The Open Biometrics Initiative and World Card

Similar documents
CPSC 467b: Cryptography and Computer Security

Introduction-cont Pattern classification

Why Biometrics? Why Biometrics? Biometric Technologies: Security and Privacy 2/25/2014. Dr. Rigoberto Chinchilla School of Technology

Research Article. ISSN (Print)

1/12/12. Introduction-cont Pattern classification. Behavioral vs Physical Traits. Announcements

1/10/12. Introduction. Who are you?? Person Identification. Identification Problems. How are people identified?

This tutorial also provides a glimpse of various security issues related to biometric systems, and the comparison of various biometric systems.

Hong Kong General Chamber of Commerce Roundtable Luncheon 13 April 2016 Collection and Use of Biometric Data

4/2/14. Who are you?? Introduction. Person Identification. How are people identified? People are identified by three basic means:

Biometric Authentication

Opinion 3/2012 on developments in biometric technologies

SUMMARY INTRODUCTION. xiii

International Biometrics & Identification Association

Biometrics & Accessibility

Biometrics: primed for business use

Running head: GAP ANALYSIS OF THE DEPARTMENT OF HOMELAND 1

Biometrics Technology for Human Recognition

Biometrics from a legal perspective dr. Ronald Leenes

Biometrics Glossary. Introduction. Glossary Terms

Computer Security Seminar Biometrics. Aviv Abramovich Spring 2015 University of Haifa

LEGISLATION. The "BIOMETRIC AND SOCIAL SECURITY NUMBER RELIGIOUS EXEMPTION ACT"

Machine Readable Travel Documents: Biometrics Deployment. Barry J. Kefauver

The Application of Biometrics in Critical Infrastructures Operations: Guidance for Security Managers

Position Paper IDENT Implementation for U.S. VISIT

1. Delete the words and registration. 3. Delete the word person and substitute therefor the word individual.

EDPS Opinion 7/2018. on the Proposal for a Regulation strengthening the security of identity cards of Union citizens and other documents

AADHAR BASED ELECTRONIC VOTING SYSTEM USING BIOMETRIC AUTHENTICATION AND IOT

Biometric Technology for DLID

German Federal Ministry of the Interior 20 August / 6

Prepared by Space and Naval Warfare Systems Center Atlantic

LATEST IN BIOMETRIC TECHNOLOGY IN THE SERVICE OF TRAVEL SECURITY. Presented By: Cristian Morosan - University of Houston

PRIVACY IMPLICATIONS OF BIOMETRIC DATA. Kevin Nevias CISSP, CEH, CHFI, CISA, CISM, CRISC, CGEIT, CCNA, G /20/16

Biometrics in Border Management Grand Challenges for Security, Identity and Privacy

An overview of the European approach to the cross-jurisdictional and societal aspects of biometrics

International Journal of Research and Review E-ISSN: ; P-ISSN:

Identity Verification in Passport Issuance

Ad-Hoc Query on Implementation of Council Regulation 380/2008. Requested by FI EMN NCP on 10 th September 2009

Biometrics Overview. Introduction. Biometrics is a general term used alternatively to describe a characteristic or a process. As a characteristic:

SECURE REMOTE VOTER REGISTRATION

CRS Report for Congress

The Angola National ID Card

Emergence of multimodal biometrics at the Border Biometrics Institute Asia-Pacific Conference

Background and Status of the Tanzania National ID System

Acceptance of Biometrics: Things That Matter That We Are Ignoring

Case Study. MegaMatcher Accelerator

Policy Framework for the Regional Biometric Data Exchange Solution

e-passports: Uses, Limitations, and Impact on Simplifying Passenger Travel Initiatives

Singapore's Automated Clearance using Biometrics

Biometric Authentication: How Do I Know Who You Are?

5/6/2009. E toll Database. Census Database. Database. Database. Consumer Balance and Bill Subscriptions. Mobile Connections.

Recommended Practice 1701 l

EVIDENCE OF IDENTIFICATION

Smarter European borders through an increased use of biometric recognition

ICAO: THE TECHNICAL ADVISORY GROUP FOR MACHINE READABLE TRAVEL DOCUMENTS

Emerging Biometric Data Risks

Here s our nickel tour of biometrics well, okay, that d be a dollar or

fraud prevention done right

BIOMETRICS 101. Facial Recognition in Oregon

Secured Electronic Voting Protocol Using Biometric Authentication

STATE OF ILLINOIS ILLINOIS STATE POLICE ADAM WALSH CHILD PROTECTION ACT USER AGREEMENT BETWEEN THE ILLINOIS STATE POLICE AND

Smart Voting System using UIDAI

Ad-Hoc Query on National Fingerprint Database for Asylum Seekers. Requested by SI EMN NCP on 16 th March Compilation produced on 10 th May 2010

An Introduction to Biometrics. Julian Ashbourn

Compendium of Good Practices in Identity Management

Government of Pakistan NADRA Headquarters, Islamabad

Identity Cards Bill EXPLANATORY NOTES. Explanatory notes to the Bill, prepared by the Home Office, are published separately as Bill 9 EN.

Biometrics how to put to use and how not at all?

MoneyPad, The Future Wallet

BIOMETRICS - WHY NOW?

The problems with a paper based voting

The Modern TENPRINT Examiner

The Upcoming International Biometric Vocabulary Standard

INTRODUCTION BACKGROUND. Chapter One

THE GENERAL ASSEMBLY OF PENNSYLVANIA HOUSE BILL

Assess the awareness level of people on Aadhaar Card as public wellbeing

An Open Letter to the ICAO

Secure Electronic Voting

DESIGN AND ANALYSIS OF SECURED ELECTRONIC VOTING PROTOCOL

News Release May 11, 2010

HOW CAN BORDER MANAGEMENT SOLUTIONS BETTER MEET CITIZENS EXPECTATIONS?

Biometrics how to put to use and how not at all?

PRESENTATION TITLE. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

What is US-VISIT? United States Visitor and Immigrant Status Indicator Technology (US-VISIT) Biometric Services

The High Contracting Parties to the present Treaty, Member States of the European Union,

SMART VOTING. Bhuvanapriya.R#1, Rozil banu.s#2, Sivapriya.P#3 Kalaiselvi.V.K.G# /17/$31.00 c 2017 IEEE ABSTRACT:

6. Presentation of Pakistan. Economic Cooperation Organization - ECO. Syed Mushabir Hussain, 15th April, Registration initiatives

BIOMETRIC AUTHENTICATION SYSTEMS AND SERVICE DELIVERY IN HEALTHCARE SECTOR IN KENYA

Case: 1:16-cv Document #: 1 Filed: 03/04/16 Page 1 of 16 PageID #:1 UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF ILLINOIS

Policy Framework for the Regional Biometric Data Exchange Solution

Overview Purpose of the EU-VIS

BIOMETRIC ARMY APPLICATIONS. ^^ii»äipips»iiisiii^ Identifying and Addressing Sociocultural Concerns

E- Voting System [2016]

CASE STUDY 2 Portuguese Immigration & Border Service

Biometric Recognition: A New Paradigm for Security

Florida Supreme Court Standards for Electronic Access to the Courts

Achieving Interoperability

27 Sept Director of KISA K-NBTCK Dr. Jason Kim

The Biometric Devil's in the Details

Implementation of aadhar based voting machine using

Biometrics: New Laws and Potential Litigation Implications

Transcription:

The Open Biometrics Initiative and World Card Notes on RealTechSupport for Biometrics Marc Böhlen, MediaRobotics Lab, University at Buffalo Out-collect the data collectors WhatTheHack2005, The Netherlands

From the 4 th IEEE Workshop on Automatic Identification Advanced Technologies, 10/2005 in Buffalo New York: We are evolving towards an age of convergence in identification technologies where everything that can compute has an IP address, every thing static has an RFID and every individual has a biometric identifier. AUTOID 2005 will bring together researchers, practitioners, and users from these converging fields to describe the state of the art and identify urgent open problems. Fig. 1: Poster for the Biometrics Consortium Conference, 2004 Fig. 2: Time Magazine

BACKGROUND INFORMATION Typical Biometrics: Facial Features Voice Fingerprint Iris Retina Hand Geometry Signature Dynamics Keystroke Dynamics Lip Movement Thermal Face Image Desired in all cases: Thermal Hand Image uniqueness, acceptance, reliability, low intrusion+cost Gait Body Odor DNA Ear Shape Finger Geometry Palm Print Vein Pattern Foot Print

Data Collection Data Storage Data Processing Decision Making Biometric (finger, eye..) Sensor Templates IMAGES of full samples Pattern Matching Feature Extraction Match Criteria (thresholds) Accept/Reject FULL SAMPLE transmission (encrypting, compression and expansion) Fig. 3: Diagram of generic biometric system

Registration: Sensor Data Extract Parameters Create Template DATABASE Authentication: Sensor Data Extract Parameters Create Template Threshold/Authenticate Match YES/NO Fig. 4: Diagram of Registration and Authentication processes

VERIFICATION VS. IDENTIFICATION Verification is a one-to-one comparison against a single stored template. Identification is a one-to-many comparison against all the enrolled templates in a database, including N imposters. Aside: o If the probability of not getting a false accept is (1 - P fa ), then the probability of making at least one false accept amongst the N imposters is 1 minus that of not getting a false accept, N times. o Probability of at least one false accept in identification: P N = 1 ( 1 - P fa ) N where P fa = probability of a false accept in one-to-one verification o If a biometric verifier achieves a 99.8% Correct Rejection Rate performance in one-to-one verification, then P fa = 0.002. When searching through a database of unrelated (imposture) templates the results are: Database size False Accept probability N = 200 P N = 32% N = 2,000 P N = 98% N = 10,000 P N = 99.999% Identification is very much more demanding than verification! Make sure is P fa sufficiently small. If you want 99% certainty that you will not be falsely matched against a database with 10 million templates, then P fa = 10 9 : 1 in a billion...

Decision landscape of biometrics, 1 Fig. 5 Decision landscape, Daugman 2000 Decidability of a Yes/No decision problem is determined by how much overlap there is between the two distributions. The problem becomes more decidable if their means are further apart, or if their variances are smaller. One measure of decidability, although not the only possible one, is d, defined as follows if the means of the two distributions are µ1 and µ2 and their two standard deviations are σ1 and σ2: d = µ1 µ2 / ((0.5 * (σ 1 2 + σ 2 2 )) ½ )

Decision landscape of biometrics, 2 FAR CAR FRR (false acceptance rate) How often the system falsely recognizes a person who should not be recognized (correct acceptance rate) How often the system correctly recognizes a person who should be recognized. (false rejection rate) How often the system fails to recognize a person who should be recognized CRR (correct rejection rate) How often the system correctly rejects a person who should not be recognized P(CAR) + P(FRR) = 1 P(FAR) + P(CRR) = 1 P(CAR) > P(FAR) P(CRR) > P(FRR) Fig. 6 The Neyman-Pearson decision strategy curve (from Daugman, 2000)

What is Open Biometrics? The term is used in different contexts: Biometrics for unstructured systems, open as in open to unstructured data collections (national ID), as opposed to closed systems, i.e. a counted group of people in a company. Standardized data formats for compatibility across many computing environments. I use the term in this way: Open/known assessment criteria, open/known classification procedures and decision thresholds. -> Open decision landscape Open access to your own biometric data. You are the keeper of your own data. You have more of your own data than any other entity (government, institution, etc). -> Open ID card

Why is there a need for Open Biometrics? Biometrics are not fool proof. o Evidence is often incomplete. In fingerprint analysis partial prints are called latent prints. o FBI erroneously matched a latent print from the March 11 Madrid terrorist bombing to Brandon Mayfield, recently converted to Islam. People define biometrics and people make mistakes, sometime involuntarily. o Digital images of insufficient quality are often photoshopped for saliency with no log of changes. o Confirmation bias (Mayfield case, 2004). Combined Biometrics offer false sense of extra security o Multiple biometrics can weaken statistical significance. When two tests are combined, one of the resulting error rates (FAR or FRR) becomes better than the stronger of the two tests, while the other error rate becomes worse even than the weaker of the two tests (Daugman 2000). Grand scale plans to introduce biometrics registration on national and international levels. o UK s national identity card scheme General belief in biometrics as a panacea against all ills (immigrants, illegal works, terrorists, etc). o 79% of the opportunistic category of participants in the UKPS Biometrics Enrolment Trial believed biometrics would help prevent illegal immigration.

Open Biometrics, Version 1, Fingerprint technology arch and whorl Pattern and minutiae based data Fig. 7 fingerprints and features

Approach: 1) Do not reduce the data to a representative (convenient) subset: - Show all data (do not threshold the results) - List the probabilities. Fig. 8 fingerprints and open listing of probabilistic minutiae

Approach: 2) Require data deletion. -Do not keep records a system does not need. -Prevent data collection creep If(Endday) { } for each m: OData[m] = EthPath + OData[m] ; remove(odata[m]); Fig. 9 data deletion

Open Biometrics, Version 2, Combined Large Scale Biometrics Fig. 10 UK Subject Identity Card If intrusive biometrics can not be avoided Fig. 11 UK Mobile Enrollment Unit UK Passport Service Biometrics Enrolment Trial 2004: Enrollment and verification for facial, iris, finger print biometric, and customer experience. The three sample groups (total 10.016). Quota sample of 2,000, matching UK population, Opportunistic sample of 7,266, no demographic factors included ( off the street ), Disabled participant sample of 750 (Atos Report May 2005)

Open Biometrics, Version 2, Combined Large Scale Biometrics From: NISTIR 6529-A, National Institute of Standards and Technology, Technology Administration, US Department of Commerce, April 2004

Need for checks and balances in large-scale biometrics: WORLD CARD CARDS Every country receives the technology to create WORLD CARDS and makes them available for a modest fee to their citizenry DATA Individuals hold the most complete set of (biometric) data of themselves in universally accepted formats. Data must be high quality, raw, without digital modifications. DECISION METRICS Decision metrics must be made known and set in accordance with World Card standards. Results must include probabilistic data. INTERNATIONAL LAW Law enforcement and legal courts are required to reference WORLD CARD when making biometrics based identification WORLD CARD based proof of identity hold precedence over all other forms of biometric based identification.

WORLD CARD NAME: JANE TAN ISSUE DATE: 13. July 2005 VALIDITY PERIOD: 13. July 2005 to 12. July 2010 BIOMETRIC PURPOSE: Reference Identification CREATOR: UNITED NATIONS BIOMETRIC TYPES Iris, Finger, Hand, Gait, Grip, Odor BIOMETRIC SUBTYPE: Iris, right eye BIOMETRIC DATA BLOCK 5689 7867 BIOMETRIC SUBTYPE: Thumb, left hand BIOMETRIC DATA BLOCK 7888 3367 BIOMETRIC SUBTYPE: Hand, left hand BIOMETRIC DATA BLOCK A787 3454 BIOMETRIC SUBTYPE: Gait, walking BIOMETRIC DATA BLOCK 1255 6A77 BIOMETRIC SUBTYPE: Grip, dynamic BIOMETRIC DATA BLOCK 4509 5T33 BIOMETRIC SUBTYPE: Odor, mouth BIOMETRIC DATA BLOCK 1201 2A66 5689 7867IKGHEKAJ 7888 3367GJAHEIET A7873454KHJ594YI1 12556A77HKJIUYU4 5095T3357665HKJL1 2012A66MUIOY89G As per United Nations stipulations, biometric identification must occur with reference the data contained in this card in order to be upheld in any United Nations accepted court of law. Only the data on this card and the corresponding decision metrics are acceptable for proof of physical identity. BIOMETRIC DATA QUALITY 100 BIOMETRIC DATA TYPE RAW BIOMETRIC DATA SIZE 2048 bits BIOMETRIC CREATION DECISION METRIC modified Hamming distance DECISION THRESHOLDS 14.0 Fig. 12 World Card template Gabor wavelet base phase demodulation for pseudo-polar coordinate system where the real and imaginary parts define the positive and negative bits of iris code.

Very Short Bibliography: Feasibility Study on the Use of Biometrics in an Entitlement Scheme:, Mansfield and Rejman-Greene, 2003 http://www.homeoffice.gov.uk/docs2/feasibility_study031111_v2.pdf Best Practices in Testing and Reporting Performance of Biometric Devices, Mansfield and Wayne, 2002 http://www.npl.co.uk/scientific_software/publications/biometrics/bestprac_v2_1.pdf Biometrics Enrollment Trial Report Atos Origin, 2005 http://www.passport.gov.uk/downloads/ukpsbiometrics_enrolment_trial_report.pdf Lessons From The Brandon Mayfield Case, Thompson and Cole, National Association of Criminal Defense Lawyers: Forensics, 2005 http://www.nacdl.org/public.nsf/0/3419bfeee2f5c72c85256ff600528500?opendocument NISTIR 6529-A, "Common Biometric Exchange Formats Framework (CBEFF)", 2004: http://www.itl.nist.gov/div893/biometrics/documents/nistir6529a.pdf "Biometric decision landscapes." Daugman, Technical Report No. TR482, University of Cambridge Computer Laboratory, 2000. http://www.cl.cam.ac.uk/techreports/ucam-cl-tr-482.pdf Digitized Prints can Point Finger at the Innocent, Chicago Tribune, Flynn McRoberts and Steve Mills Tribune staff reporters January 3, 2005 http://www.truthinjustice.org/digitized-prints.htm Some Institutes: NPL: National Physical Laboratory (UK) http://www.npl.co.uk/scientific_software/research/biometrics/ Cambridge University, Computer Laboratory (UK) http://www.cl.cam.ac.uk/users/jgd1000/ NIST: National Institute of Standards and Technology (USA) http://www.itl.nist.gov/ Biometric Systems Lab, U. Bologna (ITALY) http://bias.csr.unibo.it/research/biolab/bio_tree.html Other Sources: Biometrics Consortium: link between government and industry http://www.biometrics.org/ Michelle Triplett's fingerprint terms http://www.fprints.nwlean.net/e.htm Crypto-Gram Newsletter, Bruce Schneider http://www.schneier.com/crypto-gram-0404.html

2024 © lawsdocbox.com Privacy Policy | Terms of Service | Feedback