Security integrators and IT professionals in the IoT era

Role Of Security Integrators In The Internet Of Things Era (Source Security)

Networking IoT devices may seem like an information technology (IT) function, typically handled by a chief information officer (CIO). However, says Martens, CIOs will be preoccupied with complex issues far beyond physical security. Therefore, identifying where IoT sensors are placed, how they are managed and how they interact will fall to facility managers. And they will depend on their security integrators’ expertise more than ever.

Technology is pushing the security and IT functions closer together, most obviously because they are increasingly provided over the same infrastructures. There’s a lot of good insight at the link.

Market analysis from IndustryARC

Next Generation Biometrics Market is estimated to be $5.9 billion in 2014 and is growing at a healthy CAGR of 22% (IndustryARC)

The market is characterized by established brands with high revenue; high R&D capital reserves and well instituted distribution channels. But, the market place is also being disrupted by firms with innovative solution that have emerged to solve specific problems. With cost effective solutions offering greater security, companies will be able to position themselves uniquely.

Fujitsu: Iris biometrics for mobile devices

Iris Scanner Unlocks Smartphones Using Infrared LEDs (Electronic Design)

The growing number of smartphone thefts, both in the United States and abroad, has prompted manufacturers to incorporate more resilient security methods into their designs. Fujitsu Ltd., for instance, recently unveiled the Arrows NX F-04G smartphone, which uses infrared light-emitting diodes (IREDs) to support iris scanning authentication.

A suitable illumination source had been a major hurdle for iris biometrics on mobile devices. Fujitsu demonstrated a prototype mobile device using iris technology in March, 2015.

A Millennial’s vision for biometric banking

A Millennial’s Mindset: Money and Biometrics (Finextra)

The best thing for me would be a fast, easy and secure process, designed around me. Why can’t I use my biometric data to have a joined up experience? Without removing body parts, it is hard to steal from you. Biometrics would enable me to identify myself immediately.

We agree; and we’re working on it.

If it seems like things are moving slowly, it’s only because there’s a lot that had to be done on the infrastructure side first. A whole lot.

US: Biometric entry-exit system getting off the ground in Atlanta

Fingerprint scanner tested on foreigners leaving Atlanta (Security Info Watch)

U.S. Customs and Border Protection officers began using the devices last week to scan some foreign passengers on selected flights at Hartsfield-Jackson Atlanta International Airport, agency spokeswoman Jennifer Evanitsky said Tuesday. The test will be expanded in the fall to airports in Chicago, Dallas, Houston, Los Angeles, Miami, Newark, New York, San Francisco and Washington.

The US Congress first required such a system in a law passed in 1996.

Assessing the damage related to fingerprints in hacked government database

How Much Damage Can OPM Hackers Do With a Million Fingerprints? (Nextgov)

Though the idea of hacked fingerprints conjures up troubling scenarios gleaned from Hollywood’s panoply of espionage capers, not much is currently known about those that OPM said were swiped in the data breach, which began last year and has been privately linked by officials to China. In fact, the agency said it didn’t even know yet specifically which personnel have had their prints compromised.

The linked article is really good in that it spends a great deal of analysis of the unknowns, and there are many.

While a collection of images of the fingerprints of US government employees — if that is an accurate description of that was taken — certainly has its uses, not all potential uses are equal or equally likely.

In terms of identity fraud, the 1.1 million government employees who had their fingerprints stolen may not be a whole lot worse off than the 20 million or so other government employees who had their personal information stolen minus the fingerprints, though that is cold comfort indeed to the victims. If the individuals whose information was stolen are given the precise details of the personal information that is now “out there” they will be able to make informed decisions about how they wish to manage their affairs going forward. That includes how they might interact with biometric ID management technologies in the future both in and outside of government applications.

The intelligence value of the fingerprints of government employees is different story. With time, money, and pictures of a million fingerprints, it is possible to build a fingerprint watch-list. Probably, not all of the pictures of fingerprints will be of a high enough quality to be enrolled in an automated system today but more time and more money could help. From there, the new watch-list could be accessed by a new or existing biometric ID technology deployment such as a checkpoint serving whatever purposes its owner has for it.

There is probably a lot the government still doesn’t know about what was stolen, and even more that hasn’t been shared with the public and more importantly with the individuals whose information has been compromised. It will also take some time for the stolen information to be put to use. The Office of Personnel Management has a lot of work ahead of it.

FBI’s Rap Back program will use biometrics to alert government agencies of felony arrests of their employees

D/FW Airport to be among first users of FBI criminal history tracking effort (Dallas Morning News)

D/FW Airport and Boston’s Logan International Airport were the two selected by the Transportation Security Administration to pilot the FBI’s Rap Back program. The program allows the TSA to continuously track employees for felony-level arrests, rather than relying on individuals to self-report their crimes.

Biometrics figure in Accenture “Digital Trust in the IoT Era” consumer research

Security: Moving away from passwords to less penetrable security (PDF – Accenture)

Consumers are feeling less secure about the reliability of usernames and passwords to protect their personal data and are increasingly frustrated with the often tedious and inconvenient process of having to manage and remember multiple passwords and usernames. To address this challenge, innovative biometric authentication methods for connecting to the internet, such as use of human finger and palm prints, irises and voice recognition, are being developed rapidly.

The landing page for Accenture’s Digital Trust in the IoT Era report is here.

ID management in the cloud

Biometric Cloud-Based Offers Attractive Deployment (Engadget)

Cloud-based biometric technology offers attractive deployment possibilities, such as smart spaces, ambient intelligence environments, access control applications, mobile application, and alike. While traditional (locally deployed) technology has been around for some time now, cloud-based biometric recognition technology is relatively new. There are, however, a number of existing solutions already on the market…

Younger consumers lead biometrics demand

How mobile identity can unlock the DNA of trust for the financial sector (Information Age)

More than two-thirds of UK consumers think that using biometrics – such as voice, fingerprint, iris and facial recognition – would be more secure and help reduce the risks of fraud. These findings were consistent with consumers across Australia, Singapore, Indonesia, Malaysia, the United Kingdom and United States.

Australia gearing up for huge biometrics tender

CrimTrac to extend national biometric identification database (The Financial Review)

CrimTrac, the federal biometric information repository, wants more freedom to flexibly access other databases, such as national location data, as the national broadband program gradually progresses towards a fully functional, nationally available high-speed data network.

It is looking for a specialist information technology supplier to tool up a more flexible, versatile operating installation which can incorporate a range of new techniques as they become available, and can cope with the ever-spreading list of mobile devices being deployed in the field by policing agencies.

You can use biometrics, too

Biometric Technologies Are Competent To Use In Homes Or Any Establishments (World TVPC)

So as you can see using biometric scanners as a means to secure your home or office building is absolutely necessary. It is one of those things that you would be thankful for that human ingenuity worked towards your favor instead of against it.

Much of the discussion of biometrics tends to represent the technology as something foisted upon ordinary people by governments or corporations. That is changing.

FBI face rec leads to fugitive pedophile

FBI using facial recognition despite privacy concerns (Valley News – Fargo, ND)

For 19 years, Lynn Cozart eluded authorities after being convicted of sexually assaulting his three children.

He failed to show up for his sentencing hearing and seemed to drop off the map. So in a desperate bid to track down the Pennsylvania native, an FBI agent submitted Cozart’s mug shot to the agency’s newly created Next Generation Identification (NGI) system, which among other things uses facial recognition software to identify suspects.

The story continues at the link. With input from privacy advocates and law enforcement officials.

Forecast: Global Smart Security Market 2015-2019

Latest report on the global smart security market that is estimated to grow at a CAGR of 18.59% over the period 2014-2019 (Sandler Research)

Smart security solutions are used to monitor the activities and behavior of people in areas that are more prone to unauthorized access or damage, such as enterprises, educational institutions, commercial buildings, and utility infrastructure. Smart security includes advanced security systems such as IP surveillance cameras, biometric access control systems, integrated perimeter intrusion prevention systems, and wireless alarms. Thus, these solutions can secure an area from miscreants, terrorist activities, and data theft.

Adoption of intelligent security solutions for cities and their infrastructure not only provides security but also peace of mind to the residents.

The analysts forecast global smart security market to grow at a CAGR of 18.59% over the period 2014-2019.

Not a bug, but a feature

Massive errors mar Aadhaar enrolment (Times of India)

The enrolment process for Aadhaar in Odisha is dogged by massive rejection of data due to errors. According to the directorate of census operations here, enrolled biometric data of 40 lakh people stand rejected by the Unique Identification Authority of India (UIDAI), the Aadhaar body, as on June 15.

Some facts:
Odisha is a state in eastern India. The wiki has its population at 43.73 million as of 2014.
1 lakh = 100,000
1 crore = 10,000,000
All numbers not quoted from the article are in more familiar units.

The article goes on to say a lot about the numbers. 31,700,000 out of 38,400,000 people (82%) of the eligible population have been registered successfully.

The 4 million rejected applications are divided as follows.

2 million were rejected because they were submitted by operators who have been barred from submitting applications. UID works by outsourcing enrollment to private operators who are then paid by the government for accepted applications. Operators who have submitted too many error-riddled or fraudulent applications have been banned from the market.

1 million have been rejected for being duplicate applications, as is proper.

That leaves 1 million true “errors,” or failed enrollments that are potentially valid and are described as those submitted on behalf of “very old people and children (between five to 10 years), whose finger prints and iris scans were not registered properly.” Now, it may turn out that some of these failed enrollments are duplicate applications as well and it will probably turn out that many (if not most) of these people can be enrolled on a second pass where extra care is taken during the enrollment process. Nevertheless describing 1 million failed enrollments out of 32.7 million presumably legitimate applications as “massive errors” seems uncharitable.

Also, UID contains a “Biometric Exception Clause” which allows for creating UID numbers for people whose biometrics cannot be enrolled. As of May 2015, across India, around 618,000 (0.07%) of UID numbers have been issued with biometric exceptions.