Entries Tagged "biometrics"

Page 14 of 17

Global Envelope

The DHS wants to share terrorist biometric information:

Robert Mocny, acting director of the U.S. Visitor and Immigrant Status Indicator Technology program, outlined a proposal under which the United States would begin exchanging information about terrorists first with closely allied governments in Britain, Europe and Japan ,and then progressively extend the program to other countries as a means of foiling terrorist attacks.

The Global Envelope proposal apparently opened the door to the exchange of biometric information about persons in this country to other governments and vice versa, in an environment where even officials’ pledges to observe privacy principles collide with inconsistent or absent legal protections.

In remarks to the International Conference on Biometrics and Ethics in Washington this afternoon, Mocny repeatedly stressed DHS’ commitment to observing privacy principles during the design and implementation of its biometric systems. “We have a responsibility to use this information wisely and responsibly,” he said.

Mocny cited the need to avoid duplication of effort by developing technical standards that all national biometric identification systems would use.

He emphasized repeatedly that information sharing is appropriate around the world on biometric methods of identifying terrorists who pose a risk to the public. Noting that his organization already receives information about terrorist threats from around the globe, Mocny said, “We have a responsibility to make a Global Security Envelope [that would coordinate information policies and technical standards.]”

Mocny conceded that each of the 10 privacy laws currently in effect in the United States has an exemption clause for national-security purposes. He added that the department only resorts to its essentially unlimited authority under those clauses when officials decide that there are compelling reasons to do so.

Anyone think that this will be any better than the no-fly list?

Posted on November 30, 2006 at 12:51 PMView Comments

UK Car Rentals to Require Fingerprints

Welcome to a surveillance society:

If you want to hire a car at Stansted Airport, you now need to give a fingerprint.

The scheme being tested by Essex police and car hire firms, is not voluntary. Every car rental customer must take part.

No fingerprint, no car hire at Stansted airport.

These are stored by the hire firms—and will be handed over to the police if the car is stolen or used for another crime.

This is the most amusing bit:

“It’s not intrusive really. It’s different—and people need to adjust to it. It’s not Big Brother, it’s about protecting people’s identities. The police will never see these thumbprints unless a crime is committed.”

What are the odds that no crime will ever be committed?

Fingerprints are becoming more common in the UK:

But regardless of any ideological arguments, the use of biometric technology—where someone is identified by a physical characteristic—is already entering the mainstream.

Biometric UK passports were introduced this year, using facial mapping information stored on a microchip, and more than a million have already been issued.

A shop in the Bluewater centre in Kent has used a fingerprint checking scheme to tackle credit card fraud. And in Yeovil, Somerset, fingerprinting has been used to cut town-centre violence, with scanners helping pick out troublemakers.

It’s not just about crime. Biometric recognition is also being pitched as more convenient for shoppers.

Pay By Touch allows customers to settle their supermarket bill with a fingerprint rather than a credit card. With three million customers in the United States, this payment system is now being tested in the UK, in three Co-op supermarkets in Oxfordshire.

Posted on November 14, 2006 at 7:37 AMView Comments

Seagate Encrypted Drive

Seagate has announced a product called DriveTrust, which provides hardware-based encryption on the drive itself. The technology is proprietary, but they use standard algorithms: AES and triple-DES, RSA, and SHA-1. Details on the key management are sketchy, but the system requires a pre-boot password and/or combination of biometrics to access the disk. And Seagate is working on some sort of enterprise-wide key management system to make it easier to deploy the technology company-wide.

The first target market is laptop computers. No computer manufacturer has announced support for DriveTrust yet.

More details in these articles.

Posted on November 7, 2006 at 7:04 AMView Comments

Heathrow Tests Biometric ID

Heathrow airport is testing an iris scan biometric machine to identify passengers at customs.

I’ve written previously about biometrics: when they work and when they fail:

Biometrics are powerful and useful, but they are not keys. They are useful in situations where there is a trusted path from the reader to the verifier; in those cases all you need is a unique identifier. They are not useful when you need the characteristics of a key: secrecy, randomness, the ability to update or destroy. Biometrics are unique identifiers, but they are not secrets.

The system under trial at Heathrow is a good use of biometrics. There’s a trusted path from the person through the reader to the verifier; attempts to use fake eyeballs will be immediately obvious and suspicious. The verifier is being asked to match a biometric with a specific reference, and not to figure out who the person is from his or her biometric. There’s no need for secrecy or randomness; it’s not being used as a key. And it has the potential to really speed up customs lines.

Posted on October 26, 2006 at 1:04 PMView Comments

Voice Authentication in Telephone Banking

This seems like a good idea, assuming it is reliable.

The introduction of voice verification was preceded by an extensive period of testing among more than 1,450 people and 25,000 test calls. These were made using both fixed-line and mobile telephones, at all times of day and also by relatives (including six twins). Special attention was devoted to people who were suffering from colds during the test period. ABN AMRO is the first major bank in the world to introduce this technology in this way.

Posted on July 21, 2006 at 7:43 AMView Comments

Password-Protected Bullets

New invention, just patented:

Meyerle is patenting a design for a modified cartridge that would be fired by a burst of high-frequency radio energy. But the energy would only ignite the charge if a solid-state switch within the cartridge had been activated. This would only happen if a password entered into the gun using a tiny keypad matched one stored in the cartridge.

When they are sold, cartridges could be programmed with a password that matches the purchaser’s gun. An owner could set the gun to request the password when it is reloaded, or to perform a biometric check before firing. The gun could also automatically lock itself after a pre-set period of time has passed since the password was entered.

Posted on June 30, 2006 at 6:41 AMView Comments

Face Recognition Comes to Bars

BioBouncer is a face recognition system intended for bars:

Its camera snaps customers entering clubs and bars, and facial recognition software compares them with stored images of previously identified troublemakers. The technology alerts club security to image matches, while innocent images are automatically flushed at the end of each night, Dussich said. Various clubs can share databases through a virtual private network, so belligerent drunks might find themselves unwelcome in all their neighborhood bars.

Anyone want to guess how long that “automatically flushed at the end of each night” will last? This data has enormous value. Insurance companies will want to know if someone was in a bar before a car accident. Employers will want to know if their employees were drinking before work—think airplane pilots. Private investigators will want to know who walked into a bar with whom. The police will want to know all sorts of things. Lots of people will want this data—and they’ll all be willing to pay for it.

And the data will be owned by the bars thatcollect it. They can choose to erase it, or they can choose to sell it to data aggregators like Acxiom.

It’s rarely the initial application that’s the problem. It’s the follow-on applications. It’s the function creep. Before you know it, everyone will know that they are identified the moment they walk into a commercial building. We will all lose privacy, and liberty, and freedom as a result.

Posted on February 28, 2006 at 3:47 PMView Comments

1 12 13 14 15 16 17

Sidebar photo of Bruce Schneier by Joe MacInnis.