NO2ID

NO2ID

NO2ID's ID Card & Database State Online Discussion Forum
 
It is currently Wed, 23 Apr 2014 21:33:59 +0000

All times are UTC




Post new topic Reply to topic  [ 13 posts ] 
Author Message
 Post subject: Biometrics 2009 conference, day by day
PostPosted: Mon, 26 Oct 2009 22:40:35 +0000 
Offline
A-List
A-List

Joined: Sat, 07 Apr 2007 10:29:05 +0000
Posts: 2855
See also http://forum.no2id.net/viewtopic.php?t=29854

Conference: Biometrics 2009
Queen Elizabeth II Conference Centre, Westminster, London, UK
20-22 October 2009

Lockheed Martin, Northrop Grumman, the IEEE and others are sponsoring a three-day conference on biometrics with speakers from all the major players worldwide.

China v. the US
Day 1 opened with the geopolitics of biometrics.

Professor Jim Wayman of the National Biometric Test Center at San Jose University said that the funding for biometrics R&D and deployment in the US has been uncoordinated until now, with different departments of the government all inventing wheels separately. There is a move now, since the election of President Obama, for the FBI to lead projects at home, and in partnership with other agencies abroad. The money is thus moving away from the military and towards law enforcement.

For eight years, Dr Tieniu Tan ran the Institute of Automation, part of the Chinese Academy of Sciences. The Institute has teams working on the full range of biometrics, and deploys systems throughout China either directly or through spin-off companies. China has 10,000 biometrics researchers and is accelerating the use of biometrics in banking applications, border-crossing, time and attendance (including China's 10,000 coal mines), prisons (and re-education through labour camps), welfare payments, and exam attendance (including driving tests). Not to mention the Olympics.

Hearts, minds and confusion
Next up was Isabel Hunt, Executive Director, Communications and Marketing, UK Identity & Passport Service (IPS), explaining to us how IPS is going to win people's hearts and minds.

The answer is, a combination of, quoting a few perfunctory statistics, showing a video with lots of people doing lots of things ending up with the slogan "identity at your fingertips", using a friendly fingerprint as a logo (IDSmart™), communicating with the public and with business via two websites, and providing a telephone-based card validation service.

Not convinced, national treasure Dr Peter Hawkes asked from the floor when IPS are going to use mobile phones for ID. Ms Hunt explained that the national treasure had got it the wrong way round, IPS believe that one day we will need to present an IPS ID card in order to buy a mobile phone.

Another man asked from the floor just exactly when the much-vaunted biometrics recorded on ePassports and ID cards were actually going to be used. "As soon as we can", said Ms Hunt. She apologised for being "glib" but that was the only answer possible.

And then, there was Vali Ali on the stage. Vali is a Distinguished Technologist (seven worldwide patents granted and 34 pending) for the Personal Systems Group at Hewlett-Packard (HP) and, in a bravura performance mixing wild humour with intelligent scorn, he let the biometrics suppliers have it between the irises.

He produces 30 million PCs a year. He has no time, no margin and lots of competition. Biometrics suppliers come to him with proposals that you need "3½ PhDs" to evaluate, the OEMs don't know what they're selling and the customers don't know what they're buying. Until biometrics components can be bought and sold like commodities, the way he can buy graphics cards, the whole industry will remain in the mess it is in currently, with no-one able to write applications for the stored fingerprints because the APIs keep changing or the biometrics supplier won't release an SDK. The biometrics industry today sows nothing but confusion, he said, and no-one disagreed.

Vali suggested to Isabel Hunt that maybe IPS should consider taking advantage of the 120 million PCs produced worldwide every year to deploy the National Identity Service. This didn't get the same put-down as Dr Hawkes's mobile phone suggestion. It got a different one. She would talk to him about this unexpected idea of using the technology people already have over coffee.

Business, innovation, skills and reality
At one point, Ms Hunt delivered herself of the opinion that IPS faces a happy public and an aggressive press and she sometimes wishes it was the other way round. This theme was taken up in the afternoon, or part of it at least was taken up, when Richard Foggie addressed us on the question whether UK Plc is ready for biometrics to go mainstream. Mr Foggie works for BIS, the Department for Business Information and Skills, as an "innovation broker".

We learnt nothing of the innovations he has brokered but he does believe that the newspapers only report the public's minority concerns about privacy because "good news doesn't sell papers". In fact, he said, contrary to newspaper reports, 75% of people in the UK are happy about the government's proposed use of our biometrics, and the UK Border Agency's eBorders initiative will only cost £1.2 billion over 10 years, and IPS's National Identity Scheme [sic] will only cost £4.95 billion. So that's three false claims brokered innovatively into just one sentence.

Don't get him wrong, Mr Foggie said, he loves working with organisations like No2ID that just bob along responding unthinkingly to the zeitgeist, but then he also loves working with CASPIAN (Consumers Against Supermarket Privacy Invasion and Numbering), who base their objections on an interpretation of the Book of Revelations.

Gillian Ormiston, who followed, and who is Director, Business Development, Sagem Sécurité, described a test of biometrics conducted by a UK retail bank. 500+ members of staff took part, using a combination of PINs and biometrics to conduct banking business in the same way other customers would. The biometrics worked well enough, everyone agreed that they would bring benefits for customers and the bank alike but the technology has no chance of being deployed any time soon. Not in the UK. And not in a big bank.

Three-quarters of those who took part in the test wanted the use of biometrics to be voluntary. Which would mean running multiple verification systems. Which is too expensive. And the biometrics system could not be deployed incrementally, it would have to be a big bang, because staff move around a lot from branch to branch. Again, not practical. So the system will not be deployed.

IPS face precisely the same problems described by Ms Ormiston. Have they reached the same conclusion? It looks like it. Judging by their feeble attempts to win hearts and minds so far, they know that it's just not going to happen. Not in Manchester. Nowhere in the UK. Mr Foggie is wrong – UK Plc is not ready for biometrics to go mainstream.

_________________
http://DematerialisedID.com
http://DMossEsq.com


Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon, 26 Oct 2009 22:49:57 +0000 
Offline
A-List
A-List

Joined: Sat, 07 Apr 2007 10:29:05 +0000
Posts: 2855
Passport to Pimlico
Day 2 opened with a visit from our masters, the European Commission (EC).

Mr Pasi Nokelainen of the Directorate-General for Justice, Freedom and Security addressed us on the subject of the Biometric Matching System (BMS). BMS is part of VIS, the EC's Visa Information System, please see their FAQ on the freedom to travel. Before leaving the room. BMS will provide a pan-European database of fingerprints against which all Schengen states must check identities before issuing visas. It is expected to stabilise at about 100 million entries, making it one of the biggest fingerprint databases in the world.

Not easy
Mr Matthias Kohlhage has had the pleasure of interfacing the German visa systems with VIS. He gave some indication of the enormity of the task over the past five or six years and anyone from the UK government listening will think twice before deciding to join Schengen.

"Adding biometrics doesn't make things easier", said Mr Kohlhage. No doubt the UK Border Agency (UKBA) would agree. The UK, too, are now in a position to issue biometric visas although unlike the Germans, we don't have any equipment to read these cards.

What the rest of us need to know is whether adding biometrics improves the operation of visa systems.

Done and dusted. And swabbed
James A Loudermilk II is the Senior Level Technologist at the Federal Bureau of Investigations. 18,000 law enforcement agencies contribute fingerprints and DNA samples to his databases and submit 200,000+ queries a day. Under the Next Generation Identification programme, the idea is to get response times down to a matter of seconds. Irisprint and voiceprint facilities are likely to be added, subject to further research, and maybe even people's scent.

Mr Loudermilk provided not one scoop, but two.

One of his objectives is to achieve more or less real-time DNA profiling. The current turnaround time for graduate laboratory staff is 8-10 hours from DNA sample to profile. Over the next seven years, he aims to get that down to 1 hour, using off-the-shelf staff. Over lunch, Lockheed Martin confirmed that the machines are already available, now, today. The seven years is how long it takes to feed them down through the Federal and State levels of the law enforcement community all the way to every precinct booking station. And who knows, maybe one day the technology will be quick enough to check passengers through arrivals and departures?

The other scoop was to stand up there on stage, representing the FBI, and to say that although it would be the killer application of biometrics, face recognition just can't deliver the highly reliable verification required to be of any use.

Most embarrassing, but this turns out to be wrong and a heartfelt apology has been extended to Mr Loudermilk.

Let's face it
Mr Loudermilk was followed by no less than five speakers all advocating biometrics based on face recognition. Only one person pointed out the contradiction ...

Antoine Tollet works for Sagem and was involved in the deployment of SmartGates in Australia's airports. He mentioned biometric performance. "I'm not going to give you figures", he said, "but it's high".

The question came from the floor, what is the return on investment on these SmartGates? Answer, a reduction in border control staff costs.

Then came Dr Joseph Atick, the man behind Visionics (face recognition), which joined Identix, which became L-1 Identity Solutions, Inc. Dr Atick treated us to his view of the future of identity management.

OK, he said, the world has managed to standardise passports, that's good, they're bristling with security features, even better, but there are only 12 countries in the world that actually use that technology to read passports and only seven which take advantage of the PKI security facilities. Passenger travel remains a nightmare and, given that only 8% of the world's population has a passport, as that number increases the nightmare is going to get worse.

The solution? Twofold.

Firstly, drop the requirement to register your biometrics at a state facility. Use sweet shops or booths on station platforms.

Second, issue passports and residence permits as applets, operating on mobile phones.

Mr Alex Lahood of the UK Border Agency read a lecture to us which sounded like the talk given to new recruits on the first day of their induction course. He repeated the John Reid promise to check the identity of everyone entering the UK and leaving. This is due to start by 2014. Which biometrics will be used, he was asked? Probably face recognition and fingerprints, he said, but that's not decided yet.

Mr André Oeyen of SITA pointed out that biometrics might help to identify people but they don't discern people's intentions. That seems undeniable. His claim that API/PNR data can help to identify suspicious travellers is more contentious.

Mr Cyrille Bataller spoke about the Accenture Technology Labs system, miSense, and when it came to the question and answer session, someone had had enough.

Someone asked whether anyone on the panel could name a large-scale field trial which demonstrated the high reliability of face recognition? If not, what reason is there to believe that it works? There was some consternation from the panel, and no answer, but we parted amicably enough. The audience was full of the purveyors of Sagem SmartGates, who became a little emphatic. And then at coffee afterwards, a Kenyan tapped someone on the shoulder and said thank you for asking those questions, he and his colleagues had been hoping someone would.

The US Department of Homeland Security have already told them it's not good enough for ID cards (see para.81) or, by implication, ePassports and biometric visas. And now the FBI have told them as well. Will UKBA and the Identity & Passport Service now stop wasting our money on face recognition technology?

_________________
http://DematerialisedID.com
http://DMossEsq.com


Last edited by David Moss on Sun, 14 Mar 2010 15:48:19 +0000, edited 1 time in total.

Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon, 26 Oct 2009 22:54:53 +0000 
Offline
A-List
A-List

Joined: Sat, 07 Apr 2007 10:29:05 +0000
Posts: 2855
Evidence-based government
Day 3 – the application of logic.

Phil Booth, the national coordinator of NO2ID, which now has 70,000 members, listed the promises made by the government for the National Identity Service (NIS). He noted the outcomes, the facts. And he asked questions about the gaps between the two. David Blunkett promised that identity theft would become impossible because biometrics are 100% accurate. The UK Passport Service biometrics enrolment trial demonstrated that 31% of the able-bodied population, and 52% of the disabled, can't have their identity verified by face recognition technology at all.

0% error? 31%? 52%? Which is it? There are gaps there. Mr Booth and others have been asking the government and the civil service for five years and more to explain these discrepancies. No answer is forthcoming. The Identity & Passport Service (IPS) are in a world of their own.

Emilio Mordini is the director of the EU-sponsored Centre for Science, Society and Citizenship (CSSC). He is a psychiatrist now specialising in identity and ethics. We didn't hear anything from him about ethics but as far as identity is concerned, the doctor believes that biometrics provide the best method of ensuring that everyone has an official identity, that nation states are bad, and that they should be replaced with the web.

Away with the fairies, you say? You may be right. But what is the difference between IPS and CSSC? Both are supported with public money in a jovial round of conferences where they can ignore the evidence.

Unlike CESG, the information assurance arm of GCHQ. Chris White presented some of the results of his research at CESG into how to evaluate risk in a biometrics-based system. He may be the man with the evidence and there was only one question to ask – what did IPS score? How risky is the NIS? And there was only one answer possible – "we can't discuss client results".

The global revenues of the biometrics industry are predicted to rise from about $1 billion in 2007 to about $10 billion in 2015. The suppliers are going to have to be in good condition to soak up that sort of punishment over the next five years and, judging by the confident exhibitors at Biometrics 2009, they are.

One exhibitor of note, the IEEE have devised a training programme and examination in biometrics. You, too, could become a CBP, a certified biometrics professional. What about the suppliers to IPS and to the UK Border Agency? Do they have any evidence to show that they are CBPs?

_________________
http://DematerialisedID.com
http://DMossEsq.com


Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon, 26 Oct 2009 23:17:44 +0000 
Offline
Site Admin
Site Admin

Joined: Sun, 09 Jan 2005 18:23:13 +0000
Posts: 10504
Location: Cambridge
David - thanks for the detailed reports. It sounds like you had fun, and asked some very pertinent questions.

I note that Home Office spokesmen still try to ridicule NO2ID while refusing to actually engage with NO2ID representatives or address any of their arguments.

_________________
Andrew Watson


Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon, 26 Oct 2009 23:39:34 +0000 
Offline
A-List
A-List

Joined: Sat, 07 Apr 2007 10:29:05 +0000
Posts: 2855
Andrew Watson wrote:
David - thanks for the detailed reports. It sounds like you had fun, and asked some very pertinent questions.

I note that Home Office spokesmen still try to ridicule NO2ID while refusing to actually engage with NO2ID representatives or address any of their arguments.

Hi Andrew, yes it was very revealing.

A small point, it was actually a province of Lord Mandelson's empire which tried to ridicule NO2ID, not the Home Office.

The torpedo launched by Mr Loudermilk was devastating. It undermines IPS and UKBA wherever they depend on facial geometry. They are sunk. I hope that every appropriate opportunity will be used to ask why IPS and UKBA think the FBI are wrong. They must not be allowed to survive by silence any more.

I asked Mr Loudermilk why flat print fingerprints perform so badly compared with old-fashioned rolled prints. He told me that was about four questions in one. For one thing, the data capture equipment has to be top quality, and not the $2 toys Vali Ali was complaining about. But the big problem with flat print fingerprints, according to Mr Loudermilk, is that they're flat – about 40% of the total fingerprint is missed/ignored.

_________________
http://DematerialisedID.com
http://DMossEsq.com


Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue, 27 Oct 2009 08:42:06 +0000 
Offline
A-List
A-List

Joined: Sat, 07 Apr 2007 10:29:05 +0000
Posts: 2855
Alex Lahood was billed at Biometrics 2009 as the UKBA Director of Identity Management. According to Google, that is the only place he is billed as such. What, if anything, does he know about identity management?

_________________
http://DematerialisedID.com
http://DMossEsq.com


Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue, 27 Oct 2009 14:17:51 +0000 
Offline
A-List
A-List

Joined: Fri, 04 Aug 2006 12:05:45 +0000
Posts: 1653
Location: Shrewsbury
David Moss wrote:
I asked Mr Loudermilk why flat print fingerprints perform so badly compared with old-fashioned rolled prints. He told me that was about four questions in one. For one thing, the data capture equipment has to be top quality, and not the $2 toys Vali Ali was complaining about. But the big problem with flat print fingerprints, according to Mr Loudermilk, is that they're flat – about 40% of the total fingerprint is missed/ignored.

If I understand it right, the slap prints only measure the x-y coordinates of the minutiae, instead of counting the ridges between them (as forensic fingerprinting does). This enormously reduces the amount of information gleaned from the print, but has the potential to be resolved with better technology. Is that right?

_________________
Rob Findlay
And you all know, security / Is mortals' chiefest enemy. (Macbeth)


Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue, 27 Oct 2009 17:40:43 +0000 
Offline
Moderator

Joined: Tue, 18 Jan 2005 14:56:20 +0000
Posts: 5210
Location: Glasgow
Thanks, David!

_________________
Geraint.
3085 D1DD B2A8 15ED 492F E75D 7175 7737 9D10 98D3 - Fingerprint


Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Wed, 28 Oct 2009 09:17:03 +0000 
Offline
A-List
A-List

Joined: Sat, 07 Apr 2007 10:29:05 +0000
Posts: 2855
capnbob wrote:
If I understand it right, the slap prints only measure the x-y coordinates of the minutiae, instead of counting the ridges between them (as forensic fingerprinting does). This enormously reduces the amount of information gleaned from the print, but has the potential to be resolved with better technology. Is that right?

Hi Cap'n, this is not something I have looked into, it isn't discussed in the literature I happen upon. All I can say is that (a) it must be better to use 100% of the fingerprint than 60% and (b) the first recommendation in Tony Mansfield and Marek Rejman-Greene's feasibility study for the Home Office is:
Quote:
Recommendation 1. For the identification application, if a fingerprint system is used, it should be minutiae based. (para.31, pp.10-11)

_________________
http://DematerialisedID.com
http://DMossEsq.com


Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Wed, 28 Oct 2009 09:43:07 +0000 
Offline
A-List
A-List

Joined: Sat, 07 Apr 2007 10:29:05 +0000
Posts: 2855
Geraint wrote:
Thanks, David!

You're welcome, of course, and by the way thank you for the New Scientist link: I was told in 2003 that the surveillance power of mobile phones is well-known and old hat; six years later, it's somehow still news; all to play for ...

The long slabs of prose above reporting the Biometrics 2009 conference were written at the end of each day with a view to publication the next day. That didn't happen. The following omissions from those reports are taken from my notes and may be of interest.

1. At the end of Antoine Tollet's presentation on the Sagem smart gates in Australia, the question came from the floor, what is the return on investment? His immediate answer – staff reduction. My gloss, not only will security be impugned by relying on this flaky technology – facial recognition – but there won't even be any humans left to reinstate security when the whole system collapses.

2. The UK Border Agency (UKBA) promised to install smart gates at 10 UK airports by 31 August 2009. The question arose, did they keep their promise? That was one of the 46 questions raised with Lin Homer, Chief Executive. For what it's worth, reading from his prepared text, Alex Lahood stated that smart gates have been installed at 10 UK airports. (I should add that the UK smart gates are thought to be supplied not by Sagem but by someone in Portugal.)

Edits

_________________
http://DematerialisedID.com
http://DMossEsq.com


Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu, 05 Nov 2009 13:12:05 +0000 
Offline
A-List
A-List

Joined: Sat, 07 Apr 2007 10:29:05 +0000
Posts: 2855
Long boring introduction:
    Mr Kohlhage, mentioned above, worked on the team that achieved two things, (a) they added fingerprinting to the German visa system and (b) they interfaced it with the EU's VIS system, see Pasi Nokelainen above.

    He told me that he didn't trust anyone to report his talk accurately. So I emailed him my copy to check (21 Oct). He emailed back (23 Oct) to say that there were some mistakes and that the PR Dept of the German Federal Office of Administration would send me a cleared and corrected version. I have sent two reminders since then (28 and 29 Oct). But no corrected copy.

    Can't see the need to wait any longer. My notes are reproduced below.
The meat:
    Two points come out of Mr Kolhhage's talk which have not been made above. (a) The false match rate using fingerprints with VIS is something like 25%. And (b) do UKBA have a team of fingerprint experts always available to settle contentious cases?
The error-riddled copy:
    Mr Matthias Kohlhage has had the pleasure of interfacing the German visa systems with VIS. He gave some indication of the enormity of the task, which involved dealing with several departments of the Federal government, all the State governments and 600 independent alien registration offices. The XML schema for VIS provided by the EC accurately reflected the legislation but had to be masked with a new schema appropriate to IT systems. Then he had to slow down some of the communications channels because the German systems were going too fast for VIS.

    "Adding biometrics doesn't make things easier", said Mr Kohlhage. 75% of the time, his systems get a definite hit on VIS but 25% of the time they get multiple hits and manual intervention is required to settle the matter of identity. Interjection from Mr Nokelainen – "we never said it was going to be easy".

    The Federal Foreign Office has 184 visa sections. In 53 cases, according to Mr Kohlhage, they have either had to build extensions to accommodate biometric registration or buy new buildings. Even installing the finger scanners isn't simple. There has to be a wire connecting the scanner on one side of the counter to a monitor on the other side. Explosives experts were called in to determine the correct angle at which to drill, and the correct diameter of the hole, to ensure the security of the German officials.

    Ergonomically, the optimal height for finger scanners at border crossings is too low for the border control officers to be able to see what's going on. That introduces the possibility of spoofing. So someone had to calculate the acceptable height for the scanner so that people could use it and at the same time be supervised.

    Some travellers turn up at border crossings with visas, others with passports, others with ID cards. Three protocols. There isn't room for three monitors on the officers' desks. And there's no middleware. What do you do?

    Add biometrics, and the average time taken for first line control exceeds the 50 second Schengen limit. What do you do?

    Add biometrics, and the number of second line control checks at border crossings increases. More staff. More delays.

    Not everyone is a fingerprint expert. Refusing someone a visa at a consular post or refusing someone entry at a border crossing is a serious matter. If someone is about to be refused purely on the basis of biometrics, you need fingerprint experts to refer to back at headquarters. More staff.

_________________
http://DematerialisedID.com
http://DMossEsq.com


Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu, 05 Nov 2009 13:26:05 +0000 
Offline
A-List
A-List

Joined: Sat, 07 Apr 2007 10:29:05 +0000
Posts: 2855
Quote:
From: David Moss
Sent: 04 November 2009 13:45
To: P. Jonathon Phillips
Cc: 'itl_inquiries@nist.gov'


Subject: Face recognition. NIST? Or the FBI? You can't both be right.


Dear Dr Phillips

I refer to the March 2007 report NISTIR 7408 on which you are the lead author, 'FRVT 2006 and ICE 2006 Large-Scale Results'.

This report is always taken to state that face recognition is as good as fingerprint and irisprint when it comes to identity verification.

This conclusion is used in the UK to defend the use of face recognition, particularly when it comes to the use of smart gates at airports. The authorities here in the UK have no other support for relying on face recognition -- NISTIR 7408 is a lonely report.

At the Biometrics 2009 conference held in London 20-22 October 2009, Mr James A Loudermilk II of the FBI announced that the FBI would love to be able to use face recognition, it would be the killer application of biometrics, but they can't because the algorithms simply do not exist to provide the highly reliable verification required.

NIST say yes. The FBI say no.

Which is it, may I ask?

... <redacted> ...

Yours sincerely
David Moss

_________________
http://DematerialisedID.com
http://DMossEsq.com


Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu, 05 Nov 2009 14:40:16 +0000 
Offline
Site Admin
Site Admin

Joined: Sun, 09 Jan 2005 18:23:13 +0000
Posts: 10504
Location: Cambridge
David - Lots of very useful detail. Many thanks.

_________________
Andrew Watson


Report this post
Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 13 posts ] 

All times are UTC


Who is online

Users browsing this forum: No registered users and 1 guest


You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Template made by DEVPPL/ThatBigForum