The behavioral science of decisions affecting privacy

Profile: Alessandro Acquisti, behavioral economist at Carnegie Mellon University in Pittsburgh (New York Times)

Often, we turn over our data in exchange for a deal we can’t refuse.

Alessandro Acquisti, a behavioral economist at Carnegie Mellon University in Pittsburgh, studies how we make these choices. In a series of provocative experiments, he has shown that despite how much we say we value our privacy — and we do, again and again — we tend to act inconsistently.

Is your personal information worth more than the price of a cup of coffee? Yes and no. (IT World)

It’s easy to be apathetic about abstract terms like “privacy,” but much harder to be so casual if some stranger asks you to, say, share your kids’ schedule and the location of their schools. This is one reason why the terms we use matter so much when talking about user privacy, and why Orwellian definitions of words like tracking, anonymity, choice and freedom are an enormous red flag that should make all of us a little jumpy.

Please read both articles if you’re interested in privacy.

Making voice biometrics more secure

Carnegie Mellon Voice Verification Technology Prevents Impersonators From Obtaining Voiceprints (India Education Diary)

Computer users have learned to preserve their privacy by safeguarding passwords, but with the rise of voice authentication systems, they also need to protect unique voice characteristics. Researchers at Carnegie Mellon University’s Language Technologies Institute (LTI) say that is possible with a system they developed that converts a user’s voiceprint into something akin to passwords.

The system would enable people to register or check in on a voice authentication system, without their actual voice ever leaving their smartphone. This reduces the risk that a fraudster will obtain the person’s voice biometric data, which could subsequently be used to access bank, health care or other personal accounts.

The Challenge of Establishing a Biometric Modality

Future Eye Scanners Must Combat Aging Eyes (Live Science)

The iris — the colored part of the eye that eye-scanners analyze — changes as people age, making the scanners more likely to wrongly lock out people with every passing year, according to a new study.

The finding goes against the established, yet never-proven notion that eye scanners can accurately identify people throughout their lives, said Kevin Bowyer, a computer scientist at the University of Notre Dame who performed the study.

Read the whole thing. It’s an article that gets at an interesting aspect of the algorithm end of the biometric ID management problem. It also has input from two of the speakers at the recent TechConnectWV event: Marios Savvides (Carnegie Mellon) and Bojan Cukic (W. Va. Univ.).

A good biometric modality must be: unique, durable, and easily measurable. If any of these are missing, widespread use for ID management isn’t in the cards. If something is unique and durable but isn’t easily measurable, it can still be useful but it isn’t going to become ubiquitous in automated (or semi-automated) technology. Teeth and DNA fit this model. Teeth have been used to determine the identity of dead bodies with a high degree of certainty for a long time, but we aren’t going to be biting any sensors to get into our computers any time soon — or ever. Likewise with DNA.

There is also the challenge of proving that a modality is in fact unique, durable and easily measurable which requires a whole lot of experimental data, and especially regarding uniqueness, a healthy dose of statistical analysis. I’m no statistician, and from what I understand, the statistical rules for proving biometric uniqueness aren’t fully developed yet anyway, so let’s just leave things in layman’s terms and say that if you’re wanting to invent a new biometric modality and someone asks you how big a data set of samples of the relevant body part you need, your best answer is “how much can you get me?”

In order to ascertain uniqueness you need samples from as many different people as you can get. For durability you biometric samples for the same person taken over a period of time and multiplied by a lot of people. 

Ease of measure is more experiential and will be discovered during the experimentation process. The scientists charged with collecting the samples from real people will quickly get a feel for the likelihood that people would adapt to a given ID protocol.

For two of the “big three” biometric modalities, face and fingerprint, huge data repositories have existed since well before there was any such thing as a biometric algorithm. Jails (among others) had been collecting this information for a hundred years and the nature of the jail business means you’ll get several samples from the same subject often enough to test durability, too, over their criminal life. These data could be selected such that they were as good as they could be to assess both uniqueness and durability. For face, other records such as school year books exist and were readily available to researchers who sought to measure uniqueness and durability.

Which brings us to iris.

Where do you look to find a database of several million high-resolution images of human irises collected by professionals who took good notes? Well there’s your problem.

The solution is to go about building such a data set yourself and several organizations have been doing just that. One can make considerable progress on in the question of uniqueness with a big push, collecting more data quickly. Assessing durability, however, takes time no matter how much money and effort can be applied. Some processes can be sped up with more resources; some can’t (nine women can’t make a baby in a month) and the real bummer with determining biometric durability is that you can’t really know in advance how much time it’s going to take to prove it to a satisfactory degree. 

So it’s not a surprise that the uniqueness of the human iris was determined before its durability, and it may come about that the iris is, like the face, “durable enough.” We are all too aware that the face changes, but certain aspects of it don’t change so much that facial recognition is pointless. The same may be true of the iris. It, too, may be durable enough.

It may also turn out to be the case that irises change in a predictable way and that those changes can be accounted for on the software side, so all this isn’t to say that iris isn’t among, or won’t solidify its position among the “big three”; it’s just had a harder road to get there.

Carnegie Mellon University Sets Up New Foot Biometrics Lab

Carnegie Mellon University’s Biometrics Center Selected To House New Pedo-Biometrics Research and Identity Automation Lab (Press Release)

Identity science takes a giant leap forward with a new discipline in biometrics. Carnegie Mellon University researchers at the new $1.5 million per year Pedo-Biometrics Research and Identity Automation Lab are teaming up with Autonomous ID, an Ottawa, Canada, company currently relocating operations to the U.S., to test insole sensory system prototypes for a variety of identification uses, from security to detecting the onset of such diseases as diabetes and Parkinson’s.

The CMU Pedo-Biometrics Lab, headed by Electrical and Computer Engineering Professor Marios Savvides, will provide the roadmap for scientific analysis and algorithm research and development for the new pedo-biometrics discipline, which uses a specially designed insole to monitor foot movement.

Translate »