Large customers need biometrics to be more convenient

Fingerprints still too unreliable for banks (MIS – Asia)

Still, organisations across multiple sectors are exploring the use of several types of biometric technologies. The Australian Passport Office last November issued a tender for new biometrics technologies.

The organisation has been using facial recognition for its passport production process since 2005.

In 2012, ANZ Bank said it was exploring using fingerprint recognition technology to replace traditional PIN codes.

Parker said there an interesting discussion under way now about how secure a transaction has to be and how much organisations and consumers are you willing to pay for a certain level of security.

“If you’re protecting the front door or the control panel of a nuclear arsenal, you probably want to spend a lot of money on security to make sure it’s top grade and nobody can get through it.

It looks like people are starting to come to grips with the “compared to what?” and “perfect vs. good” arguments we’ve been making here for a while now.

We’d also suggest a revised headline for the article linked above: “Fingerprints not Convenient Enough for Large Customers.” We’d agree with that one.

As it stands now, biometrics algorithm developers and large system vendors aren’t really finding much success at supporting customers for whom ID management isn’t their primary business. And nearly all organizations for whom ID management is their primary business are government entities. This goes some distance toward explaining why the private market for biometrics has been slow to develop.

It’s also the challenge we have built SecurLinx to meet. In this example, banks aren’t in the ID business; they’re in the money business, but they do have to get ID right — or at least predictably wrong — in order to do their job. Magnetic stripes, sixteen digit numbers and passwords aren’t great, but they are predictable. They are convenient at an affordable cost.

Biometrics companies must deliver solutions to customers that can add security and at least come close to the convenience of the systems they seek to replace.

Twitter: March Biometric Chat – Large Scale Deployments with Accenture’s Cyrille Bataller

UPDATE March 28, 2013:
John has posted the chat transcript at Storify.

March 28, 2013 11:00 am EST, 8:00 am PST, 16:00 pm BST, 17:00 pm (CEST), 23:00 pm (SGT), 0:00 (JST)

Where: (or Twitter hashtag #biometricchat)

Tweet chat on the use of biometric identification for border control, ePassports, visa applications, and voter registration with @CyrilleBataller of @Accenture. Mr. Bataller appears in the video Biometrics and Privacy: A Positive Match available at the Accenture site here. I’d embed it if I could.

Topics: The use of biometrics to secure borders, process visa applications & ePassports, and secure voting registries

More at the M2SYS blog.
UPDATE: Questions for the upcoming chat

Earlier topics have included:
Mobile biometrics
Workforce management
Biometrics in the cloud
Law enforcement
Privacy again
Biometrics for global development

Modalities such as iris and voice have also come in for individual attention.

I always enjoy these. Many thanks to John at M2SYS for putting these together.

Who’s in my country? That’s a tough one.

Philippines will deploy biometrics for documenting the arrival and departure of international travellers (FutureGov Asia)

BI Commissioner Ricardo David Jr said the programme will enhance the country’s border security and boost the agency’s capability to thwart the entry of foreign terrorists and other illegal aliens.

The new scheme involves the use of an ink-less device and digital camera in capturing the fingerprints and photographs of the foreign visitors.

Doing something like this is easier for some countries than others. The Philippines has some advantages and challenges. Advantages include the lack of land borders with other countries. Since it’s an archipelago, they can be pretty sure that no one is walking or driving there, so except for clandestine boat or plane landings, covering the sea- and airports takes care of it. But there are a surprising (to me) number of those, so the integration challenges are real.

Also relevant to integrating the entry and exit points is the percentage of international travelers who enter a country through one international travel node and depart the country from another.

The more nodes, the more travelers, the more complex the travel patterns of international visitors, all of these things place additional pressures on any sort of entry/exit system and these complexities don’t necessarily increase as a linear function.

Of course all of this has bearing on the United States which has every challenge there is. It’s not surprising that, biometrics or no biometrics, the US lacks a comprehensive integrated entry/exit system. A couple of good pilot projects might go a long way towards getting an idea of the exact scope of some of the challenges, though.

Australia to test drive ABIS developed for US by Northrop Grumman

Australia to test biometric system (UPI)

Australia’s Defense Department has received a trial proof of concept for an automated biometric information system from Northrop Grumman.

The proof of concept, modeled after the U.S. Department of Defense Automated Biometric Identification System, will be used to produce biometrically enabled intelligence.

Biometric deployment winners and losers

This article describes a fingerprint system implementation that isn’t going too well.

Northtown is one of 20 child-care centers in central Mississippi taking part in a Mississippi Department of Human Services pilot program. DHS administers the state’s child-care assistance, or certificate, program for poor families and pays providers like Kay who accept the certificates. Starting Sept. 4, parents and guardians of children receiving a subsidy must scan their finger when dropping off or picking a child up from day care.

Kay and other child-care center operators say implementing the new system has been nothing short of nightmarish and that the problems are eating into revenues. Although DHS trained workers on how to use the machines, training parents is left up to the individual centers, meaning that a member of Kay’s staff must remain on standby at all times to help people work the machine. Also, because the system relies on unique finger scans, staff members cannot override the system or check the kids in and out when parents forget. When that happens, providers might not get paid.

No analysis of why state subsidized day care centers are being asked to prove that they are actually providing the service for which they are paid (using a parent fingerprint). No analysis of why it is a burden to have someone on standby to facilitate/control/monitor who picks up and drops off children. No explanation of how or why parents are allowed to forget to check their children in and out of the child care facility.

A system as lax as the one obliquely described in the article is, of course, likely to become a magnet for fraud. That’s bad. What is much worse is that a situation where no one is keeping track of who is taking children away from a child care facility is a tragedy waiting to happen.

If the subsidized day care system in Mississippi was ticking along flawlessly, it’s hard to imagine someone deciding that it would be a great idea to implement more rigorous identity management measures. That’s just not the way things work. Frequently, biometric systems are brought in to shore up flaws in a system.

The costs and benefits of shoring up flaws in a system, however, are unlikely to fall upon/accrue evenly throughout an organization. For example: The return on investment of a biometric time and attendance implementation is paid by those who benefited from a more lax system and accrues to the firm’s owners. The people who lose out in the transition aren’t necessarily right, but they aren’t necessarily without power, either.

Without significant insight, it’s easy for managers to get caught off guard by push-back from those whose interests are undermined by more efficient operation. This is where a good biometric system integrator can really do themselves and their customers a favor by understanding their customer’s business and helping the customer to anticipate and mitigate obstacles to a successful implementation. It’s not enough that a solution succeed on its technical merits as if deployed in a vacuum, though it must do that. It must also succeed operationally in support of the people who carry out the organization’s objectives. Successful integrators meet customers where they are and leave them better off than they found them.

Four Seventh Grade Girls Bring Facial Recognition to the People

This is a very cool story involving market research, technology, training and integration. Congratulations to the Rocky Run Seventh-grade eCybermission team.

Rocky Run Girl Power: Seventh-grade eCybermission team is second in Virginia (The Connection)

“Our project was about biometrics and how people use passwords and user ID every day to access various online resources,” said Rashel. Aisha explained that biometrics is comprised of the individual characteristics used to identify a person.

“We did a survey at the Chantilly Library and discovered that 76 percent of the people didn’t know what biometrics was — and the 4 percent who did didn’t consider using it.”

They decided to share their solution with the community. “So we set up an experiment in the library, having people try it out,” said Nayana. “Then we gave them a follow-up survey on biometrics to get their feedback,” said Aisha.

“Over 70 percent said they liked the facial-recognition software and thought it was more efficient and secure than the traditional method of logging on,” said Rashel. It’s important, said Aisha, because “This is one of the many things that people forget to keep secure.”

Read the whole thing.