Australia: ID Scanners in Night Spots

Nightclub scanners spark security concerns (Yahoo Australia)

There are a growing number of calls for the Australian Privacy Commissioner to take action over identity scanners in pubs and clubs.

Commissioner Timothy Pilgrim says his office is receiving an increasing number of complaints about the use of scanners in licensed venues, and that their use is boosting the risk of identity crime.

But the Australian Privacy Foundation says the commissioner is doing little to tackle the problem.

It certainly seems like there’s a better way to do what the business establishments want to do with less identity theft risk.

Storing all of the information on an ID card is overkill. Using facial recognition, an adequately rigorous system storing just a name and a face — information insufficient for identity theft — could be implemented, though it would be slightly more expensive, and entail a bit more police work on the back end (in the event that the record was needed for law enforcement purposes). A name and a face, however, are pretty good jumping-off points for police, especially if facial recognition tools are available to be applied to government ID databases.

If the perceived risk of nightclub ID scans comes from identity thieves, facial recognition biometrics can lower that risk.

Canada and the US to require better ID from border crossers

Border law will demand travel docs from Canadians: Documents (Embassy)

Citizenship and Immigration Canada plans to introduce new legal rules that would force Canadians and Americans to present authorized travel documents such as passports when entering Canada, according to departmental notes.

Government documents obtained by Embassy under access to information legislation show the move, part of the perimeter security plan between Canada and the United States, will bring Canadian and American law closer.

Under the US Western Hemisphere Travel Initiative, Canadians and others have had to pack official travel documents like passports since 2007 when they fly to the US, and since 2009 when driving or sailing there.

India: UID begins to incorporate iris, improves fingerprint results

UIDAI’s Iris Authentication proof of concept study successful (UIDAI Press Release – pdf)

The UIDAI has successfully conducted the proof of concept Iris authentication study in Mysore district of Karnataka. The study brought out the high accuracy levels (above 99.2%) achieved by iris authentication. A combination of iris and fingerprint authentication can further the goals of universal inclusion and pave the way for successful applications based on Aadhaar authentication.

The study was conducted in semi urban setting in Nanjangudtaluk in Mysore district of Karnataka between May 27th and July 30th 2012. 215,342 iris authentication transactions from 5833 residents were studied. 8 models of iris cameras through 6 different OEMs participated in this study.

This study has also brought out the specific improvement areas that biometric ecosystem needs to work upon to further improve the accuracy and coverage percentage. The detailed findings are documented in a report which is being published on UIDAI’s website. This will be followed by a workshop with the device vendors to guide them on the specific actions to be taken by them to improve algorithms and devices. UIDAI will then take up further field studies. These studies would also lead to formulation of iris device specifications for certification and deployment purposes.

It may also be noted that as a result of feedback to the biometric ecosystem, the performance of fingerprint authentication improved substantially from the time UIDAI conducted its first fingerprint authentication PoC to the last PoC. Same is expected in iris authentication domain too, which points that iris authentication has a scope of providing accuracy levels above 99.5%.

Implications of Ubiquitous Biometric Technology

A couple of good articles discussing the implications of ubiquitous biometric technology are out today…

Does rise of biometrics mean a future without anonymity? (Contra Costa Times)

“There are multiple benefits to society in using this form of identification,” said Anil Jain, a Michigan State University computer science and engineering professor, adding the technologies could prove “transformative.”

With face recognition, for example, “in 10 years the technology is going to be so good you can identify people in public places very easily,” said Joseph Atick, a face-recognition innovator and co-founder of the trade group International Biometrics & Identification Association. But misusing it could result in “a world that is worse than a big-brother state,” he warned, adding, “society is just beginning to catch up to what the consequence of this is.”

Businesses to use facial recognition (The Advocate)

Imagine arriving at a hotel to be greeted by name, because a computer has analyzed your appearance as you approached the front door.

Or a salesman who IDs you and uses a psychological profile to nudge you to pay more for a car.

South Africa: Serious about ID Management

20m ghost ID books in SA (IT Web)

“Stats SA reckons there are 28 million people aged over 21. The IEC [Independent Electoral Commission] has 23 million registered voters. However, the credit bureaus have 38 million people registered, meaning they have 38 million identities. Bear in mind that they might be over the age of 18, eligible to vote, and old enough to feature in the Stats SA data of those over 16.

“So that doesn’t seem to tie up…

Ukraine harmonizing ID practices with Europe

Ukraine to Introduce European Standard of Biometric ID (Press Release via Sacramento Bee)

A bill concerning the introduction of biometric IDs in Ukraine passed the first reading in the country’s parliament. Biometric documents will contribute to border security between Ukraine and the EU. The draft law provides for the creation of a unified state demographic register, which will contain basic personal information on each citizen. Additionally, the draft stipulates issuing the documents for traveling abroad that have a built-in proximity chip with registry information on the holder.

See also:

Biometric IDs A Step Toward EU – Ukraine Visa Simplicity (argophilia)

With the EU planning to assess the effect visa liberalization will have on illegal migrations soon, Ukraine tourism inbound and out stand to benefit if the new IDs fly with EU counterparts. The President of Ukraine, Viktor Yanukovych, created the State Migration Service already, an agency responsible for managing citizenship, immigration, registration, and political asylum issues.

Biometrics and the future of money

Bulletproof Money Will Be a Thief’s Worst Nightmare—and Help Drive the Mobile Wave (Money Morning)

In the future, you’ll have all sorts of biometric security features that will protect your assets and your identity. All of them can both protect corporate assets and empower the individual.

Finally, these same features could also exist inside your PC or even in different rooms within your home to give you a total security package.

We’re not far from the day when ordinary folks will be able to defeat even the smartest hacker around, just by touching or looking into their phone’s screen.

And it’s all because the world is going mobile.

80% of Fiji Adults Register for Biometric Voter Enrollment In Two Weeks

Close to Half a Million Fijians Register During First Phase of Registration (Republic of Fiji Press Release)

Almost half a million have registered to vote in the first wave of electronic voter registration (EVR) for the 2014 elections. This represents around 80 percent of current eligible domestic voters, with another period of registration to come later in the year, and the first registrations of Fijians living abroad to begin next year.

At the close of the first phase of sixty-one days, 488,734 Fijians registered at Voter Registration Centers (VRCs) that were open in locations across the country.

“This is a great achievement as Fiji moves toward parliamentary elections in 2014,” the Attorney-General and Minister Responsible for Elections, Aiyaz Sayed-Khaiyum said.

“The overwhelming turn-out of the Fijian people is a clear indication of their willingness and commitment to participate in the process of building a better Fiji for all.”

“A Fiji that provides the legal and moral foundation for a common and equal citizenry. Where there is no legal obligation to vote along ethnic lines, but where every Fijian over the age of 18 has an equal vote to cast as they choose.”

I believe there are also other reasons why Fijians have so eagerly adopted biometric voter registration. Because it is secured with biometrics, the voter registration card is being accepted as a credible for of ID by all sorts of government ministries. Can private sector entities be far behind?

Fiji 

The CIA World Factbook estimates Fiji’s population in 2012 at 890,057 and estimates that approximately 29% of the population is younger than fifteen years old. So that’s 489,734 enrollments among the over-fourteen population of around 633,000.

National Strategy for Trusted Identities in Cyberspace (NSTIC) Background and Progress Report

ID management: A matter of trust (Federal Computer Week)

In April 2011, the Obama administration launched a plan called the National Strategy for Trusted Identities in Cyberspace (NSTIC) to encourage the private sector to develop, with federal support and input, online ID and authentication systems that people could use and government agencies, other organizations and commercial players could accept without each needing to create their own vetting systems.

At this point, NSTIC supporters are making headway, though perhaps not in a headline-grabbing way. Earlier this month, the Identity Ecosystem Steering Group, a federally supported committee led by the private sector that will guide creation of NSTIC-style systems, met for the first time in Chicago to hash out plans for addressing privacy, standards, usability, contracts and other key components.

National Strategy for Trusted Identities in Cyberspace (NSTIC) is being run by National Institute of Standards and Technology (NIST) to encourage the development and adoption of standards for ID management. The recent Apple-Amazon hack points to why this is important.

In an environment where everyone has to create their own ID management system, it is inevitable that organizations will create exploitable gaps in the way they emphasize the importance of information. In this case, Amazon (like many other companies, just check your restaurant receipt) treated the last four numbers of a credit card as non-secure information, while Apple used the same information for logical access control.

Initiatives like NSTIC hope to facilitate companies and government agencies to work through ways to make this kind of thing less likely.

Biometrics Uncover 825,000 ID Inconsistencies in DHS Database

Fingerprint Records Reveal 825,000 Immigrants With Multiple Names (Mashable)

Many of the situations involved women who legally altered their names. “We found that nearly 400,000 records for women have different last names for the same first name, date of birth and [fingerprint identification number],” he wrote. “These instances are likely women who changed their names after a marriage.”

During the study, auditors examined records covering 1998 through 2011.

Most of the time, US-VISIT personnel try to resolve cases in which people who appear to be one and the same have different information listed in records, the auditors found. The researchers are not specifically targeting scams, Deffer explained. Accidental typos, the fact that various immigration-related agencies use incompatible data formats and other keying mistakes are factors they look for when probing mismatches. During the course of typical procedures, US-VISIT has picked up on only two instances of fraud, agency officials reported to the IG.

The enormity of the conflicting data, however, may obscure actual fraud. “These inconsistencies can make it difficult to distinguish between data entry errors and individuals potentially committing identity fraud,” he wrote.

As they grow and age databases can get really junked-up. Biometrics, in this case fingerprint biometrics, can be extremely helpful in maintaining their integrity. The database involved here is the on maintained by the US Department of Homeland Security US-VISIT program. It contains (wait for it) information, including a fingerprint, on all visitors to the US. The fingerprint has been the linchpin of the audit that discovered 825,000 database errors because it is the only  piece of truly unique and durable, personal information stored.

Before automated fingerprint ID systems (AFIS), combinations of data were used to reduce ID error rates to some reasonable approximation of zero. While names, birth dates, and other descriptors aren’t unique, multiplying them together works pretty well for a while. Working against this system are legal name changes and human typographical errors in data entry which have the database effect of creating a whole new person,  which runs counter to the reasons for keeping such a database in the first place.

See Biometric “Fix” Identity which takes on this issue from the angle of intentional fraud.

Following Sex Offender Scandal, New Zealand Looks to Biometrics for Teacher Vetting

Sex teacher report a ‘serious wake up call’ – Parata (TVNZ)

Education Minister Hekia Parata released the findings of a Ministerial Inquiry today which outlines 35 recommendations to close the “significant gap” in the employment process for hiring teachers.

The recommendations include a police check for anyone who moves from a provisional teaching license to full registration and teachers informing schools if they change their name.

The Government is also considering making teachers use biometric photo identification when they switch schools.

The inquiry was ordered earlier this year after it was revealed sex offender Te Rito Henry Miki, 40, managed to work in six schools over four years despite a supervision order that prevented him from coming into contact with children.

See also:
One in Six Sex Offenders Lives Digital Double Life

The post dealing with the above article and the issues it raises is:
ID Isn’t Perfect. How Perfect Can (or Should) It Be?

Fiji: Biometric Voter ID Being Used for all Sorts of Transactions

It’s like UID in reverse.

Ministry to accept voter cards as valid ID (Fiji Times)

THE Voter Identification Cards (VIC) issued through the electronic voter registration identification cards will be accepted as a valid form of identification by the Ministry of Justice by November 15.

Any Fijian who has registered to vote and who possesses a VIC will be able to access services provided by the Registrar of Titles Office, the Births, Deaths & Marriages Registry, the Companies Office (which includes the Moneylenders Registry) and the Official Receiver’s Office.

Read the whole thing. You’re half-way there already. By calling it UID in reverse I make no comparison between Fiji & India. Fiji has less than a million people and you can’t walk there from anywhere else. It’s just that, rather than develop one ID that can do everything. Fiji developed an ID for one purpose (elections) that has broad applicability to other ID tasks.

Fiji

One Year Ago: Poor ID Management Infrastructure Prevents Uganda Little League Baseball Team from World Series Participation

Originally posted August 15, 2011

“Many Ugandans, if you ask them, ‘When were you born?’ They say, ‘I don’t know.'” (UPDATE:  Video no longer hosted at YouTube.com by ESPN)

Uganda defeated Saudi Arabia to become the first African team to qualify for the Little League World Series. Exultation turned to disappointment when many of the players were unable to obtain visas to the United States (apparently) because of an inability to provide enough biographical detail during the State Department’s application process.

The video linked below is taken from a documentary currently in production that was featured on ESPN over the weekend. Please watch it before reading the rest of this post. It is not to be missed. (UPDATE: Video no longer hosted at YouTube.com)

“…Little League was not ready for a country like Uganda to participate in the World Series.”
(UPDATE: Video no longer hosted at YouTube.com)

There is a temptation to place blame (upon the State Department, Little League, Uganda, Felipe Almonte, etc.) but the Ugandan coaches and players know the real source of their disappointment though they don’t use the exact same terms we use here: A legitimate ID is a prerequisite to full participation in the modern world.

The sad truth, and the true cause of the plight of Uganda’s Little League baseball team is the fact that (perhaps) billions of the world’s poor lack individual legitimacy because they don’t have an ID that can be vouched for by a trusted second party. These individuals are therefore unable fully to exert their talents through the world’s increasingly interconnected institutions. Because of this, we are all poorer.

Fortunately, and thanks in no small part to biometric technologies, the costs associated with maintaining an effective ID infrastructure are falling fast, enabling even poor societies with low adult literacy rates to provide their children with something they cannot reach their full potential without: a legit ID.

UPDATE – August 16, 2013:
Here’s a poor-quality YouTube video (someone filming their television) of the original ESPN spot referred to above.

US: Biometrics Collected Under Deportation Deferment Program

US illegal immigrants eye new work rule (Express India)

“Under existing regulations, an individual who receives deferred action and demonstrates economic necessity for employment is eligible to also receive employment authorisation for the period of deferred action — in this case, two years,” Alejandro Mayorkas, Director, United States Citizenship and Immigration Services (USCIS) told reporters during a conference call.

The total fee for making application is USD 465, which includes a biometric check and issuance of a secure work authorisation document.

I haven’t been able to find whether the biometrics involved are part of a criminal background check, become part of the ID documents, or both.

UID news In and Around Mumbai

After a lull, UID is all over the news today reviving the All-India-All-the-Time aspect this blog occasionally takes on.

These two articles are pretty no-nonsense looks at UID in and around Mumbai.

Maharashtra’s Aadhaar model of linking govt data to be replicated (Business Standard)

The Maharashtra government on Monday got a boost from Unique Identification Authority chief Nandan Nilekani, who said the state’s model of linking UID data with citizen-related data compiled by various departments would be replicated across the country. Multiple departments “have data in silos which do not talk to each other” and linking this data with UID would bring in an integrated view and help governments to provide better service to citizens, believes Nilekani.

Maharashtra extends deadline for UID card by a year (Times of India)

Nearly one-and-a-half years after Prime Minister Manmohan Singh launched the ambitious scheme to provide unique identity (UID) cards at Nandurbar in Maharashtra, the state government has extended its deadline to complete the programme by a year.

The government now aims to cover at least 80% of Maharashtra’s population before March 31, 2013, as opposed to the earlier target of 100% enrollment by March 31, 2012.

Enrollment vs Authentication: Nigeria seems to get it

Nigerians to get permanent voters card soon (Business Day)

“As you know, we did biometric data registration; before the end of this year, we will start issuing the permanent voter’s card, and these permanent voter’s cards that we are going to issue are chip-based, just like many of our own bank cards. So, they carry all the information on a microchip which is embedded in the card of the card,” he said.

“What we believe we can achieve at the minimum by 2015, is that we can achieve 100 percent authentication at the polling units.

Biometric voter registration without biometric voter authentication at the polling place is, at best, a half step toward an optimal biometric voting system.

“This Or That Person”: New film dwells on the notion of personhood

ID please? (The Hindu)

The Unique Identity number (UID or aadhar) project was introduced in India in 2009 and through the lens of the UID, the film looks at what identity documents means to people, and how the aadhar project is perceived.

The documentary dwells on the notion of personhood as seen by the India State, or as the director puts it, “It is a conversation with the State about ideas of inclusion, exclusion, surveillance and citizenship, and it does so by interrogating the Unique Identity number project.

“The Unique Identity Number that the State will give each citizen is meant to be the solution for a lot of problems, but in a system that is already suffering from structural problems how effective will the UID be?” questions Subasri.

Biometrics is about people.

If anyone knows anything more about this film or how to see it, please let me know.

The notion that UID is a threat to India’s security is absurd

It looks like they outsourced the headline writing to P Chidambaram. Nevertheless…

Fake enrolments in Aadhaar Phase-I spark security fear (Indian Express)

The first half of the article asserts security threats without exactly backing up the assertion.

The second half of the article actually describes some of the improvements upon Phase I sought by the UIDAI for Phase II. This part of the article is more instructive.

As for those who fear for the security of India, which environment is more secure?

STATUS QUO: Up to 500 million people (more than the total population of all but two countries) about whom the government knows nothing, whose status (or lack thereof) increases their likelihood of poverty and susceptibility to communicable disease, whom government’s attempts at assistance provide a magnet for corruption and graft, and whose lack of status increases vulnerability to person trafficking or other exploitation (I could go on and on).

OR

GOOD: A 99% accurate national identity management regime ensuring access to public support, banking, telecommunications, and investment markets to all Indians. BAD: Some liars, cheats, scoundrels, illegal immigrants and spies will receive a legitimate ID with fraudulent information. BUT: From there forward they should be unable to maintain more than one identity.

So you’ve got to pick your poison. While no human system attempting to account for over a billion other humans can ever be perfect. It’s difficult (if not impossible) to see how UID can increase insecurity.

Even if there are a million terrorists hiding out among the 500 million undocumented people, and even if they all get Aadhaar numbers with fake details, at least he government has the fingerprints and aliases of a million terrorists and if those same fingerprints show up somewhere else with a different name, some questions for further investigation present themselves. That sounds like a security improvement to me.

The most prominent UID antagonists have consistently relied upon the “UID is bad for security” argument which essentially posits that it’s safer to remain ignorant about a third of the population than to make some mistakes in learning about it.

See also:
India: How Much Fraud is Acceptable in NPR, UID
Perfect is the Enemy of Good
Biometrics “Fix” Identity

Securities and Exchange Board of India: UID Valid

Sebi allows Aadhaar as valid address proof for investors (Times of India)

Market regulator Sebi today said investors can use ‘Aadhaar’ cards as a valid address proof for their accounts with brokerage firms, mutual funds, portfolio managers and other capital market entities.

‘Aadhaar’, a 12-digit individual identification number issued by UIDAI (Unique Identification Authority of India), is already permitted as a valid identity proof document in the capital market.

Offering investment opportunities to the poor should be good for both the poor and the economy in general.