, Sharath Pankanti: Biometric Identification; Communications of the ACM 43/2 (2000) 91-98 Low FMR causes high FNR and vice versa!

4. Security Problems caused by Biometrics (1) 6 Devaluation of classic forensic techniques Databases of fingerprints or common issuing of one s fingerprint essentially ease the fabrication of finger replicas and thus leaving someone else s fingerprints at the site of crime. If biometrics employing fingerprints is used to secure huge values, an industry fabricating replicas of fingers will arise. As infrastructures, e.g. for border control, cannot be upgraded as fast as single machines to fabricate replicas of fingers, a loss of security is to be expected overall. Stealing body parts (Safety problem of biometrics) Example: Cut off a finger, to steal an S-class Mercedes. Even a temporary (or only an assumed) improvement of security by biometrics is not necessarily an advance, but endangers physical integrity of humans. If checking that the body part measured biometrically is still alive really works, kidnapping and blackmailing will replace the stealing of body parts.

4. Security Problems caused by Biometrics (2) 7 Wanted multiple identities could be uncovered as well: Agents of secret services each country will set up person-related biometric databases of all foreign citizens. Undercover agents and persons in witness-protection programs in particular organized crime will set up person-related biometric databases.

5. Privacy Problems caused by Biometrics 8 Sensitive personal data, e.g. retina scan reveals information on consumption of alcohol, fingerprint might reveal data on homosexuality. Processing of personal data without the data subject getting to know of it, e.g. face recognition Employing several kinds of biometrics in parallel to cope with the insecurity of each single kind, multiplies the privacy problem (cf. mosaic theory of data protection). Data protection by erasing personal data does not work on the Internet, since it is necessary to erase all copies. Therefore even the possibility to gather personal data has to be avoided.

6. How to put to Use and how not at all? (1) 9 Between data subject and his/her devices Authentication by possession and/or knowledge and biometrics No devaluation of classic forensic techniques No privacy problems caused by biometrics But: Safety problem remains unchanged Provide possibility to switch off biometrics after successful biometric authentication. Active biometrics (i.e. person does something explicitly) in passports and/or towards foreign devices can be avoided and should be! Passive biometrics by foreign devices cannot be prevented regrettably.

6. How to put to Use and how not at all? (2) 10 Visas including biometrics do much less endanger privacy than passports including biometrics. Foreign countries will try to build up person-related biometric databases of visitors we should not ease it for them nor should we make it cheaper for them by making our passports machine readable. Organized crime will try to build up person-related biometric databases we should not ease it for them by establishing it as common practice to deliver biometric data to foreign machines, nor should we help them by making our passports machine readable without keeping the passport holder in control (cf. insecurity of RFIDchips against unauthorized reading). Since biometric identification is all but perfect, different measurements and thereby different values of biometric characteristics are less suited to become a universal personal identifier than a digital reference value constant for 10 years in your passport. Of course this only holds if these different values of biometric characteristics are not always accompanied by a constant universal personal identifier like the number of your passport.

7. Outlook 11 Balancing surveillance and privacy should not only happen concerning single applications, but across applications. Genome databases will possibly undermine the security of biometrics measuring inherited physiological characteristics. Genome databases and ubiquitous computing (= pervasive computing = computers in all physical things connected to a network) will undermine privacy primarily in the physical world. Privacy spaces in the digital world are possible (and probably needed, cf. story of my Christian youth group) and should be established instead of trying to gather and store traffic data for a longer period of time at high costs and for (very) limited use (in the sense of balancing across applications).

Another Hot Topic w.r.t. ID-documents: RFIDs 12 RFIDs integrated into passports (starting autumn 2005 in Germany) and identity cards (starting 2007) support not only the creation of movement profiles, but also building IDdocument specific bombs detonating exactly when (the holder of) the ID-document is in close proximity. The improvement of the German BSI et al. w.r.t. the security of RFIDs in ID-documents (basic access control) does not change this: Whoever did have access to the paper part of the ID-document (issuing country, immigration offices at immigration or emigration; sellers of pre-paid mobile phones requiring a photocopy of the buyer s ID-document) or colludes with someone who did, can read the RFID whenever it is in close proximity.

13 Security Improvement of RFIDs by BSI et al. is Insufficient Taken from: Dr. Dennis Kügler: Risiko Reisepass? Schutz der biometrischen Daten im RF-Chip; ct 5/2005, page 88

Does PKI for RFID-readers help? 14 Reader identifies itself against the RFID-chip (e.g. signs a challenge and sends PKI-certificate of its public key) before the RFID-chip sends any chip-specific information. If PKI is only used for access control to some of the data fields, there is only a small gain w.r.t. creation of movement profiles and no gain w.r.t. building ID-document specific bombs (extended access control). If PKI is used for each access and no cloning of readers possible and no failed state participating (which for reasons of global validity of ID-documents means: no failed state on earth), then the RFID access problem is solved. Very advisable: Output by the ID-document or (in a way which can not be manipulated!) by the reader, whether the holder of the ID-document shall cooperate to give his/her biometric data to the reader.

Resulting political agenda 15 Biometrics should not be pushed, but only introduced with great care. Gathering and storing biometric information outside devices operated by the human him/herself poses a high security and privacy risk and should be avoided whenever possible. Before incorporating digitized biometric data into passports and identity cards, a thorough cost/benefit analysis has to be conducted and discussed in the public. Maybe the plans to incorporate biometrics have to be revised. Even with the security enhancements (basic/extended access control) developed by the German BSI et al. implemented RFIDs in ID-documents endanger body and life of their holders. RFIDs in ID-documents either have to be completely avoided or they have to be protected against unauthorized access by physical shielding.

2024 © lawsdocbox.com Privacy Policy | Terms of Service | Feedback