Karnataka to halt Aadhaar enrolments But CORPORATE Rules India!The LPG Mafia Rule By PASS the Parliament once again as The government today approved a compromise formula to end the battle of biometrics between the Ministry of Home Affairs and UIDAI.Authority to work in tandem with population register.
The Aadhaar cards issued by the Unique Identification Authority of India (UIDAI) are unlikely to be rolled out in Assam and other North Eastern States, barring Tripura and Sikkim.Indian Holocaust My Father`s Life and
Time - SEVEN HUNDRED NINETY FIVE
Palash Biswashttp://indianliberationnews.com/
http://indianholocaustmyfatherslifeandtime.blogspot.com/
http://basantipurtimes.blogspot.com/
Approval for funding Phase-Ill of the UIDAI |
The Cabinet Committee on Unique Identification Authority of India related issues (CC-UIDAI) today approved commencement of Phase-Ill of the UID scheme at an estimated cost of Rs.8,814.75 crore which subsumes the earlier approval of Rs.3,023.01 crore, and comprises costs for issue of 20 crore Aadhaar numbers through Multiple Registrars upto March 2012, printing and delivery of 20 crore Aadhaar letters, technology and other support infrastructure cost for creation, storage and maintenance of data and services for leveraging the uses of Aadhaar for the entire estimated resident population upto March 2017. Out of amount of Rs.8814.75 crore that has been approved for incurring expenditure upto March 2017, Rs.2412.67 crore would be towards recurring expenditure including IT operational cost and recurring establishment cost and Rs.6402.08 crore would be towards non-recurring project related expenditure. *** SH/SKS (Release ID :79927) |
http://pib.nic.in/newsite/erelease.aspx?relid=79927
Aadhaar enrolments beyond 20 croreThe Cabinet Committee on Unique Identification Authority of India related issues (CC-UIDA1) today, after detailed deliberations and taking note that the purposes of UIDAI and NPR are different, agreed that the NPR and UIDAI enrolments should proceed simultaneously, with suitable provisions to eliminate avoidable overlap. The Committee approved the following modalities for the roll out of Aadhaar and NPR:
a. UIDAI will be allowed to enrol additional 40 crore residents beyond 20 crore already recommended by the EFC.
b. In States, where UIDAI has made good progress where State/UT Governments have given commitments for Aadhaar enrolments and are planning to integrate Aadhaar with various service delivery applications, Aadhaar enrolments through Non-RGI Registrars will move at full speed within the ceiling of 60 crore (20 crore + 40 crore). A suggested list of States/UTs was also approved.
c. The NPR enrolment will continue as envisaged, but if in the course of enrolment, a person indicates he/she is already enrolled for Aadhaar, the biometric data will not be captured by NPR. Instead the Aadhaar number/enrolment number will be recorded in NPR and the biometric data will be sourced from the UIDAI.
d. Detailed protocols will be worked out by Inter Ministerial co-ordination Committee (IMCC) already constituted by the Ministry of Home Affairs so as to smoothly implement this simultaneous effort.
The financial proposal relating to Aadhaar enrolments of additional 40 crore will be separately placed before the EFC. Pending this approval, UIDAI is allowed to continue Aadhaar enrolment beyond 20 crore so that the momentum of the field formations is not lost. Provision will be made in the budget for 2012-13 in anticipation thereof.
The additional cost for enrolment and logistics pertaining to printing and delivery of Aadhaar letters in respect of the 40 crore additional enrolments will be brought before the EFC for their recommendation and to the CC-UIDAI for approval.
The UID project is primarily aimed at ensuring inclusive growth by providing a form of identity to those who do not have any identity. It seeks to provide UID numbers to the marginalized sections of society and thus would strengthen equity. Apart from providing identity, the UID will enable better delivery of services and effective governance.
The modalities and detailed protocol for smooth implementation of simultaneous enrolment by the Non-RGI Registry of UIDAI and the RGI will be finalized by the IMCC within the overall directions given by the CC-UIDAI. The enrolment through Non-RGI Registrars of UIDAI will be for an additional 40 crore population.
Background:
The Unique Identification Authority' of India (UIDAI) was established in 2009 and has been mandated to issue Unique Identification (UTD) numbers to the residents of India. It may be recalled that UIDAI was constituted by the Government of India in January, 2009 as an attached office of the Planning Commission. Prime Minister's Council of UID Authority was constituted on 30th July, 2009 and its first meeting was held on 12th August, 2009. Subsequently, the Government constituted a Cabinet Committee on Unique Identification Authority' of India related issues (CC-UIDAI) in October, 2009 to look into all issues relating to UIDAI including its organization, plans, policies, programmes, schemes, funding and methodology to be adopted for achieving the objectives of the Authority. Consequent upon the creation and establishment of the Unique Identification Authority of India in 2009 for providing unique identification to the residents across the country, an estimated 17 crore enrolments have been completed by the various Registrars of UIDAI and as on 20.1.2012, 11.90 crore Aadhaar numbers generated.
***
SH/SKS
(Release ID :79925)
http://pib.nic.in/newsite/erelease.aspx?relid=79925
True lies of biometric technology in Aadhaarenrolment
January 27, 2012 01:24 PM |
David Moss
Let's ask the professors UIDAI cited in its latest report: Do you agree with UIDAI's assessment of Aadhaar? Do you share their confidence in the project? Did UIDAI ask you in advance, before using your name for their marketing purposes?
The Unique Identification Authority of India (UIDAI) have been accused of making false claims about the reliability of the biometrics that its uniqueidentification number (UID) or Aadhaar scheme relies on. The report released earlier this week by UIDAI is in response to those criticisms.
UIDAI say that "… based on the analysis, it can be stated with confidence that UIDAI enrolment system has proven to be reliable, accurate and scalable to meet the nation's need of providing unique Aadhaar numbers to the entire population. It is now safe to conclude that the system will be able to scale to handle the entire population". But that is mere assertion, it begs the question, they would say that, wouldn't they.
They need independent and respected biometrics experts to agree with them, if this report is to boost confidence in UIDAI's abilities. They mention several names. The casual reader may assume that these named experts all agree with UIDAI's conclusion that Aadhaar will work. It would be instructive to ring them up and ask them directly for their opinion.
Does Professor John Daugman, for example, agree with UIDAI when they say that "… although [the false positive identification rate of 0.057%] is expected to grow as the database size increases, it is not expected to exceed manageable values even at full enrolment of 120 crores"? It seems unlikely—Professor Daugman is the man who first pointed out that any attempt to prove uniqueness in a large population of biometrics must drown in a sea of false positives, please see http://www.silicon.com/management/public-sector/2008/09/26/id-card-will-drown-in-a-billion-mismatches-39294213/
And does Professor Jim Wayman, for example, agree with UIDAI when they say that "… based on the [receiver operating characteristic] model, the UIDAI expects the accuracy of the system to remain within the same order of magnitude as reported above. Hence it can be stated that system will be able to scale to handle the entire population without significant drop in accuracy"? It seems unlikely—Professor Wayman is the lead author of a paper which concludes that biometrics is a discipline out of statistical control, the results gathered so far tell you nothing about what to expect in future, please seehttp://biometrics.nist.gov/cs_links/ibpc2010/pdfs/FundamentalIssues_Final.pdf
If the two professors agree with UIDAI and renounce their earlier statements, well and good.
But if, on the other hand, they say that they have no reason to believe that UIDAI is right, they have not had a chance to assess the evidence that UIDAI claims to have, they do not understand why UIDAI has mentioned their names, then this schoolboy attempt to justify UIDAI's waste of public money will fall humiliatingly flat on its face.
(David Moss spent eight years campaigning against the UK's National ID (NID) card scheme, which was finally scrapped by the British government. Mr Moss is an MA in Philosophy from Cambridge University, MSc in Software Engineering from Kingston. With a career spanning of over 35 years, Mr Moss at present works as director at Business Consultancy Services Ltd and can be contacted at bcsl@blueyonder.co.uk.)
You may want to read...
- UK scraps National ID project; Will India's UID face the same fate?
- How UIDAI goofed up pilot test results to press forward with UID scheme
- UID: Enrolment troubles for helpless residents
- Fat profit institutions continue to board UID bandwagon
- Why is UID number being made compulsory through the backdoor
- UID = more 'consumers' admits Nilekani
- Now SEBI jumps on the UID bandwagon
- Right to privacy and biometrics of the UID
- How Aadhaar or the UID project can get you into deep trouble
- UID Issue: Numbers Game -1
- No card only a number despite Rs45000 crore being spent on the UID
- Even Mahatma Gandhi was against ID cards
http://www.moneylife.in/article/true-lies-of-biometric-technology-in-aadhaar-enrolment/23257.html
The Cabinet on Friday extended the mandate of the unique identification project to cover another 400 million people by June 2013. Until now, the Unique Identification Authority of India (UIDAI) was mandated to enrol 200 million people by March 2012.
The Unique Identification Authority of India (UIDAI) is now set to work with a renewed energy in providing Aadhar identification number to people, with the cabinet extending the authority's mandate to enrol another 400 million people by June 2013.
UIDAI chairman Nandan Nilekani said within six-eight weeks the authority would refresh its entire functioning, including security aspects, and begin work with the reworked strategy from April.
August 25, 2010
Press Relese: UID NOT IN THE PUBLIC INTEREST
CAMPAIGN FOR NO UIDMEDIA RELEASE: 25 August 2010. New Delhi
UID NOT IN THE PUBLIC INTEREST
Scheme is deeply undemocratic, expensive and fraught with unforeseen consequences
New Delhi: The technological, economic, social and political aspects of the National Identification Authority bill currently in the Parliament came under the scanner in a public meeting organized by a coalition of civil society groups under the banner of Campaign for No UID. Groups from Mumbai, Bangalore and Delhi participated at the meeting held at Constitution Club.Led by Nandan Nilekani, former CEO of IT major Infosys, the UID project has been pushed as a landmark initiative for ushering in 'good governance' and providing basic services to the poor.
Speakers at the meeting asserted that such claims are grossly exaggerated, false and unjustified. For instance in the case of the Public Distribution System (PDS) systemic issues such as corruption and non-inclusion of families under BPL (Below the Poverty line) ensure that it does not meet its stated objectives. The issuance of a 12 digit number to the poor will therefore hardly result in them accessing cheap food.
The claim about the UID leading to financial inclusion for NREGA beneficiaries is bogus because about 83% already have bank accounts.
On the other hand because of technical problems with biometrics, it is very likely that the poor could be excluded from accessing services. JT D'Souza an expert on biometrics asserts that using biometrics as a core authenticator is deeply flawed as it has never been tested on such a large scale (850 million people) and is easily susceptible to forgery. Research by experts shows that with the technology available today a 10 dollar investment can spoof finger-print and iris scanners with fake fingers and patterned contact lenses.
The meeting noted that the functioning of the UID has been non transparent and undemocratic. It was noted that despite setting up the UID Authority of India (UIDAI) in June 2009, the United Progressive Alliance (UPA) Government is yet to issue a white paper on the scheme and how it is going to deliver basic social services to the poor.
Senior Member of Parliament from the Revolutionary Socialist Party of India (RSP) Abani Roy called for the launching of a massive campaign to resist this expensive and dangerous project through which several companies will gain massive contracts from the public exchequer. The budget estimates vary from 45,000 crore to 1.5 lakh crore rupees. He also noted that, the UID is yet to be comprehensively discussed or debated in the Parliament.Syed Azeez Pasha MP from the Communist Party of India also participated.
The Campaign for no UID plans to hold further meetings across the country and lobby parliamentarians in the coming months (Ends)
For more information contact: Sajan Venniyoor (Delhi): +91-9818453483 - Bobby Kunhu (Delhi): +91-9654510398
UID Not In The Public Interest
By Campaign For No UID
25 August, 2010
Countercurrents.org
Scheme is deeply undemocratic, expensive and fraught with unforeseen consequences
New Delhi: The technological, economic, social and political aspects of the National Identification Authority bill currently in the Parliament came under the scanner in a public meeting organized by a coalition of civil society groups under the banner of Campaign for No UID. Groups from Mumbai, Bangalore and Delhi participated at the meeting held at Constitution Club.
Led by Nandan Nilekani, former CEO of IT major Infosys, the UID project has been pushed as a landmark initiative for ushering in 'good governance' and providing basic services to the poor.
Speakers at the meeting asserted that such claims are grossly exaggerated, false and unjustified. For instance in the case of the Public Distribution System (PDS) systemic issues such as corruption and non-inclusion of families under BPL (Below the Poverty line) ensure that it does not meet its stated objectives. The issuance of a 12 digit number to the poor will therefore hardly result in them accessing cheap food.
The claim about the UID leading to financial inclusion for NREGA beneficiaries is bogus because about 83% already have bank accounts.
On the other hand because of technical problems with biometrics, it is very likely that the poor could be excluded from accessing services. JT D'Souza an expert on biometrics asserts that using biometrics as a core authenticator is deeply flawed as it has never been tested on such a large scale (850 million people) and is easily susceptible to forgery. Research by experts shows that with the technology available today a 10 dollar investment can spoof finger-print and iris scanners with fake fingers and patterned contact lenses.
The meeting noted that the functioning of the UID has been non transparent and undemocratic. It was noted that despite setting up the UID Authority of India (UIDAI) in June 2009, the United Progressive Alliance (UPA) Government is yet to issue a white paper on the scheme and how it is going to deliver basic social services to the poor.
Senior Member of Parliament from the Revolutionary Socialist Party of India (RSP) Abani Roy called for the launching of a massive campaign to resist this expensive and dangerous project through which several companies will gain massive contracts from the public exchequer. The budget estimates vary from 45,000 crore to 1.5 lakh crore rupees. He also noted that, the UID is yet to be comprehensively discussed or debated in the Parliament. Syed Azeez Pasha MP from the Communist Party of India also participated.
The Campaign for no UID plans to hold further meetings across the country and lobby parliamentarians in the coming months
http://www.countercurrents.org/cfnu250810.htm
Stop UID number scheme immediately, activists urge PM
July 29, 2011 05:17 PM |
Moneylife Digital Team
Activists are urging the PM to immediately stop the UID or Aadhaar number scheme due to invasion and misuse of privacy, saying that it is against the Constitution. They want the funds diverted towards more productive projects
Already under heavy criticism, the UID (Unique Identification Number), or Aadhaar as it is called now, has more flak coming its way. Human rights activists, led by advocate and activist Kamayani Bali Mahabal, have started petitioning Prime Minister Dr Manmohan Singh against Aadhaar, since they believe it is a gross violation of individual privacy. Their petition states that collection of highly sensitive personal data of the population without following Parliamentary procedure is unacceptable and outright violation of Article (21) of the Constitution. (No person shall be deprived of his life or personal liberty except according to procedure established by law).
Ms Mahabal, who is petitioning online and creating awareness about this issue told Moneylife, "Parliament has not yet approved the project. The UIDAI (Unique Identification Authority of India) has no authority to collect sensitive data and what they are doing is actually without the authority of law. There is no protocol for data protection that has been built into the law yet."
Rejecting the Aadhaar scheme completely, activists are appealing to the government to shut it down with immediate effect and divert the allocated humongous funds towards productive and needful projects.
They are arguing that the State cannot pass a law that allows invasion of privacy of its citizens. Article 13(2) supports this, "The State shall not make any law which takes away or abridges the rights conferred by this Part and any law made in contravention of this clause shall, to the extent of thecontravention, be void."
The data collected and information stored in the card can lead to misuse at unimaginable levels, serving purposes exceeding its original intent. They believe it can be used to profile citizens in a country and initiate a process of racial/ethnic cleansing, on the lines of the genocide in Rwanda in 1995. Ms Mahabal argues, "Privacy law is still being made, and till it is in place, the UIDAI should not be doing what it is, and it certainly cannot be allowed to share information as it proposes to do under the 'information consent' clause in its form."
Although, the Constitution doesn't explicitly specify privacy rights, the Apex Court of India said in a landmark judgement (Unni Krishnan, J.P & Ors. Etc., versus State of Andhra Pradesh & Ors,) on 4 February 1993, had ruled that "This Court has held that several un-enumerated rights fall within Article (21) since personal liberty is of widest amplitude."
Introduced in the 1930s in the USA, as a way to track individuals for taxation purposes, Social Security numbers were never designed to be used for authentication—moreover, these cards don't carry biometric data. Over time, however, private and public institutions began keeping tabs on consumers using these numbers, requiring people to present them as proof of identity, such as when applying for loans, fresh employment, or health insurance. The Aadhaar whitepaper itself says, "Since it is likely that increasingly the UID will be used by several service providers (government agencies, private institutions and NGOs), it is important for a resident to be able to remember it in the absence of a token such as a card."
Condemning the wasteful expenditure spent on Aadhaar, activists are saying, "We do not want our tax money to be spent on building trade infrastructure for the undue benefit of domestic or foreign corporations taking away the bargaining power of customers." There is no reason to disbelieve that the centralised database of citizens could be misused to profile citizens in undesirable and dangerous ways.
The US, UK and Australia have shelved their proposed public ID cards after public protests. Even China withdrew the clause to have biometric data stored in its cards. A London School of Economics report has noted that "Identity systems may create a range of new and unforeseen problems. These include the failure of systems, unforeseen financial costs, increased security threats and unacceptable imposition on citizens."
Ms Mahabal concludes, "The possession of a UID can at best serve only as proof of a "unique and singular" identity and does not guarantee either citizenship or benefits. This being the case, it is strange that this scheme is touted as a step for good governance."
http://www.moneylife.in/article/stop-uid-number-scheme-immediately-activists-urge-pm/18528.html
Montek's DUEL with Chidu, Wants to sink NPR and Save Aadhaar despite Standing Committee rejection
CLICK ON IMAGE TO READ RELATED ARTICLESHosted by Ram Krishnaswamy. Keeping an Eye on Aadhaar is No Monkey Business
Click on photo to Go To "SAY NO TO AADHAAR" BLOGTotal Pageviews
213227All NRI's are so poor that Govt will issue them Aadhaar so they can avail PDS and NREGA subsidies
CLICK ON IMAGE TO READ ARTICLEPIL to Scrap Aadhaar - IBN Live
CLICK ON IMAGE TO READ ARTICLEChidambaram's wants Aadhaar to STOP
CLICK ON IMAGE TO READ RELATED ARTICLEShttp://aadhararticles.blogspot.com/2011/06/1377-no-uid-no-salary-for-govt-staff.html
U.K. ID card cancellation to save taxpayers more than £800 million
Documents accompanying Tuesday's Queen's Speech say that the U.K. government will save £86 million and the public will save more than £800 million in fees from the abolition of biometric national identity cards; the Queen outlines several other bills the Tory-Lib/Dem government will push, including adopting the Scottish model for the National DNA Database in England and Wales, further regulating CCTV, and ending the "storage of internet and email records without good reason"
A prototype biometric identity card // Source: ceoworld.biz
The U.K. government has said it will save £86 million and the public will save more than £800 million in fees from the abolition of identity cards. The figures were released with documents published to accompany the queen's speech on Tuesday. In her speech delivered at the state opening of parliament, the queen said: "Legislation will be brought forward to restore freedoms and civil liberties through the abolition of identity cards and repeal of unnecessary laws."
According to the plans, the Identity Documents Bill, which will be one of the first introduced to the new session of parliament, will if passed save taxpayers "around £86 million over the next four years once all cancellation costs are taken into account". It will also save the public from paying more than £800 million in fees charged to applicants.
Kable reports that the bill will lay out plans to cancel all identity cards and destroy the National Identity Register within one month of its passing. No refunds will be given to those who already hold cards. It will also immediately remove the statutory requirement to issue cards, and close the Office of the Identity Commissioner.
The Freedom (Great Repeal) Bill will, if passed, cancel second generation biometric passports and cancel the National Identity Scheme outright. It would also lead to the government adopting the Scottish model for the NationalDNA Database in England and Wales (on the Scottish DNA database model, see "European Court: Scottish DNAdatabase system is 'fairer and proportionate,'" 7 May 2009 HSNW), further regulate CCTV, and end the "storage of internet and email records without good reason."
The announcement said the bill will also strengthen the Freedom of Information Act, make the state more accountable to citizens and repeal "unnecessary criminal laws." It will follow the Identity Documents Bill later in the parliamentary session, which will run until autumn 2011.
http://www.homelandsecuritynewswire.com/uk-id-card-cancellation-save-taxpayers-more-800-million
Ads
Biometric time and attendBiometric access control systems Fingerprint, card access and applicwww.connect.org.in
Web Based BiometricsBiometric Access Control Supplier from Singapore.Call Uswww.AIDC.com.sg/BiometricsSolutions
Access Control SystemsWide range of Fingerprint / Card Based Systems for Access Controlwww.Jaypeetex.com
Ads
Fingerprint readerfinger identification fingerprint T&Awww.szhcct.com
Learn Ethical HackingInformation Security and Ethical Hacking Training Program- Innobuzz!www.innobuzz.in/Hacking
One way that shows a lot of promise in trying to combat identity theft is implementing biometric identification. You can see this on television crime shows like CSI, NCIS, etc. Biometrics include fingerprints, facial recognition, voice patterns, retinal scans, DNA, the list goes on.
Although it has been a scapegoat for many identity thefts, in many ways technology has provided some of the most solid defenses against the rising tide of identity theft. RFID tags, data encryption and innovations along those lines have gone a long way to helping us secure our personal information. The Federal government is even considering using biometric ID cards to combat illegal immigration. In fact, it's easy to make the argument that the problem isn't in the technology but in our lack of interest in protecting personal information.
Victims of identity theft report that it can take three to five years, or even longer to fix an identity theft problem. Keep in mind, you can get a new credit card in two weeks, once you have all the information to the bank or credit issuing authority. But who's going to the issue you a new set of fingerprints if they get stolen?
The idea of somebody stealing your biometric information isn't as farfetched as you might hope. It has already been shown how simple it would be toplant false DNA evidence. This article even goes so far as to say, "Any biology undergraduate can perform this."
In the end we will probably see the same problems arise, and some think the problem may get even worse. This is because the way biometrics work isn't really any different from credit cards.
What's The Difference?
It's easy to think of credit in terms of the plastic cards in our pocket, since we can touch them, and that makes it more real. But this isn't the case. Today, credit is really nothing more than a long string of numbers stored in a computer somewhere. When you swipe your card at the local Wal-Mart, the information stored on your card is converted into a number as well and sent to your bank. If the numbers match up you get to walk home with a bag full of goodies.
Biometric identification works in a similar manner, but you're using your fingerprint instead of a card. It will still be turned into a string of numbers and run through a computer network. In the end does it really matter where the string of numbers comes from when an identity thief gets hold of it?
Despite the predictions of some experts, a database is still just a database. A hacker can still steal data from a computer or network, it doesn't matter if that data is a credit card number, or a digital voice print.
As far as security is concerned, many experts agree that maintaining "token" forms of identification are probably superior. Token identification is a card,password, PIN etc. – something that can be canceled, or changed if it is lost, misplaced or stolen. On the other hand biometric identification can't be lost, misplaced, or loaned to a friend, but it can't be replaced if it's compromised, either. This, combined with certain privacy issues (tracking, profiling, consumer-related privacy issues etc.) are making experts give serious consideration to whether or not biometrics are a viable option on a large scale.
It's easy to understand why this brings a sense of security, since no two fingerprints are the same. On the surface it seems like a secure form of identification. But security doesn't come from knowing that you are you, security only comes from knowing the information associated with your name is accurate, no matter what database that information might be in. In other words, if an identity thief managed to convince a fingerprint scanner that they were you, they will probably not come back to court if they manage to get released on bail/bond. In that situation, proving who you are won't help.
Biometrics have a few quirks of their own, though. For example, some states have started implementing a "no–smiles" policy for driver's licenses. This is because those states are now using facial recognition software to stem the flow of driver's license fraud. But the software might get confused if the subject smiles.
Furthermore, advocates like to say it's impossible to duplicate (for example) a fingerprint, but that's already been proven wrong. In fact, it's easy to do with a simple laser printer, and a little bit of spit.
But the biggest consideration is that a biometric identity system is only going to be as good as the information that's put into it in the first place. In other words, your fingerprint won't tell anyone who you are, all it can really do is keep you from using somebody else's identity once you are in that system. In fact, identity theft expert John Sileo said, "If we implement biometrics without doing our due diligence on protecting the identity, we are doomed to repeat history — and our thumbprint will become just another Social Security Number."
And that would be a grim future indeed.
- Identity Theft - Protecting Your Child from Identity Theft
- College Identity Theft: A Growing Problem
- Identity Theft - Stolen Social Security Numbers and Identity Theft
- Workplace Identity Theft
- Protect Yourself From Identity Theft
- http://idtheft.about.com/od/preventionpractices/a/Biometrics.htm
Related Issues
September 2003
Introduction
Among the many reactions to the September 11 tragedy has been a renewed attention to biometrics. The federal government has led the way with its new concern about border control. Other proposals include the use of biometrics with ID cards and in airports, e.g. video surveillance enhanced by facial-recognition technology.
The purpose of this document is to sketch out EFF's concerns about biometrics. In today's public arena, biometric technologies are being marketed as a "silver bullet" for terrorism; however, very little independent, objective scientific testing of biometrics has been done. Deploying biometric systems without sufficient attention to their dangers makes them likely to be used in a way dangerous to civil liberties. This document is very much a work in progress and we welcome comments.
What Are Biometrics?
Biometrics refers to the automatic identification or identity verification of living persons using their enduring physical or behavioral characteristics. Many body parts, personal characteristics and imaging methods have been suggested and used for biometric systems: fingers, hands, feet, faces, eyes, ears, teeth, veins, voices, signatures, typing styles, gaits and odors.
Our Major Concerns
- Biometric technology is inherently individuating and interfaces easily to database technology, making privacy violations easier and more damaging. If we are to deploy such systems, privacy must be designed into them from the beginning, as it is hard to retrofit complex systems for privacy.
- Biometric systems are useless without a well-considered threat model. Before deploying any such system on the national stage, we must have a realistic threat model, specifying the categories of people such systems are supposed to target, and the threat they pose in light of their abilities, resources, motivations and goals. Any such system will also need to map out clearly in advance how the system is to work, in both in its successes and in its failures.
- Biometrics are no substitute for quality data about potential risks. No matter how accurately a person is identified, identification alone reveals nothing about whether a person is a terrorist. Such information is completely external to any biometric ID system.
- Biometric identification is only as good as the initial ID.The quality of the initial "enrollment" or "registration" is crucial. Biometric systems are only as good as the initial identification, which in any foreseeable system will be based on exactly the document-based methods of identification upon which biometrics are supposed to be an improvement. A terrorist with a fake passport would be issued a US visa with his own biometric attached to the name on the phony passport. Unless the terrorist A) has already entered his biometrics into the database, and B) has garnered enough suspicion at the border to merit a full database search, biometrics won't stop him at the border.
- Biometric identification is often overkill for the task at hand. It is not necessary to identify a person (and to create a record of their presence at a certain place and time) if all you really want to know is whether they're entitled to do something or be somewhere. When in a bar, customers use IDs to prove they're old enough to drink, not to prove who they are, or to create a record of their presence.
- Some biometric technologies are discriminatory.A nontrivial percentage of the population cannot present suitable features to participate in certain biometric systems. Many people have fingers that simply do not "print well." Even if people with "bad prints" represent 1% of the population, this would mean massive inconvenience and suspicion for that minority. And scale matters. The INS, for example, handles about 1 billion distinct entries and exits every year. Even a seemingly low error rate of 0.1% means 1 million errors, each of which translates to INS resources lost following a false lead.
- Biometric systems' accuracy is impossible to assess before deployment Accuracy and error rates published by biometric technology vendors are not trustworthy, as biometric error rates are intrinsically manipulable. Biometric systems fail in two ways: false match (incorrectly matching a subject with someone else's reference sample) and false non-match (failing to match a subject with her own reference sample). There's a trade-off between these two types of error, and biometric systems may be "tuned" to favor one error type over another. When subjected to real-world testing in the proposed operating environment, biometric systems frequently fall short of the performance promised by vendors.
- The cost of failure is high. If you lose a credit card, you can cancel it and get a new one. If you lose a biometric, you've lost it for life. Any biometric system must be built to the highest levels of data security, including transmission that prevents interception, storage that prevents theft, and system-wide architecture to prevent both intrusion and compromise by corrupt or deceitful agents within the organization.
Despite these concerns, political pressure for increasing use of biometrics appears to be informed and driven more by marketing from the biometrics industry than by scientists. Much federal attention is devoted to deploying biometrics for border security. This is an easy sell, because immigrants and foreigners are, politically speaking, easy targets. But once a system is created, new uses are usually found for it, and those uses will not likely stop at the border.
With biometric ID systems, as with national ID systems, we must be wary of getting the worst of both worlds: a system that enables greater social surveillance of the population in general, but does not provide increased protection against terrorists.
Some Current Biometric Initiatives
Sec. 403(c) of the USA-PATRIOT Act specifically requires the federal government to "develop and certify a technology standard that can be used to verify the identity of persons" applying for or seeking entry into the United States on a U.S. visa "for the purposes of conducting background checks, confirming identity, and ensuring that a person has not received a visa under a different name."
The recently enacted Enhanced Border Security and Visa Entry Reform Act of 2002, Sec. 303(b)(1), requires that only "machine-readable, tamper-resistant visas and other travel and entry documents that use biometric identifiers" shall be issued to aliens by October 26, 2004. The Immigration and Naturalization Service (INS) and the State Department currently are evaluating biometrics for use in U.S. border control pursuant to EBSVERA.
Even prior to September 11, however, large-scale civilian biometric identification systems were being pushed. Both the Personal Responsibility and Work Opportunity Act of 1995 (PRWOA), a welfare reform law, and the Immigration Control and Financial Responsibility Act of 1996 (ICFRA), an immigration reform law, called for the use of "technology" for identification purposes.
The PRWOA requires the states to implement an electronic benefits transfer program "using the most recent technology available . . . which may include personal identification numbers, photographic identification . . . and other measures to protect against fraud and abuse." This law covers, for example, the Food Stamps program.
The ICFRA requires the President to "develop and recommend . . . a plan for the establishment of a data system or alternative system . . . to verify eligibility for employment in the United States, and immigration status in the United States for purposes of eligibility for benefits under public assistance programs . . . or government benefits." This system "must be capable of reliably determining with respect to an individual whether . . . the individual is claiming the identity of another person."
The Illegal Immigration Reform and Immigrant Responsibility Act of 1996 (IIRAIRA) requires the INS to include on alien border crossing cards "a biometric identifier (such as the fingerprint or handprint of the alien) that is machine readable." The State Department collects fingerprints and photographs of aliens for these cards.
The Truck and Bus Safety and Regulatory Reform Act of 1988(TBSRRA) requires "minimum uniform standards for the biometric identification of commercial drivers."
EFF's concerns about biometrics
Why be concerned about biometrics? Proponents argue that: A) biometrics themselves aren't dangerous because all the real dangers are associated with the database behind the biometric information, which is little different from problems of person-identifying information (PII) databases generally; B) biometrics actually promote privacy, e.g., by enabling more reliable identification and thus frustrating identity fraud.
But biometric systems have many components. Only by analyzing a system as a whole can one understand its costs and benefits. Moreover, we must understand the unspoken commitments any such system imposes.
Surveillance
The chronic, longitudinal capture of biometric data is useful for surveillance purposes. Our Surveillance Monitor page highlights some of these issues. Biometric systems entail repeat surveillance, requiring an initial capture and then later captures.
Another major issue relates to the "voluntariness" of capture. Some biometrics, like faces, voices, and fingerprints, are easily "grabbed." Other biometrics, at least under present technology, must be consciously "given." It is difficult, for instance, to capture a scan of a person's retina or to gather a hand geometry image without the subject's cooperation. Easily grabbed biometrics are a problem because people can't control when they're being put into the system or when they're being tracked. But even hard-to-grab biometrics involve a trust issue in the biometric capture device and the overall system architecture.
Databases
To be effective, a biometric system must compare captured biometric data to a biometric database. Our National ID System page highlights issues surrounding database abuse, which has both static and dynamic dimensions.
The static issues surrounding databases are mainly about safeguarding large and valuable collections of personally identifying information. If these databases are part of an important security system, then they (and the channels used to share PII) are natural targets for attack, theft, compromise, and malicious or fraudulent use.
The dynamic issues surrounding databases mainly concern the need to maintain reliable, up-to-date information. Databases that seek to maintain accurate residence information must be updated whenever one moves. Databases that are used to establish eligibility for benefits must be updated so as to exclude persons no longer eligible. The broader the function of the system, the more and broader the updating that is required, increasing the role of general social surveillance in the system.
It may seem that one of the issues that plagues token-based ID systems (like ID cards) -- the security or integrity of the token itself -- does not apply for biometric systems, because "you are your ID." But the question of the reliability of the token is really a question about trust. In an ID card system, the question is whether the system can trust the card. In biometric systems, the question is whether the individual can trust the system. If someone else captures your signature, fingerprint, or voice, for instance, what prevents it from being used by others? Any use of biometrics with a scanner run by someone else involves trusting someone's claim about what the scanner does and how the captured information will be used.
Vendors and scanner operators may say that they protect privacy in some way, perhaps by hashing the biometric data or designing the database to enforce a privacy policy. But the end user typically has no way to verify whether such technical protections are effective or implemented properly. End-users should be able to verify any such claims, and to leave the system completely if they are not satisfied. Exiting the system, of course, should at least include the expungement of the end-user's biometric data and records.
Linking
An oft-noted risk of biometric systems is the use of biometrics as a linking identifier. This risk, of course, depends to some extent on standardization. Consider, for instance, the use of the Social Security number as a linker across disparate databases. While the private sector would not have been able to develop anything like the SSN on its own, once the government created this identifier, it became a standard way of identifying individuals. Standardization therefore creates new privacy risks because information gathered for one purpose can be used for completely unrelated, unconsented-to purposes.
Currently, Automated Fingerprint ID Systems (AFIS) are heavily used by the government in connection with law enforcement, but there is at present little standardization within the AFIS industry. If law enforcement and private industry were to unify their fingerprint databases under one common standard, such as under a national ID system, this would potentially put one's entire life history in interoperating databases that are only a fingerprint away.
Tracking
By far the most significant negative aspect of biometric ID systems is their potential to locate and track people physically. While many surveillance systems seek to locate and track, biometric systems present the greatest danger precisely because they promise extremely high accuracy. Whether a specific biometric system actually poses a risk of such tracking depends on how it is designed.
Why should we care about perfect tracking? EFF believes that perfect tracking is inimical to a free society. A society in which everyone's actions are tracked is not, in principle, free. It may be a livable society, but would not be our society.
EFF believes that perfect surveillance, even without any deliberate abuse, would have an extraordinary chilling effect on artistic and scientific inventiveness and on political expression. This concern underlies constitutional protection for anonymity, both as an aspect of First Amendment freedoms of speech and association, and as an aspect of Fourth Amendment privacy.
Implemented improperly, biometric systems could:
- increase the visibility of individual behavior. This makes it easier for measures to be taken against individuals by agents of the government, by corporations, and by our peers.
- result in politically damaging and personally embarrassing disclosures, blackmail and extortion. This hurts democracy, because it reduces the willingness of competent people to participate in public life.
- increase the 'circumstantial evidence' available for criminal prosecution. This might dramatically affect the existing balance of plausible-sounding evidence available to prosecutors, and hence increase the incidence of wrongful conviction. Many criminal cases are decided by plea bargaining, a process that is sensitive to the perceived quality of evidence. Even ambiguous or spurious evidence generated by complex technical systems may be difficult for overburdened public defenders to challenge.
- enable the matching of people's behavior against pre-determined patterns. This could be used by the government to generate suspicion, or by the private sector to classify individuals into micro-markets, the better to manipulate consumer behavior.
- aid in repressing readily locatable and trackable individuals. While the public's concern is usually focused on the exercise of state power, these technologies may also greatly empower corporations. If proper privacy safeguards are not constructed into such systems, they would prove useful in dealing with such troublesome opponents as competitors, regulators, union organizers, whistleblowers, and lobbyists, as well as employees, consumer activists, customers and suppliers.
The Attributes of Biometric Systems
How Do Biometrics Compare to Other Types of ID?
Currently other than personally recognizing someone, or having a trusted third party personally swear to their identity, the only other technique for identifying a person is through the use of a "token." These tokens, which are in essence representations of the oath of a trusted third party, come in two basic forms:
- Knowledge tokens, such as passwords, secret PINs (Personal Identification Numbers), or knowledge of personal data (knowing one's mother's maiden name, e.g.), or
- Physical tokens such as ID cards, passports, chip cards, or plain old keys.
Token IDs offer certain advantages over biometric identification. Security against "false acceptance" of impostors can be raised by increasing the complexity of the token used for identification. Also, in the event of loss or compromise, the token, be it a password, PIN, key, or ID card, can be revoked, changed or reissued, a biometric measurement cannot.
The advantage of biometrics is that unlike tokens, biometrics cannot be lost, loaned, or forgotten. Token-based systems must verify that the presenter is the authorized user, not an unauthorized person who has come to possess the token.
Used carefully, biometrics may be combined with token-based systems to mitigate the vulnerability of ID tokens to unauthorized use.
Functions of Biometric Systems
One useful way of thinking about biometrics is that they are used for one of two purposes: A) To prove that you are who you say you are (positive ID), or B) To prove that you are not who you say you are not (negative ID).
In a positive ID situation, the subject asserts that she is Jane Doe and submits a "live" sample (a fingerprint, for example) to the system. The system then checks its database of previously enrolled or registered samples to see if the live sample matches the reference sample. A positive ID system is designed to prevent more than one person from using a single identity.
In a negative ID situation, John Roe claims not to be someone already known to the system. Here, the system checks its database to see that Roe is not on the watchlist of suspected criminals and terrorists, whose biometrics are already in the system. A negative ID system is designed to prevent one person from using more than one identity.
When biometrics are employed to effect negative identification, one need not be enrolled. The only persons who must be "in" the database are those whom the operator is trying to keep out or catch.
Biometrics alone cannot establish "true identity." A biometric system cannot prevent someone from furnishing fake credentials when they first enter the system. They can only prevent them from using another identity once enrolled.
Common Aspects of All Biometric Systems:
All biometric technology systems have certain aspects in common. All
are dependent upon an accurate reference or "registration"
sample. If a biometric system is to identify a person, it first must
have this
sample, positively linked to the subject, to compare against. Modern
biometric identification systems, based on digital technology, analyze
personal physical attributes at the time of registration and distill
them into a series of numbers. Once this reference sample is in the
system, future attempts to identify a person are based on a comparison
of a "live" sample and the reference sample or samples.
A perfect system would recognize a person 100% of the time, and reject
an impostor 100% of the time. However, biometric samples are gathered
from people in environmental conditions that are uncontrollable, over
equipment that may slowly be wearing out, and using technologies and
methods that vary in their level of precision. Consequently, the accuracy
of biometric systems is assessed in light of these confounding variables
via its tendency to experience either a "false
match" (also called a "false accept") or a "false
non-match" ("false reject"). The point at which these
two rates intersect is called the equal error rate or crossover point.
Biometric systems may be "tuned" to diverge from the equal
error rate to provide a match threshhold that satisfies the designer's
requirements. If a system compares a large number of persons against
a
small number of samples, and the consequence of a false match is low,
(for example, at a border crossing or airport that is looking for a
short list of criminals) a system biased towards a higher "false
accept" or "false match" rate may be desirable. The advantage
to biasing a system in this manner is that it is likely to err on the
side of safety, and less likely to let a criminal slip through undetected.
The disadvantage is that the system will falsely associate innocent
people with criminals. If other safeguards are in place and the system
operators understand the system's bias towards false match, the result
can be a relatively trivial loss of convenience due to increased scrutiny
(extra inspection of luggage, questioning, etc.) Biasing such a system
towards a high "false non-match" or "false reject"
rate will result in fewer passengers slowed down at the gate, but at
the cost of possibly losing the sought-after criminals.
When assessing the utility or the cost of a biometric system, it's
important to bear the common features of all such systems in mind. How
is the reference sample to be gathered and catalogued? How it the
live sample going to be gathered? Can a live sample be captured without
the subject's knowledge and cooperation? What are the implications of
all four possible outcomes (true match, true non-match, false match,
false non-match)? What is the value of a successful system, and what
is the cost, to all parties, should it fail?
Further, we should not assess failure simply from the perspective of
the core biometric technology itself. Even an ideal system can be defeated
easily if it is incorporated into an insecure or poorly-designed overall
system architecture. Any biometric system, especially one that involves
a component of telecommunication, must be very carefully
designed to prevent the loss or interception of user biometrics. Any
deployed system must incorporate safeguards to prevent the interception
of biometric data while it is being communicated. If a user's biometric
is intercepted, criminals may be able to replicate either the sample
itself or the string of binary data produced by a successfully-matched
sample. Armed with such intercepted biometric data, a criminal would
be able to effect a potentially very damaging identity theft.
Types of Biometrics
A proper assessment is built not only on a general understanding of
biometrics, but also on an understanding of specific technologies. An
understanding of both biometrics in general and specific biometric
technologies is a necessary condition for a solid understanding of the
larger social implications of biometrics.
Signature
The biometric most familiar to us is the signature. Our ability to
judge by sight if one signature matches another has made this a
time-proven and legally-binding biometric. However, by sight alone,
most of us cannot recognize the pressure of the pen on the paper or
the speed and rhythms of its traverse of the page. Computers can do
all these things, and quantify, analyze and compare each of these
properties to make signature recognition a viable biometric
technology. Being based on things that are not visible (pen pressure
and velocity, for example), signature-based biometric technology,
offers a distinct advantage over regular signature verification -- in
addition to mimicking the letter forms, any potential forger has to
fabricate a signature at the same speed, and with the same pen weight,
as his victim.
Signature biometrics pose a couple of unique problems. The first is
the comfort with which people are already willing to use their
signature as a form of identification. While this high level of
consumer acceptance is viewed as a strength by vendors of such
systems, this bears with it a strong downside. Without proper
notification, a person may sign an electronic signature pad and
unwittingly also be surrendering a reference or live biometric
sample. Since the custom of leaving a signature as one's "official
mark" is based on the presumption of irreproducibility (i.e., that a
forger would be hard-pressed to imitate a signature just by looking at
it), people are willing to provide a signature without giving its
potential for reproduction a second thought. However, electronic data
is easy to copy and transmit. And so, a forger posing as a delivery
man might fraudulently secure a signature biometric by presenting a
victim with a "gift" box, requesting a signature to confirm delivery,
and making off with the victim's biometric data.
The second unique property of signature biometrics is that unlike all
other biometrics, which either establish an identity (identification)
or confirm an identity (authentication), a signature can convey
intent (authorization). In other words, a traditional
signature on paper is taken both to authenticate the signator, and to
convey the signator's legal authority. An electronic system that
solicits a user's non-signature biometric must provide a separate step
to convey the user's legal authorization for any binding
transaction. A signature-based biometric system could mimic our
current legally customary acceptance of a signature to simultaneously
convey both identity and authority.
Keystroke Dynamics
The rhythms with which one types at a keyboard are sufficiently
distinctive to form the basis of the biometric technology known as
keystroke dynamics. While distinct, keystroke dynamics are not
sufficiently unique to provide identification, but can be used to
confirm a user's identity.
Keystroke dynamics, unlike other biometric technologies, is 100%
software-based, requiring no sensor more sophisticated than a home
computer. Because of this, deployment is occurring in fairly
low-stakes, computer-centric applications, such as content filtering
(Net Nanny owns BioPassword, the leading keystroke dynamics vendor)
and digital rights management, in which passwords to download music
are bolstered with by keystroke dynamic verification, to prevent
password-sharing. As a general rule, any method involving home or
office computers is inherently insecure, as these devices leave a lot
more room for experimentation than devices like ATMs or entry systems,
and the information they use tends to travel over unsecured
communication lines.
Hand Geometry
Perhaps the most ubiquitous electronic biometric systems are hand
geometry based. Hand-geometry-based systems require the subject to
place his or her hand (usually the right hand) on a plate where it is
photographically captured and measured. Made of 27 bones and a complex
web of interconnected joints, muscles, and tendons, the human hand
presents a sufficiently peculiar conformation of anatomical features
to enable authentication, but is not considered sufficiently unique to
provide full identification. Further, the geometry of the hand is
variable over time, as hand shape may be altered due to injury,
disease, aging, or dramatic weight swings. A simple hand-geometry
system will measure length and thickness of digits, width of the palm
at various points, and the radius of the palm. This results in a
relatively simple identification that can be expressed in a very
simple, compact string of data. Efforts have been made to improve the
accuracy of hand geometry, including three-dimensional sampling (i.e.,
a second camera measuring the thickness of the hand from the side),
and a patented system (owned by the British concern, Neusciences) that
measures the pattern of the veins of the hand. Neusciences claims that
their system provides a high degree of accuracy and that the hand vein
feature is unique and relatively invariable, changing little over a
person's lifespan.
In deployment, traditional hand geometry systems have found acceptance
in applications requiring verification of an identity, rather than a
full proof or establishment of an identity. Airports, prisons, and
factories have successfully employed hand-geometry-based systems to
restrict access to runways, to prevent walk-out escapes during visits,
and to ensure that time cards are being punched only by the worker,
and not by that worker's pal on his or her behalf. In all these
instances, the subject is attempting to prove or disprove his or her
membership in a relatively small group of people (authorized runway
personnel, prisoners/visiting family, factory workers). When stakes
are high, these systems are not relied on exclusively to confirm
identity; rather, they are used to provide an additional layer of
security above and beyond that provided by existing security systems.
Since they must accommodate the largest of hands, any hand geometry or
hand vein system must be somewhat bulky, and requires the user to
perform an obtrusive task (placing his or her hand on the platen for
sampling). Because of this obtrusiveness, hand-based biometrics
represent less of a privacy threat than some other systems: subjects
cannot have their biometric features sampled without their knowledge,
and the sampling method is unambiguous in its intent.
Fingerprint
Fingerprinting is a highly familiar and well-established biometric
science. The traditional use of fingerprinting, of course, has been as
a forensic criminological technique, used to identify perpetrators by
the fingerprints they leave behind them at crime scenes. Scientists
compare a latent sample left at a crime scene against a known sample
taken from a suspect. This comparison uses the unique features of any
given fingerprint, including its overall shape, and the pattern of
ridges, valleys, and their bifurcations and terminations, to establish
the identity of the perpetrator.
In the context of modern biometrics, these features, called
fingerprint minutiae, can be captured, analyzed, and compared
electronically, with correlations drawn between a live sample and a
reference sample, as with other biometric technologies. Fingerprints
offer tremendous invariability, changing only in size with age, are
highly resistant to modification or injury, and very difficult to
"forge" in any useful way. Although the development of some sort of
surreptitious sensor is not inconceivable, the reality is that sensors
remain obtrusive, requiring a willful finger pressure to gather a
useful sample. Unlike other systems, based on cameras and high-tech
sensors, fingerprint sampling units are compact, rugged, and
inexpensive, with commercially available systems from multiple vendors
offering very good accuracy. Next-generation scanners can analyze
below the surface of the skin, and can add pore pattern recognition in
addition to the more obvious minutia of the fingerprint.
Facial Recognition
Facial recognition sprung into the national spotlight during the 2001
Super Bowl, when Tampa police scanned the faces of game fans without
their knowledge for the purpose of spotting terrorists in the
crowd. While this proved a public relations nightmare in January 2001,
the use of this technology in New Orleans at the post-9/11 Super Bowl
of 2002 generated little controversy. Facial recognition remains one
of the more controversial biometric technologies because of its very
unobtrusiveness. With good cameras and good lighting, a facial
recognition system can sample faces from tremendous distances without
the subject's knowledge or consent.
Most facial recognition technology works by one of two methods: facial
geometry or eigenface comparison. Facial geometry analysis works by
taking a known reference point (for example, the distance from eye to
eye), and measuring the various features of the face in their distance
and angles from this reference point. Eigenface comparison uses a
palette of about 150 facial abstractions, and compares the captured
face with these archetypal abstract faces. In laboratory settings,
facial recognition results are excellent, but critics have questioned
the effectiveness of the technology in real-world circumstances.
Nevertheless, the accuracy of facial recognition has been good enough
for casinos to have put the the technology to use since the late 1990s
as a means to spot banned players. Facial recognition technology
proponents claim good performance even against disguises, weight
changes, aging, or changes in hairstyle or facial hair.
Eye biometrics: Iris/Retina
The human eye offers two features with excellent properties for
identification. Both the iris (the colored part visible at the front
of the eye) and the veins of the retina (the thin film of nerve
endings inside the eyeball that capture light and send it back to your
brain) provide patterns that can uniquely identify an individual.
Retinal scanning is the older technology, and requires the subject to
look into a reticle and focus on a visible target while the scan is
completed. It's definitely one of the more intrusive biometric
technologies, with some subjects reporting discomfort at the scanning
method. Iris recognition has an advantage in ease of use, in that it
merely requires the subject to look at a camera from a distance of
three to ten inches. The iris scanner illuminates the iris with
invisible infra-red light, which shows details on darker-colored eyes
that are not visible to the naked eye. The pattern of lines and colors
on the eye are, as with other biometrics, analyzed, digitized, and
compared against a reference sample for verification.
Iridian Technologies, who hold the patents on iris recognition, claim
that the iris is the most accurate and invariable of biometrics, and
that their system is the most accurate form of biometric technology.
Iridian's system also has the benefit of extremely swift
comparisons. The compay claims that it can match an iris against a
database of 100,000 reference samples in 2-3 seconds, whereas a
fingerprint search against a comparable database might take 15
minutes.
Voice Verification
None of us finds it remarkable when a friend recognizes our voice on
the telephone. However, what we find easy to do is still a very hard
problem for computers, especially when their job is to identify
someone positively. The prospect of accurate voice verification offers
one great advantage, which is that it would allow a remote
identification using the phone system, an infrastructure that's
already been built and thus has zero client-side cost: no special
reader needs to be installed in your home. Even without the phone
system, the sampling apparatus, a microphone, remains far cheaper than
competing, largely optically-based biometric technologies.
But voice recognition technology is still not good enough to be used
as a front-line biometric technology. Simply put, voice verification
systems have to account for a lot more variables than do other
systems, starting with the inevitable compression of a voice captured
by cheap microphones (especially those found on phone handsets),
discriminating a voice from background noise and other sonic
artifacts, and the human voice's tremendous variability, due to colds,
aging, and simple tiredness. Also, just as a voice can be
surreptitiously recorded over the telephone or face-to-face, a
person's voice can be captured surreptitiously by a third party
(either by tapping or bugging) and replayed, or a person's voice might
be biometrically sampled remotely without consent during a fake
door-to-door or telephone sales call. Because of these difficulties,
commercial deployments of voice verification have been limited to
"backup" status, systems in which there are other token-based methods
of identification, with voice verification providing an added layer of
protection.
Characterizing Different Biometrics
Different biometric features have characteristics that make them more or less useful for particular applications. Dr. James Wayman, director of the National Biometric Test Center at San Jose State University, categorizes biometric features in terms of five qualities:
- Robustness: repeatable, not subject to large changes.
- Distinctiveness: there are wide differences in the pattern among the population.
- Accessibility: easily presented to an imaging sensor.
- Acceptability: perceived as non-intrusive by the user.
- Availability: a user may present a number of independent measurable features.
Dr. Wayman explains these qualities by comparing fingerprinting to hand geometry.
"Fingerprints are extremely distinctive, but not very robust, sitting at the very end of the major appendages you use to explore the world. Damaging your fingerprints requires less than a minute of exposure to household cleaning chemicals. Many people have chronically dry skin and cannot present clear prints. Hands are very robust, but not very distinctive. To change your hand geometry, you'd have to hit your hand very hard with a hammer. However, many people (somewhat less than 1 in 100) have hands much like yours, so hand geometry is not very distinctive. Hands are easily presented without much training required, but most people initially misjudge the location of their fingerprints, assuming them to be on the tips of the fingers. Both methods require some "real-time" feedback to the user regarding proper presentation. Both fingerprints and the hand are accessible, being easily presented. In the 1990 Orkand study*, only 8% of customers at Department of Motor Vehicle offices who had just used a biometric device agreed that electronic fingerprinting "invades your privacy." Summarizing the results of a lengthy survey, the study rated the public acceptance of electronic fingerprinting at 96%. To our knowledge, there is no comparable polling of users regarding hand geometry, but we hypothesize that the figures would not be too different. With regard to availability, our studies have shown that a person can present at least 6 nearly-independent fingerprints, but only one hand geometry (your left hand may be a near mirror image of your right)."
*Orkand Corporation, "Personal Identifier Project: Final Report", April 1990, State of California Department of Motor Vehicles report DMV88-89, reprinted by the U.S. National Biometric Test Center.
Characterizing Biometric Applications
Dr. Wayman suggests characterizing biometric applications in terms of seven variables:
- Cooperative vs. Non-Cooperative This refers to the behavior of the "threat" or would-be deceptive user. Is the "threat" trying to cooperate with the system? If the threat is trying to enter a restricted area, she either cooperates with the positive ID system to try to fool it into thinking she's allowed in, or deceptively tries not to cooperate with a negative ID system so as not to trigger the alarm. One implication of this variable is the scope of database search. In cooperative applications, users may first identify themselves with a card or PIN, so that the system need only match against the claimed identity's template. In non-cooperative applications, users can't be trusted to identify themselves correctly, so the entire database may need to be searched.
- Overt vs. Covert Is the user aware that the biometric sampling and identification is occurring?
- Habituated vs. Non-Habituated Is the intended user expected to be experienced in the use of the system?
- Attended vs. Non-Attended Will the intended user be supervised when using the system?
- Standard vs. Non-Standard Environment How controlled are the environmental conditions for operation?
- Public vs. Private Will users be customers (public) or employees (private)?
- Open vs. Closed Will the application be required to exchange biometric data with other systems or not?
Dr. Wayman explains that the positive biometric identification (hand geometry) of users of the Immigration and Naturalization Service's Passenger Accelerated Service System (INSPASS) for rapidly admitting frequent travelers into the United States:
"can be classified as a cooperative, overt, non-attended, non-habituated, standard environment, public, closed application. The system is cooperative because those wishing to defeat the system will attempt to be identified as someone already holding a pass. It will be overt because all will be aware that they are required to give a biometric measure as a condition of enrollment into this system. It will be non-attended and in a standard environment because collection of the biometric will occur near the passport inspection counter inside the airports, but not under the direct observation of an INS employee. It will be non-habituated because most international travelers use the system less than once per month. The system is publicbecause enrollment is open to any frequent traveler into the United States. It is closed because INSPASS does not exchange biometric information with any other system."(emphases added)
Characterizing Biometric ID Systems
Dr. Wayman suggests that biometric ID systems should be viewed in terms of a generic biometric system made up of five basic components or subsystems, depending on the application: data collection, transmission, signal processing (which comprises feature extraction, quality control, pattern matching), storage, and decision.
- Data collection Biometric systems involve at least two discrete data collection steps. First, any biometric system must contain a biometric characteristic deemed "true" or canonical from the system's viewpoint. The term "enrollment" or "registration" refers to the first entry of biometric data into the database. Second, the system must compare a later-submitted "sample" (often called a "live sample") to the sample in the database. (Scale is crucial to the enrollment step, sometimes for quite mundane reasons. In the context of biometric visa issuance by the State Department, for instance, the government has been looking at whether or not U.S. consulates around the world have room to handle the additional equipment and physical traffic needed for data collection.)
- Transmission Many biometric systems collect data at one location but store and/or process it at another. Such systems require data transmission.
- Signal processingOnce a biometric is acquired, it must be prepared for comparison. There are three basic tasks here: feature extraction, quality control, and pattern matching. A fourth task in large-scale systems is pattern classification.
- Feature extraction involves finding the true biometric pattern amid noise and signal degradation, preserving the critical information, and discarding redundant or unnecessary data. Dr. Wayman gives the example of a text-independent speaker-recognition system. A properly implemented system isolates "features that depend only on the speaker and not on the words being spoken." At the same time, the system focuses on features that do not change "even if the speaker has a cold or is not speaking directly into the microphone."
- Quality control involves checking to see if the signal is of good quality. Ideally, it should be possible to make a quick determination so that another measure can be taken if the signal is inadequate.
- Pattern matching involves comparing the live sample to the reference sample in the database. If the user claims to be Jane Doe, the pattern-matching process may only need to compare the sample to Jane Doe's stored template. In other situations, the sample must be compared to multiple templates. The pattern-matching process generates a quantitative "distance" measure of the comparison -- how close are they? Even for the same person, the distance is rarely if ever zero.
- Pattern classification is a technique aimed at reducing the computational overhead of pattern matching. In large-scale systems, it can be computationally taxing to match each sample against all stored templates in the database. If biometric patterns can be categorized, then it may be possible to perform the match against only the stored templates in that category. This is sometimes referred to as "binning." A different technique with the same goal is "filtering," which involves partitioning the database based on information not contained in the biometric itself. If you know the person is a man, you don't need to check against women's biometrics. Both of these techniques introduce additional error possibilities; if binning or filtering is erroneous, then the true template is not used and a false non-match results.
- Decision This subsystem implements the biometric ID system's actual policy with regard to matching. In general, lowering the number of false non-matches raises the number of false matches, and vice versa. The signal processing subsystem yields a quantitative "distance" measure, but "how close or far is enough?" is a matter of policy. In a high-security application where the cost of a false acceptance could be high, system policy might prefer very few false acceptances and many more false rejections. In a commercial setting where the cost of a false acceptance could be small and treated as a cost of doing business, system policy might favor false acceptances in order not to falsely reject and thereby inconvenience large numbers of legitimate customers. The inevitable existence of these errors means that any biometric ID system must also have well-designed policies for exception handling.
- StorageBiometric reference samples must be stored somewhere for matching purposes. For systems only performing "one-to-one" matching, the database may be distributed on cards carried by each enrolled user. The user simply presents his or her biometric and the system checks to see if it matches the template stored on the card. Depending upon system policy, no central database need exist, although in this application a centralized database can be used to detect counterfeit cards or to reissue lost cards without re-collecting the biometric pattern.
In other cases, centralized storage is necessary because the system must match the live sample to multiple templates. As the number of templates grows, speed becomes an increasingly significant issue. One technique is to partition the database (i.e., binning or filtering) so that any sample need only be matched to the templates in one partition. This increases system speed and decreases false matches at the expense of increasing the false non-match rate owing to partitioning errors. System error rates thus change with increasing database size and ID systems do not linearly scale.
Full biometric patterns cannot be reconstructed from the stored reference samples if these are stored as templates, which reduce data richness dramatically. Templates themselves are often created using the system vendor's proprietary feature extraction algorithms. Whether stored templates themselves can be used to "spoof" the system internally is entirely dependent on the security of the system architecture.
Biometric ID systems may store not only the templates but also raw data. One reason to do so would be to allow changes to the system or to change system vendors without having to re-collect data from all enrolled users. Full raw data storage is a riskier practice in that new templates may be extracted from the data or the raw data itself may be used against the system.
The State of Scientific Testing of Biometric ID Systems
According to Dr. Wayman,
"Testing of biometric devices requires repeat visits with multiple human subjects. Further, the generally low error rates mean that many human subjects are required for statistical confidence. Consequently, biometric testing is extremely expensive, generally affordable only by government agencies. Few biometric technologies have undergone rigorous, developer/vendor-independent testing to establish robustness, distinctiveness, accessibility, acceptability and availability in 'real-world' (non-laboratory) applications."
An in-depth discussion of the statistical methodology in testing biometric ID systems is beyond the scope of this discussion. We recommend Dr. Wayman's website to interested persons. Note, however, that it is very difficult to generalize from test results. At this time, scientists have no way of accurately estimating how large a test is needed to adequately characterize any biometric device in any application, even with advance knowledge of theoretical error rates.
Media Coverage/Resources
Check out this page for helpful resources including
lots of media coverage and links related to the topic.
Acknowledgements:
This document was written and compiled by William Abernathy
and Lee Tien with editorial assistance from Sarah Granger and technical
assistance from Johnson Hor.
Biometric Identity: The Great Divider
July 6, 2011crisisboomLeave a commentGo to comments
inclusionThe use of Biometrics in national identity cards has spliced the globe into two with people in developed nations looking at it as infringement of their privacy and civil liberties, reports Team InclusionA debate has been raging in India since Manmohan Singh government broadened the sphere of MNIC (Multi-purpose National Identity Cards) to National Population Register (NPR) appending into it a biometrics-based Unique Identification (UID) number. The opponents of the scheme have accused the central government of snooping into privacy of residents. They fear that the project would prove to be the death of right to privacy implicit in Article 21, which guarantees protection of life and personal liberty. They apprehend that the governmental agencies would misuse the information collected under the project to harass individuals.
The UID-Aadhaar detractors frequently quote the examples of UK, USA and Netherlands, Greece, France and Turkey, which recently scrapped either their identity projects, or use of biometrics on the grounds that they intruded into residents' privacy. Their argument is that once a person hacks into the UID database, he can gain access to any other database as the UID will be linked with banks, phone companies, Public Distribution System (PDS), ministries, departments, Public Sector Units (PSUs) etc. They fear since many US companies are involved in the project, there is a possibility that Washington will have access to the database. They also fear that the unique identity would encourage identity thefts and misuse.
The project backers on the other hand hope that the linkages of UID with social sector schemes would improve targeting and delivery of services, reduce their cost and provide online cost-effective, ubiquitous authentication services. Denying that the unique number was a guarantee to rights, citizenship and entitlements, they add that the project would promote financial inclusion as the UID number facilitates opening of bank accounts.
There seems to be a major rich-poor, developed-developing and big economy-small economy divide among the countries when it comes to implementation of the national ID project with people in upper western hemisphere and parts of Europe rejecting their government's efforts to introduce and store biometrics in a central system. Countries like United Kingdom, France, Hungary, Netherland, Greece, Norway, Turkey and Ireland in Europe have either not incorporated biometrics in the ID or stopped scanning biometric information.
Similarly in North America and Australia continents, countries like USA, Canada, Australia and New Zealand have kept off the biometrics. In Asia, China, Japan, Sri Lanka are yet to join the clamour for biometric identity. Russia and Turkey, the two majors of Eurasia, have also not signed up for the biometrics till now.
Here is a list of international experiments that have taken place in various countries around the globe:
Europe
Ironically Europe, which is extremely paranoid about terrorism, is also the one, which leads the campaign against use of biometrics in National ID Cards with Britain, Norway, Netherlands and Ireland having witnessed major opposition to the concept in the past.
Britain in fact seems to have done so many somersaults on the issue that it is never clear whether the ID card is in or out. The project made its first appearance in UK during World War II when then British government decided to use national ID cards to facilitate identification of foreigners around the same time when Greece and France also introduced the cards.
Persons were required to carry the card at all times and show it on demand to police and members of the armed forces. And this is what brought its downfall. In 1951 Acting Chief Justice Lord Rayner Goddard ruled that police demanding ID card "from all and sundry" was unlawful leading to repealing of National Registration Act, the law which facilitated issuance of the ID card.
In 1984 and 1998, the UK government put in place a Data Protection Act, which authorised storage of lot of personal information in databases.
The UK Parliament passed Identity Cards Act in 2006 providing linkages of National Identity Cards, a personal identification document and European Union travel document with a database known as National Identity Register (NIR).
Another two years later, then UK Home Secretary Jacqui Smith proposed that web communication be stored by the ISPs and MSPs in a giant database for 12 months. "Our ability to intercept communications and obtain communications data is vital to fighting terrorism and combating serious crime, including child sex abuse, murder and drugs trafficking. Communications data – that is, data about calls, such as the location and identity of the caller, not the content of the calls themselves – is used as important evidence in 95% of serious crime cases and in almost all security service operations since 2004," she said.i
These anti-civil liberties measures proved to be the undoing of Labour government as two years later Conservatives rode back into power on the same issue. In February this year, the government finally scrapped the identity card scheme, terminated Identity Commissioner and destroyed all information held in the National Identity Register. UK Home Secretary Theresa May declared invalidation of existing cards saying they were 'intrusive, bullying and ineffective'.
Earlier this month, however, the UK government once again revealed plans for an identity assurance scheme, which will help people access services, related to the Department for Work and Pensions. Under the scheme, private companies will run the accreditation services that verify a person's identity when they log in to a service online. But this may still not be the last word on the subject.
The current French government has proposed a compulsory biometric card system, which is being opposed by human rights groups.
In Greece, fields included in previous ID card formats, such as vocation or profession, religious denomination, domiciliary address, name and surname of spouse, fingerprint, eye and hair color, citizenship and ethnicity were removed permanently as being intrusive of personal data or superfluous for the sole purpose of personal identification.
The plastic card in Hungary does not have any information about the owner's residential address, nor his Personal ID. This sensitive information is contained on a separate card, called Authority ID.
Ireland and Norway have felt that 'very serious privacy issues' are involved in the biometric identity scheme. Austria has also restricted use of Social Security Number (SSN) to areas of social security, taxes, education and other administrative areas.
Yet many European countries – Belgium, Bulgaria, Denmark, Estonia, Finland, Iceland, Italy, Latvia, Lithuania, Poland, Portugal, Romania, Slovakia, Slovenia, Sweden, Switzerland and Ukraine have introduced a National Identification Number for their citizens.
North America
Like Europe, North America too has serious issues with the use of fingerprints, iris scan for national identity cards with America and Canada, the two major countries of the continent having failed to convince their citizens on the subject.
Americans have resisted quite a few attempts of their government to upgrade Social Security Card to a National ID Card. In 1971 and 1973, the American government was forced to say that National ID card was not desirable. Ronald Reagan and Bill Clinton administrations too preferred not to touch the controversial biometrics.
The 9/11, however, did tamper the opposition to identity card as US Congress legislated Real ID Act of 2005 calling for national digital identification system. The Act amended US federal law pertaining to security, authentication and issuance procedures standards for the state driver's licenses and identification cards, as well as various immigration issues pertaining to terrorism. Since United States has no national identification card, driver's licenses have been used as a de-facto standard form of identification within the country.
Real ID Act set 11th May 2008 as compliance deadline for all states. But majority of the states have either applied for extensions of the original compliance deadline or received unsolicited extension. Over half of the states have approved either resolutions or binding legislation not to participate in the programme.
Yet Obama Administration has not quite given up. It hopes to fund pilot projects on adoption of Internet IDs next year. The administration's idea is to have multiple identity providers that are part of an 'identity ecosystem'.
Although every now and then one hears voices for attaching biometrics to Social Security Card to bring about immigration reforms, so far, the American administration has not succeeded in convincing citizens who back civil liberties and privacy.
Earlier Canadians rejected a proposal for a National ID Card that would require fingerprints and an iris (eye) scan. The Canadians estimated that this system would cost Rs 226 billion for their 32 million citizens and offered no security for the country from terrorists as some experts suspected that even with eye scan the cards could be duplicated.
Mexico, however, is on way to introduce iris scan for all its citizens for identification. It has made a beginning with the city of Leon and Guanajuato.
South America
In South America, the saying 'what is good for goose is good for gander' stands on its head, as unlike their counterparts in North America, the countries in down South, appear to have no issues with biometrics. Recently UID honchos from India visited Brazil to learn from that country's 'innovative targeting and identification mechanisms for social programmes'.
The government of Brazil is engaged in a nation-wide effort to replace its traditional ID card with a Registery of Civil Identity (RCI) card enhanced with biometric data. The new chip-based identity card stores information about the cardholder's name, gender, date of birth, photograph, affiliation, place of birth, signature, fingerprint, place and date of issuance and expiration. It uses state-of-the-art technology and is designed to avoid repeated identity registration in different states as well as confusion caused by different people with the same name.
Last year Brazil used biometrics in Presidential election to prevent voter fraud and ballot stuffing.
Brazil's neighbour and second largest country of South America, Argentina, recently signed up with Cross Match Technologies, a global provider of biometric identity solutions, for deployment of identity management systems throughout the country. Cross Match will provide guidance and expertise in the areas of forensic-quality fingerprint and palm print capture devices, multi-model biometric capture systems, document readers, software and associated professional services. The Argentine government uses biometric identity solutions to enhance safety, security and promote welfare programmes for its citizens.
DNI (Documento Nacional de Identidad) is the official form of identification for citizens in Peru, another country in South America. The electronic DNA has facial image and print of right index finger of the cardholder besides other general details like name, date of birth etc.
Chile on the other hand uses biometrics extensively for healthcare insurance, banks, pension funds and retailers as well as police and immigration services. Santiago airport in the country uses facial recognition technology for security.
Pablo Izquierdo, Director General of I-Med, a Santiago-based company explains the diametrically opposite views held on biometrics in North and South America. . "In the U.S. people don't much like the idea of a database of digital fingerprints; Latin Americans – well – they couldn't care less about it," Izquierdo says.ii
Bolivia, which shares borders with Brazil, Peru, Argentina, Chile, registered more than 5 million voters by collecting their fingerprints, biometric photographs and electronic signatures within 75 days before the 2009 elections and is now advising Georgia on the same.
Australia (Oceania)
Both the major countries in the region – Australia and New Zealand – are opposed to national identity and biometrics so much so that the former has rejected proposals for the card twice. The first proposal to create a universal number for Australian citizens and permanent residents was jettisoned in 1987. The second proposal – floated in 2005 for an Access Card for health and welfare benefits – was abandoned two years later due to privacy concerns relating to identity theft and disclosure of information. The country protects its Medicare and tax file number identifiers with strict privacy laws.
A parliamentary committee in Australia recently rejected the use of biometrics as a form of identification technology for gamblers saying that the technology would be a privacy overreach.
In 2009 when New Zealand tried to introduce biometrics in immigration, it kicked up a furore with people fearing that technology will be extended to other arms of the law. No wonder the island country is among the few countries of the world, which do not have a national ID card.
Africa
The situation in poor African continent would bring a big smile on the faces of votaries of biometric-based national ID in India as an overwhelming majority of the countries there have either already introduced the cards or are in the process of doing it.
While South Africa, Mauritius, Gambia and Zimbabwe have brought in biometric identity cards, Tanzania, Sudan, Lesotho, Nigeria, Angola, are on course to get them.
In Gambia and Mauritius, citizens above 18 years of age are required to apply for a National Identity Card. The former has made it mandatory for its citizens to show the biometric card at the time of applying for a driving license.
In South Africa, it is necessary for the citizens to carry identity document, which resembles a passport, at the time of opening a bank account, registering at an educational institution, buying a mobile or applying for a driver's license, passport, unemployment insurance and voting in elections.
Tanzania's National Identification Authority (NIDA) recently awarded a deal for national ID system for 25 million cards.
NIMC has the mandate to establish, own, operate, maintain and manage the National Identity Database, register persons covered by the Act, assign a Unique National Identification Number and issue General Multi-Purpose Cards (GMPC) to those registered individuals, and to harmonise and integrate existing identification databases in Nigeria.
Sudan is launching a civil registry project that expects to have the fingerprints of 8 million of the 16 million citizens and foreign residents for the country's national database.
The Angolan Government has officially approved the design of its new ID card for all its adult citizens. The cards will store personal data including personal and biometric identification.
Asia
When it comes to biometric national ID cards, Asian continent is divided among ayes and nays with China, Japan and Turkey yet to give assent to biometric identification. Pakistan, Bangladesh and Malaysia, on the other hand have already issued biometric identification for their citizens. Sri Lanka and Indonesia are all set to join the bandwagon.
In Pakistan, National Database & Registration Authority (NADRA) has captured 371 million fingerprints and 99 million faces and also facilitates mobile-to-mobile payment. The ID is tagged with Benazir Income Support Programme for poor. NADRA issued support to 500,000 Watan Card-holders during floods in Pakistan in last year.
Bangladesh has had biometric identification since 2008. Bangladeshis use NID card for obtaining passports, driving licenses, credit cards and for registering land ownership. MyKad or Government Multipurpose Card (GMPC), the official compulsory card in Malaysia, carries a microchip, which contains several items including biometrics.
In Israel, a move to have biometric database is being criticised for not using encryption method to minimise infringement to highly sensitive information. The database will be in the custody of Interior Ministry. Association for Civil Rights, an NGO headquartered in Jerusalem, fear the database will grossly infringe on Israeli citizens' rights.iii
i. A report on BBC uploaded on October 15, 2008
ii. bUSiness, a business magazine of the Chilean American Chamber of Commerce (AmCham Chile)
iii. Report on ynetnews.com
http://crisisboom.com/2011/07/06/biometric-identity-the-great-divider/
All 1.2 billion residents of the country should have unique identity numbers by June, 2013, the Union Cabinet decided on Friday seeking to cap a fractious internal debate on which agency should record and store biometric data.
The Cabinet plumped for a complete rollout of the ambitious scheme, aiming to plug loopholes in welfare programmes where identifying beneficiaries and checking leakages is a major challenge.
The government is keen to complete the UID registrations before the next general election. Under the compromise arrived at between the conflicting claims of the home ministry on the one side and the Planning Commission and UID Authority on the other, it has been decided that both the Registrar General and the Authority will split the collection of biometric data. RGI functions under the home ministry.
The cabinet committee on UIDAI headed by Prime Minister Manmohan Singh ironed out differences between home minister P Chidambram and Planning Commission deputy chairmanMontek Singh Ahluwalia and paved the way for UID authority receiving the mandate to enroll residents beyond the 200 million mark.
Now, UIDAI will seek to enroll a total of 600 million residents in 16 states and Union Territories where it is already at work. The remaining 600 million will be recorded by RGI as part of the National Population Register (NPR). Now, the two bodies will share the information.
In response to the home ministry's concerns, UIDAI has been asked to review its data collection process to address security issues. Chidambaram and the duo - Ahluwalia and IT czar-turned-Authority chief Nandan Nilekani - had differed on proprietorship of the data, with RGI reversing its earlier decision to accept UID data citing concerns over verification protocols. The turf war seems settled, with a middle path being worked out by the PM.
"The NPR will continue to capture biometric data, but if a person says he or she has taken an Aadhar (UID) number, no biometric details will be captured again by the NPR. So there will be no duplication in capturing biometrics," Chidambram said at a presser in the presence of both Nilekani and Ahluwalia.
Arguing that getting Aadhar numbers is voluntary while NPR is mandatory exercise, he said those left out under UID enrollment can get the number after registering with the population register.
The home minister said the decision will speed up both UID and NPR processes and the entire country will be covered by June, 2013.
Considering security issues flagged by home ministry, Nilekani said the Authority will do a complete review of its strategy over the next six to eight weeks. "We will start covering the additional 400 million people only from April," he said.
The cabinet committee approved an additional expenditure of Rs 5,791 crore for the project under which around 170 million enrolments have been completed by the Authority. As on January 20, 190 million Aadhaar numbers have been generated.
UID project is primarily aimed at ensuring inclusive growth by providing a form of identity to those who do not have any identity. "It seeks to provide UID numbers to the marginalized sections of society and strengthen equity," Nilekani added.
What is Aadhaar? |
Aadhaar is a 12 digit individual identification number issued by the Unique Identification Authority of India on behalf of the Government of India.
This number will serve as a proof of identity and address, anywhere in India.
Any individual, irrespective of age and gender, who is a resident in India and satisfies the verification process laid down by the UIDAI can enrol for Aadhaar.
Each individual needs to enroll only once which is free of cost.
Each Aadhaar number will be unique to an individual and will remain valid for life. Aadhaar number will help you provide access to services like banking, mobile phone connections and other Govt and Non-Govt services in due course.
Some other information about Aadhaar:
Aadhaar will be:
Easily verifiable in an online, cost-effective way
Unique and robust enough to eliminate the large number of duplicate and fake identities in government and private databases
A random number generated, devoid of any classification based on caste, creed, religion and geography
The HinduNandan Nilekani, Chairman, UIDAI at a seminar in Bangalore. File photo
Meanwhile,the curtains will come down on enrolments for Aadhaar, the Central government's ambitious unique identification programme, by February 15 at all 2,245 enrolment centres across Karnataka.The Hindu reports.
The Aadhaar cards issued by the Unique Identification Authority of India (UIDAI) are unlikely to be rolled out in Assam and other North Eastern States, barring Tripura and Sikkim.
A meeting of the Cabinet Committee on Unique Identification Authority of India related issues (CC-UIDAI) chaired by Prime Minister Dr Manmohan Singh decided to limit the issue of Aadhaar cards to 60 crore population spread over 16 States and Union Territories. In the rest of the States, the national identity numbers would be issued on the basis of the National Population Register.
Briefing newsmen, Union Home Minister P Chidambaram and deputy chairman of Planning Commission Montek Singh Ahluwalia said that in all cases the NPR data base would prevail. However, Aadhaar numbers would prevail in those States where it has been issued. And in rest of the States, the NPR exercise would continue.
The States where the Aadhar cards have been rolled out included Andhra Pradesh, Goa, Haryana, Himachal Pradesh, Jharkhand, Karnataka, Kerala, Uttar Pradesh, Delhi, Maharashtra, Sikkim, Puducherry, Tripura and Rajasthan among others.
UIDAI uses information on five fields, while NPR seeks information on 15 fields. The entire exercise of issue of NPR is targeted for completion in 18 months by June 2013, said the Home Minister.
The Cabinet meeting called today to resolve the differences between the Home Ministry and the Planning Commission over the issue of Aadhaar cards and the national identity cards, worked out a compromise formula, under which the limit of the Aadhaar cards have been fixed. The Home Ministry has now been mandated to carry out the NPR project in rest of the States.
About the security concerns flagged by the Home Ministry, Chidambaram said that UIDAI has agreed to review all the information it has collected. At the moment they have agreed to review the entire process to address all the security concerns.
The security concerns included the possibility of the cards falling into the hands of the illegal migrants and subsequent misuse of the cards to avail of the government schemes. The infiltration prone North Eastern States including Assam, were particularly referred in this regard.
A letter sent to Deputy Commissioners, in 23 districts where Aadhaar is being rolled out, by the State department of e-governance, informs them of the decision to stop enrolments, adding that "further enrolments are likely to be done by an agency to be designated by the government of India." The letter, dated January 24, adds that this decision follows instructions from the Unique Identification Authority of India (UIDAI) to stop enrolments.
Sources in the UIDAI confirmed to The Hindu that similar instructions have been communicated to all registrars and State governments across the country. The project, which crossed the 120 million mark (in terms of Aadhaar numbers generated), is expected to cross the 200 million mark by mid-February. The project, which is caught in a bitter turf war between the Home Ministry and the Union Planning Commission, had only been given permission to enrol 200 million citizens.
On Friday, the Union Cabinet decided to increase the cap to 600 million, and approved a list of States where the UIDAI could proceed with data collection. Karnataka is among the top three States in terms of numbers of enrolment, and State officials are hopeful will figure on the UIDAI list as "a lot of infrastructure has been put in place already."
"There is a lot of uncertainty about this project, even among enrolment agencies, which is also resulting in a slow-down in number or registrations. A lot of money has been invested even at the State level," a highly placed official toldThe Hindu. The Parliamentary Standing Committee had also rejected the National Identification Authority of India Bill in December 2011.
The UIDAI has set February 28 as the last date for receiving data packets, which contain demographic and biometric data, and has asked registrars to work towards it. In Karnataka, enrolments are being carried out by two registrars, the department of e-governance and the India Post. Sources in the India Post confirmed that similar instructions have been communicated to them too.
The department of e-government's letter, a copy of which is available with The Hindu, also requests the Deputy Commissioners to "review and approve ramp down plans," ensure "safety of the data and uploading by enrolment agencies" and "communicate to residents" about the decision to stop enrolments. It also asks the district offices to submit all statements of expenditure related to funds released by the Centre for e-governance for the UIDAI enrolment and publicity activities.
Till date, around 22 per cent of citizens in Karnataka have been covered, D.S. Ravindran, Chief Executive Officer of the Centre for e-governance told The Hindu. Over 133 lakh Aadhaar numbers have been issued. However, barring Mysore and Tumkur — both districts that were part of the pilot project have completed over 95 per cent enrolments — enrolments in most other districts are below 20 per cent. At 18 lakh enrolments, coverage of Bangalore city stands at a modest 21 per cent. Bidar is the only district to cross over 30 per cent in the State.
Aadhaar gets a fresh lease of life
Home ministry accepts UIDAI's biometrics; in case of overlap, National Population Register will prevail
Surabhi Agarwal & Sangeeta Singh
The Aadhaar project, which has been in the eye of a storm for its dispute with the home ministry's National Population Register (NPR), received a shot in the arm on Friday, with the Cabinet Committee on Unique Identification Authority of India (UIDAI) extending its mandate to collect biometrics for a total of 600 million residents of the country.This was made possible after NPR agreed to accept biometrics enlisted under Aadhaar, with the caveat that where there is an overlap and a conflict in the database, NPR-compiled metrics would prevail.
However, it is not clear as to whether the parliamentary standing committee on finance, which had opposed the UIDAI legislation, would go along with the compromise.
Earlier, UIDAI which is spearheading the project was supposed to collect biometrics for 200 million people, a task which it has already completed. The NPR project is being run by the Registrar General of India (RGI), which comes under the purview of the home ministry.
The decision, which comes after a long stand-off between UIDAI and NPR, means that India's two flagship projects will continue to coexist, and also that UIDAI will be able to meet its original target of giving unique identities to 600 million people by 2014.
The two projects, which have almost similar objectives, have been at loggerheads over who will collect biometrics for the entire population of the country.
With the cabinet extending the mandate of UIDAI to issuing another 400 million numbers, the project will continue to enrol people in 16 states and union territories, while NPR will do it in other states.
"We are very happy with Mr. Chidambaram's suggestions, and by doing this, we will be combining the strength of both the models...we now have the best of both worlds," said Nandan Nilekani, chairman of UIDAI. P. Chidambaram is India's home minister.
After Aadhaar's mandate to collect biometrics ended at 200 million, it was supposed to wait for the NPR data to come in to remove duplications and issue the UIDs.
On the other hand, the home ministry had stated that UIDAI data can't be trusted for "security" purposes and it wanted to collect its own biometrics. The government would have spent an extra Rs. 6,000 crore if NPR and UIDAI collected their own biometrics.
Home minister Chidambaram said that both agencies collecting data separately would have meant a lot of duplication.
"Now one authority will collect the biometrics and the other can issue Aadhaar. NPR would accept the biometrics of 60 crore people covered by UIDAI." He added that this would reduce the chances of duplication to just 5%. "People who will come to the camps for NPR data collection will be asked if they have already given biometrics to UIDAI. The duplication will only be in the case of those who give their biometrics again."
WATCH VIDEO
Mint's Sangeeta Singh says the logjam over collecting biometrics has been resolved, with the government authorizing the Aadhaar project to collect data on another 400 million people
Even though Chidambaram said that NPR would "accept" Aadhaar data, he added that UIDAI will have to go back and review a few aspects of its model and it will make changes if required. A UIDAI official said the agency will take a break after it completes 200 million enrolments and resume its activity from 2 April.
"During this period, we will refresh our entire technological and other processes and see what needs to be fine-tuned," he said.
The home ministry had raised concerns about the multi-registrar model followed by the authority and also the introducer system of enrolment, where people with no documents can be enrolled through introduction by another Aadhaar holder. The official who did not wish to be identified said that the concept of the introducer system was meant to bring about inclusion. The concept in itself was fine, but faltered in its implementation sometimes, he said, adding, "We will review the whole thing and see how it can be monitored better."
Last month, the parliamentary standing committee on finance headed by Yashwant Sinha, senior Bharatiya Janata Party leader, had rejected the National Identification Authority of India Bill, which was supposed to give legal backing to the UID project. Sinha said that all the members of the committee expressed a view irrespective of the political parties they belonged to.
"I am sure the government will give serious consideration to the concerns raised by the committee before sending the legislation again to the committee," Sinha said. "I do not want to say anything more at this stage, as it would be like taking a view before the matter reached the committee."
Meanwhile, the Cabinet Committee on UIDAI also approved additional spending of Rs. 5,000 crore for the project. Around Rs. 3,000 crore had previously been approved for it. The authority had earlier received approval for Rs. 8,800 crore from the expenditure finance committee (EFC).
The total funding comprises costs for the issue of 200 million Aadhaar numbers through multiple registrars up to March 2012, printing and delivery of 200 million Aadhaar letters, technology and other support infrastructure costs for creation, storage and maintenance of data, and services for leveraging the uses of Aadhaar for the entire estimated resident population up to March 2017, the government said in a statement.
However, since the mandate of the agency has been extended to a total of 600 million, it will receive additional funding and the proposal will be separately placed before the expenditure finance committee.
"Provision will be made in the budget for 2012-13 in anticipation thereof," the government said.
On the other hand, the total cost of the NPR project is around Rs. 6,000 crore, of which RGI has already spent around Rs. 2,000 crore. Moreover, the home ministry is planning to propose a resident identity card for all Indian residents. It has launched this scheme already in the coastal areas. The project will cost another Rs. 6,000 crore.
According to a report published in the Hindustan Times on 7 January, the Planning Commission has rejected the home ministry's proposal to issue smart identity cards to all residents under NPR on the grounds that chip-based ID cards were a waste of public money. "It has invoked its veto power to stall the Rs. 6,790-crore project," the report said.
Deputy chairman Montek Singh Ahluwalia said it was "not correct" to say the Planning Commission had "raised objections" to the project. He added that a unit of the Planning Commission examines the proposals and the EFC will decide on the matter. UIDAI has been created as an attached office under India's apex planning body.
surabhi.a@livemint.com
http://www.livemint.com/2012/01/28003356/Aadhaar-gets-a-fresh-lease-of.html?h=B
Have Aadhar? You still have to enrol for NPR
Chetan Chauhan, Hindustan Times
New Delhi, January 28, 2012 Email to Author
First Published: 00:32 IST(28/1/2012)
Last Updated: 00:34 IST(28/1/2012)
You may have undergone lot of pain to apply for voluntary unique identification (UID) or an Aadhaar number. Soon, you will also have to visit another camp to get the union home ministry's national identity card.
If you have not got a UID card yet, you can get both Aadhaar number and
related stories
the identity card after providing your biometric details at one of the ministry'scamp conducted for collecting details for National Population Register (NPR).
Home minister P Chidambaram said biometric details of those having Aadhaar numbers would not be collected again but the information provided for it will be verified in the NPR data. "In case of variance NPR data prevails and Aadhaar will be corrected," he said.
It means that 17 crore people, who have sought or received Aadhaar, will have to mandatorily enroll for NPR. Another 40 crore people, which UID Authority now has mandate to enroll in next 18-20 months, will also have to visit an NPR camp.
Planning commission deputy chairperson Montek Singh Ahluwalia said allowing the UID authority to enroll further will provide a developmental momentum as it has existing network of registrars in 16 states and union territories. "It was felt that a truly-tested system should not be stopped," he said when asked about the duplication of efforts in these states.
What is important for the government is its bid to link social development schemes such as public distribution system (PDS), old age and widow pensions and Mahatma Gandhi National Rural Employment Guarantee Scheme (MGNREGA) with Aadhaar to check pilferage and reduce the government's subsidy burden. The government's annual subsidy burden is over Rs 1 lakh crore.
The government has started pilots on Aadhaar-linked PDS in districts such as Medak in Andhra Pradesh where every resident has been covered.
http://www.hindustantimes.com/India-news/NewDelhi/Have-Aadhar-You-still-have-to-enrol-for-NPR/Article1-803094.aspx
IT czar Nilekani comes up trumps in UID war
By PRATUL SHARMALast updated at 12:36 AM on 28th January 2012
The year-long turf war between Unique Identification Authority of India chairman Nandan Nilekani and home minister P. Chidambaram over the collection of biometrics for issuing a unique ID card to all residents has emphatically been decided in favour of the former IT czar.
The cabinet committee on UIDAI on Friday even gave a go ahead to enroll an additional 40 crore residents for the Aadhaar number, with a budget of over `8,814 crore in 16 states.
Prime Minister Manmohan Singh's pet project UIDAI will move at 'full speed' within a ceiling of 60 crore (20 crore already covered).
And the winner is...: P. Chidambaram (left) and Nandan Nilekani
The government had billed the Aadhaar project as a one-stop measure to pass the benefits of developmental schemes to the marginalised sections.
With Rahul Gandhi prominently advocating Aadhaar's multiple benefits in his speeches in election- bound states, the UPA government could not have ignored this.
However, to save face, the national population register, under the home ministry, will collect biometric data in the remaining 60 crore population, not covered by UIDAI. Both initiatives will continue simultaneously to finish work by June 2013.
THE DEAL
Biometric data to be collected by only one authority. If a person has already received a UID number, then his biometrics will not be collected by theNPR. This will avoid duplication of work.
Uidai's mandate increased to issue 40 crore more UID numbers, taking its total target to 60 crore. It will continue collecting biometrics in 16 states and UTs, while NPR will do so for residents who have not enrolled for the Aadhaar project and the rest of the states.
To address the issue of data duplication, the cabinet committee decided that in cases where the UID has already captured biometrics details, the NPR will mention the Aadhaar number on its card.'Under NPR, everyone will be asked if they have given their biometric details and if they have then we will not take it,' Chidambaram said.
Still, in five per cent of the cases, there are chances of duplication and in case of any discrepancies between the UIDAI data and the NPR data, NPR will prevail, he added.
To address the security concerns raised by Chidambaram, the UIDAI will think afresh on its system before resuming its work from April.
Nilekani said: 'We will review the security concerns in the next six to eight weeks and begin the process of collection of data from April.'
This will be done by the inter-ministerial co-ordination committee (IMCC) already constituted by the Union home ministry.
Planning Commission deputy chairman Montek Singh Ahluwalia said: 'The financial proposal relating to Aadhaar enrolments of additional 40 crore will be separately placed before the Expenditure Finance Committee.
'Pending this approval, UIDAI is allowed to continue Aadhaar enrolment beyond 20 crore so that the momentum of the field formations is not lost. Provision will be made in the budget for 2012-13 in anticipation thereof.'
Till date an estimated 17 crore enrolments have been completed while, 11.90 crore Aadhaar numbers generated.
Read more: http://www.dailymail.co.uk/indiahome/indianews/article-2092873/IT-czar-Nilekani-comes-trumps-UID-war.html#ixzz1kiwmOISF
Nilekani Compromises with Home Ministry for AADHAAR UID
Zafar Anjum 27 Jan 2012The battle over biometrics between the Unique Identification Authority of India and the Home Ministry has ended in a compromise, according to a report in NDTV.
The Unique Identification Authority of India (UIDAI) is an agency of the Government responsible for implementing the AADHAAR scheme, a unique identification project. Aadhaar is a 12 digit individual identification. This number will serve as a proof of identity and address, anywhere in India.
Related News
- Twitter Can Now Block Tweets In Specific Countries
- SOPA's big brother, ACTA, Signed By EU Nations
- Google Overhauls Its Privacy Policy
- Could MRAM Ultimately Replace DRAM?
- Facebook May Let You Share What You Do Off-Site
A part of the Planning Commission of India, UIDAI was established in February 2009, with the mandate to maintain a database of residents containing biometric and other data. The agency is headed by a chairman, Nandan Nilekani, former co-chairman of Infosys Technologies.
The battle over biometrics started as both the UIDAI and Home Ministry were mandated to collect biometrics data of citizens. "Nilekani's department has so far enrolled 20 crore Indians with their biometrics including their fingerprints and iris," the report said. "The problem is that the Home Ministry is empowered to collect exactly the same data for the National Population Register or NPR".
According to the NDTV report, at a meeting chaired by the Prime Minister and attended by senior ministers, Nilekani, and Home Minister P Chidambram, it was resolved that the fingerprints and iris scans will be collected by both teams, with as little duplication as possible.
At the meeting, it was decided that Nilekani would conduct his enrolment exercise in areas where his team has already collected information on more than 50 percent of the population. Remaining areas will be handled by the Home Ministry's officials.
According to the report, Nilekani's department was initially meant to use the NPR's data for its work. But because the NPR's collection of data was moving slowly, the UIDAI asked for and received permission to collect the biometrics for 20 crore people. The logic was that the two databases of the NPR and the UIADI would eventually be married. But the Home Ministry then said that the UIDAI's data was not up to its standard.
Concerns have been raised about the safety of the data collected by UIADI and its legal status.
via MIS Asia
Other stories of interest:
Indian Govt. Readies Battle Against "Offensive" Content on Web
Kapil Sabil: No Plan to Pre-Screen Online Content
Google Overhauls Its Privacy Policy
http://www.pcworld.in/news/nilekani-compromises-home-ministry-aadhaar-uid-61752012
Nilekani, PC will share ID card cake
New Delhi, Jan 27, 2012, DHNS:PM decrees each would collect data of 60 cr people
In a bid to strike a compromise in the 'turf war' between Union home ministry and the Nandan Nilekani-led Unique Identification Authority of India (UIDAI), Prime Minister Manmohan Singh on Friday allowed both to capture biometric details of half each of the country's population of 120 crore.
The prime minister, who chaired the Cabinet Committee on UIDAI, ordered that the Authority would continue its enrolment by capturing the biometric details of an additional 40 crore people in 16 states in addition to the currently mandated 20 crore.
At the same time, the meeting also decided that the Registrar General of India (RGI) under the Home Minister tasked with preparing the National Population Register (NPR), will capture the biometric details of citizens in the rest of the States covering another 60 crore where the UIDAI is not collecting the data. Both have to complete the enrolment exercise by June 2013 and share data among themselves.
This means, in 16 states the UIDAI, where it is already working to enrol the people by capturing biometric details, can continue its task to cover 40 crore people. The UIDAI which was mandated to enrol 20 crore by 2012 March-end, has already completed enrolment of 17 crore people in 16 states. In rest of the States, the RGI will do enrolment by capturing the biometric details.
Interestingly, the RGI, which is preparing NPR and given the mandate to issue the chip-embedded multi-purpose citizenship card, will also set up its camp in the entire country even where the UIDAI is engaged in its exercise. However, as per Home Minister P Chidambaram: "Wherever the people have got the Aadhaar number or enrolled themselves in UIDAI, they need not give biometric details although they have to give other details."
The UIDAI collects details pertaining to five points such as address, age, etc. The NPR gathers answers to 15 points including those raised by UIDAI. However, for the people covered by the RGI, it is mandatory to acquire the citizenship card. The UIDAI is optional for any resident. But the citizenship card will have Aadhaar number generated by UIDAI.
The unanswered question is why both RGI and UIDAI are duplicating work of collecting the biometric details.
Though Chidambaram did admit that some duplication would indeed happen, he said it would be minimal and would not burden the exchequer. As regard the issue of expenditure, the panel has referred the matter to the Expenditure Finance Committee.
As per the government sources, the UIDAI enrolment per person is expected to cost Rs 50 while for RGI enrolment would come for just Rs 28. The Finance Ministry is likely to look into the costs.
On the enrolment method being adopted by UIDAI, such as introducers being required for acquiringan Aadhar number, Nilekani said his organisation would revisit entire exercise and ensure that nothing would be amiss in it.
The Cabinet committee has cleared an additional Rs 5,791 crore for the UIDAI after its chief Nilekani assured that the security concerns raised by the Home Ministry would be addressed.
The dispute between the UIDAI and the ministry rose after the latter took up its concerns over the authenticity of UIDAI enrolment procedure and the fear that it could lead illegal residents to claim citizenship.
The dispute had held up the implementation of the UID project which is meant to plug the loopholes in the delivery of subsidies.
http://www.deccanherald.com/content/222484/compromise-reached-unique-id-project.html
| Popular videoUID: Nilekani, PC strike deal on biometric dataIBNLiveall 88 news articles » |
A compromise was reached on Thursday on the Unique Identification Number (UID) project by Home Ministry and the Planning Commission, Home Minister P Chidambaram said. The Home Minister said that there will be no duplication of work between the UIDAI and the National Population Register (NPR). The NPR is collected by the Home Minister.
The collection of biometric data for the UIDs had also sparked a row, with both the Home Ministry and the UIDAI authorised to collect data. Chidambaram, however, said that the biometric data will be collected by only one authority.
Chidambaram also said that the usage of Aadhar number will also begin soon. "Aadhar number will be useful only when we use it in different programmes," Chidamabaram said.
The NPR will continue to capture biometric data, but if a person says he/she has taken an Aadhar number, no biometric data will then be collected by the NPR. The Home Minister said that the applications of Aadhar can be used for other things including MNREGA, scholarships and ration cards.
Chidambaram pegged the total cost of the project at Rs 8850 crore.
JOINING HANDS
* UIDAI to cover 600 mn people in 16 states/UTs
* NPR to provide Aadhar numbers in remaining areas
* No duplication in biometric record-taking
* Both agencies to accept Aadhar numbers given by each other
* NPR data to prevail in case of a discrepancy
The issue of who would collect biometric records — UIDAI or the home ministry under the National Population Register (NPR) project —has also been resolved. Both will accept the biometric records collected by each other. "Biometric records will be captured only once. The Aadhaar number given by one will be accepted by the other agency," Home Minister P Chidambaram said after the meeting.
The UIDAI has been given permission — and finances to the tune of an additional 5,791 crore — to enrol another 40 crore people in 16 States under its Aadhaar scheme. The NPR will accept the biometric data collected by the UIDAI in those States and continue to collect its own data through the Registrar-General of India in the remaining States.
In return, UIDAI chairman Nandan Nilekani has promised to address the Home Ministry's security concerns through a full review of the UIDAI processes over the next two months to ensure that its data collection met the NPR's requirements.
"We take [the security concerns] very seriously. What we have promised the Cabinet is that before we go into the next phase of 40 crores, for the next six to eight weeks, we'll do a complete refresh of the entire strategy, see what processes need to be changed, what investigations need to be done," Mr. Nilekani said, speaking to journalists along with Home Minister P. Chidambaram and Planning Commission Deputy Chairman Montek Singh Ahluwalia. "We'll resume only in April. I'm very grateful for Mr. Chidambaram's support on that."
The UIDAI had been mandated to enrol 20 crore people by March 2012.
While the UIDAI is a voluntary scheme, the NPR is mandatory for all residents. What this means is that if a resident had enrolled himself with the UIDAI and had his fingerprints and iris scanned, he can merely give his Aadhaar number to the NPR registrars, than submitting himself to biometric data collection twice.
Mr. Chidambaram said the duplication between the two agencies would be not be more than 5 per cent, reducing the government's expenditure on biometric data collection. In case of "discrepancies between UIDAI data and NPR data, NPR will prevail."
The Cabinet committee on UIDAI also approved additional spending of Rs 5,500 crore for UID cards. The total cost of the scheme is now projected at Rs 8,814 crore. Of that, Rs 3,200 crore has already been provided.
Under the agreed road map, UIDAI will continue enrolling people in 16 states/UTs, while NPR will do the job in the rest of the country, mostly coastal and border areas.
UIDAI has enrolled around 200 million people in the 16 states/UTs, with a total population of 610 million. The states/UTs are: Andhra Pradesh, Chandigarh, Daman & Diu, Goa, Gujarat, Haryana, Himachal Pradesh, Jharkhand, Karnataka, Kerala, Madhya Pradesh, Maharashtra, Delhi, Puducherry, Punjab, Rajasthan, Sikkim and Tripura.
While NPR captures 15 fields, UID is capturing five fields in its data. Aaadhar is voluntary but NPR is mandatory.
"With joint effort, we hope that the process of providing Aadhar numbers to the whole population will pick up speed. Avoidable cost and duplication will be mostly avoided by on Friday's decision. Possible duplication would be very small, maximum five per cent, and that is very small in a country of 1.2 billion," said Chidambaram.
Chidambaram said NPR would give resident identity cards with Aadhaar numbers and not take biometric records in cases where UID had already given an Aadhaar number and taken biometric records. The solution was found after the committee postponed its meeting on Wednesday and Prime Minister Manmohan singh discussed the proposed extension in the backdrop of the home ministry's apprehensions over the UID data collection mechanism.
biometric surveillance technology
What is a biometric identity card?
Probably almost everybody knows that an identity card is a piece of cardboard or plastic that is shown to security guards, police officers, immigration staff. Cards are issued by all manner of organisations: universities issue them to staff and students, governments issue them to citizens, companies issue them to their staff. Most of these cards contain some basic details such as name, a photograph of the person's face and a reference number that allows the card to matched to some central record held by the card issuer. Some of the more sophisticated cards also contain magnetic strips or barcodes that can be used with other machines to unlock doors so that the card acts like a key.
A biometric identity card is similar to existing cards but will also contain biometric information.
What is biometric information?
Put simply biometric information is information about a specific person's body. Hair colour and height are simple examples of biometric information. However for identification purposes hair colour and height are not very useful information because they change relatively rapidly (hair colour is changed by dye or by sunshine or by age; a person's height varies throughout the day according to the pressure on the spine). For identification purposes the most well known type of biometric information is the fingerprint; these are used because it is believed that no two people have the same patterns in the skin of their fingers and the patterns are relatively constant; they might change a little as a person gains or loses weight but the patterns remain recognisable. Another commonly used form of biometric information is DNA sequences. DNA is the biological code that is present in every cell in the body and that describes each individual person.
How will biometric information be put on a card?
In the 21st century it is possible to store quite large amounts of information in very small spaces. The information can be stored on a microchip on the card or on a magnetic strip. These are the same technologies that have been used on credit cards for some years. The amount of storage space needed to describe a person's fingerprints can easily be stored on a small microchip and that microchip can quite easily be embedded into thin plastic like a credit card — this is the same sort of technology as is used on the "chip and pin" cards that UK banks have been issuing since about 2003.
What biometric information will be stored on the card?
The government has not yet been able to decide exactly what information will be stored. There are many issues to consider. Whatever measurement is chosen must be something that doesn't generally change, and that can be easily provided by most people, including disabled or elderly people. The most likely candidates are finger prints and images of the iris of the eye which, like fingerprints, are believed to be unique to each person.
How will the information used once it is on the card?
The government has not had much to say about how the information will be used. Their silence is understandable because they know that the truth will be quite unpalatable to any sensible person who has more than a modicum of understanding of history. Two simple facts need to be understood:
First, merely issuing identification cards doesn't achieve anything ... identification cards only have any purpose if they are checked and used to control access to places and services.
Second, the information on the card has to be checked against some other list. Since that list will be stored on a computer it means that every use of the card can be monitored and traced and since that card is inextricably linked to you, that means that your activity can be monitored and you can be traced.
The prospective use, and inevitable misuse and abuse of the information is the reason that this web site exists and we invite you to read all the articles in order to understand fully the dangers of what the government is proposing. Biometric identification systems are not the benign tool of liberal and socialist governments that the UK government likes to claim. On the contrary, such systems would make an ideal tool with which to introduce tyranny and oppression and the British government is not somehow immune from such things.
Should I be concerned, and if so why?
The Labour party UK government has been pressing for the introduction for several years and has given at least half a dozen different explanations as to why they are desirable or necessary. The UK government would like everybody to believe that biomemtric identitification systems are a good thing that will bring real benefits for the honest citizen and real problems for the criminal.
We disagree entirely. In our opinion the creation and maintainence of the biometric identification system will be costly and complicated and will achieve none of the benefits that the government claims. Biometric identification systems cannot prevent terrorism, they will not prevent identity fraud, they will not prevent money laundering, they will not prevent illegal immigration.
However we do not think the system is merely useless and a huge waste of money; we also think it is extremely dangerous. In the United Kingdom peace and stability are maintained by a balance of power between the general population, the courts, the government and corporations. Biometric identification systems shift that balance of power firmly away from the general population and towards government, and history teaches us very clearly that when the balance of power shifts too much towards government then oppression, persecution and tyranny inevitably follow. Britain is not exempt from this pattern and if we wish to avoid tyranny in our own land then we need to ensure that the present balance of power is maintained.
We believe that biometric identification systems will create real and serious problems for the honest citizen and will be used by criminals and tyrants to their own advantage; our articles explain why ...
http://www.biometricidentitycards.info/articles/biometric_identity_cards.html
Biometrics
This article has multiple issues. Please help improve it or discuss these issues on the talk page.
|
Look up biometrics in Wiktionary, the free dictionary. |
Biometrics (or biometric authentication)[note 1] consists of methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In computer science, in particular, biometrics is used as a form of identity access management and access control. It is also used to identify individuals in groups that are under surveillance.
Biometric identifiers are the distinctive, measurable characteristics used to identify individuals.[1] The two categories of biometric identifiers include physiological and behavioral characteristics.[2] Physiological characteristics are related to the shape of the body, and include but are not limited to: fingerprint, face recognition, DNA, palm print, hand geometry,iris recognition (which has largely replaced retina), and odour/scent. Behavioralcharacteristics are related to the behavior of a person, including but not limited to: typing rhythm, gait, and voice.[note 2] Some researchers have coined the term behaviometrics to describe the latter class of biometrics.[3]
More traditional means of access control include token-based identification systems, such as a driver's license or passport, and knowledge-based identification systems, such as apassword or personal identification number.[1] Since biometric identifiers are unique to individuals, they are more reliable in verifying identity than token and knowledge-based methods, however, the collection of biometric identifiers raises privacy concerns about the ultimate use of this information.[1][4]
Contents[hide] |
[edit]Biometric functionality
Many different aspects of human physiology, chemistry or behavior can be used for biometric authentication. The selection of a particular biometric for use in a specific application involves a weighting of several factors. Jain et al. (1999)[5] identified seven such factors to be used when assessing the suitability of any trait for use in biometric authentication. Universality means that every person using a system should possess the trait. Uniqueness means the trait should be sufficiently different for individuals in the relevant population such that they can be distinguished from one another. Permanence relates to the manner in which a trait varies over time. More specifically, a trait with 'good' permanence will be reasonably invariant over time with respect to the specific matching algorithm. Measurability (collectability) relates to the ease of acquisition or measurement of the trait. In addition, acquired data should be in a form that permits subsequent processing and extraction of the relevant feature sets. Performance relates to the accuracy, speed, and robustness of technology used (see performancesection for more details). Acceptability relates to how well individuals in the relevant population accept the technology such that they are willing to have their biometric trait captured and assessed. Circumvention relates to the ease with which a trait might be imitated using an artifact or substitute.
No single biometric will meet all the requirements of every possible application.[5]
A biometric system can operate in the following two modes.[2] Inverification mode the system performs a one-to-one comparison of a captured biometric with a specific template stored in a biometric database in order to verify the individual is the person they claim to be. This process may use a smart card, username or ID number (e.g. PIN) to indicate which template should be used for comparison.[note 3] 'Positive recognition' is a common use of verification mode, "where the aim is to prevent multiple people from using same identity".[2]
In Identification mode the system performs a one-to-many comparison against a biometric database in attempt to establish the identity of an unknown individual. The system will succeed in identifying the individual if the comparison of the biometric sample to a template in the database falls within a previously set threshold. Identification mode can be used either for 'positive recognition' (so that the user does not have to provide any information about the template to be used) or for 'negative recognition' of the person "where the system establishes whether the person is who she (implicitly or explicitly) denies to be".[2] The latter function can only be achieved through biometrics since other methods of personal recognition such as passwords, PINs or keys are ineffective.
The first time an individual uses a biometric system is called enrollment. During the enrollment, biometric information from an individual is captured and stored. In subsequent uses, biometric information is detected and compared with the information stored at the time of enrollment. Note that it is crucial that storage and retrieval of such systems themselves be secure if the biometric system is to be robust. The first block (sensor) is the interface between the real world and the system; it has to acquire all the necessary data. Most of the times it is an image acquisition system, but it can change according to the characteristics desired. The second block performs all the necessary pre-processing: it has to remove artifacts from the sensor, to enhance the input (e.g. removing background noise), to use some kind of normalization, etc. In the third block necessary features are extracted. This step is an important step as the correct features need to be extracted in the optimal way. A vector of numbers or an image with particular properties is used to create a template. A template is a synthesis of the relevant characteristics extracted from the source. Elements of the biometric measurement that are not used in the comparison algorithm are discarded in the template to reduce the filesize and to protect the identity of the enrollee[citation needed].
If enrollment is being performed, the template is simply stored somewhere (on a card or within a database or both). If a matching phase is being performed, the obtained template is passed to a matcher that compares it with other existing templates, estimating the distance between them using any algorithm (e.g. Hamming distance). The matching program will analyze the template with the input. This will then be output for any specified use or purpose (e.g. entrance in a restricted area)[citation needed].
[edit]Performance
The following are used as performance metrics for biometric systems:[6]
- false accept rate or false match rate (FAR or FMR): the probability that the system incorrectly matches the input pattern to a non-matching template in the database. It measures the percent of invalid inputs which are incorrectly accepted.
- false reject rate or false non-match rate (FRR or FNMR): the probability that the system fails to detect a match between the input pattern and a matching template in the database. It measures the percent of valid inputs which are incorrectly rejected.
- receiver operating characteristic or relative operating characteristic (ROC): The ROC plot is a visual characterization of the trade-off between the FAR and the FRR. In general, the matching algorithm performs a decision based on a threshold which determines how close to a template the input needs to be for it to be considered a match. If the threshold is reduced, there will be less false non-matches but more false accepts. Correspondingly, a higher threshold will reduce the FAR but increase the FRR. A common variation is theDetection error trade-off (DET), which is obtained using normal deviate scales on both axes. This more linear graph illuminates the differences for higher performances (rarer errors).
- equal error rate or crossover error rate (EER or CER): the rate at which both accept and reject errors are equal. The value of the EER can be easily obtained from the ROC curve. The EER is a quick way to compare the accuracy of devices with different ROC curves. In general, the device with the lowest EER is most accurate.
- failure to enroll rate (FTE or FER): the rate at which attempts to create a template from an input is unsuccessful. This is most commonly caused by low quality inputs.
- failure to capture rate (FTC): Within automatic systems, the probability that the system fails to detect a biometric input when presented correctly.
- template capacity: the maximum number of sets of data which can be stored in the system.
[edit]History of Biometrics
Biometrics has been around since 29,000 BC when cavemen would sign their drawings with handprints.[citation needed] In 500 BC Babylonian business transactions were signed in clay tablets with fingerprints.[citation needed] The earliest cataloging of fingerprints dates back to 1881 when Juan Vucetich started a collection of fingerprints of criminals in Argentina. The History of Fingerprints.
[edit]Adaptive biometric Systems
Adaptive biometric Systems aim to auto-update the templates or model to the intra-class variation of the operational data.[7] The two-fold advantages of these systems are solving the problem of limited training data and tracking the temporal variations of the input data through adaptation. Recently, adaptive biometrics have received a significant attention from the research community. This research direction is expected to gain momentum because of their key promulgated advantages. First, with an adaptive biometric system, one no longer needs to collect a large number of biometric samples during the enrollment process. Second, it is no longer necessary to re-enrol or retrain the system from the scratch in order to cope up with the changing environment. This convenience can significantly reduce the cost of maintaining a biometric system. Despite these advantages, there are several open issues involved with these systems. For mis-classification error (false acceptance) by the biometric system, cause adaptation using impostor sample. However, continuous research efforts are directed to resolve the open issues associated to the field of adaptive biometrics. More information about adaptive biometric systems can be found in the critical review by Rattani et al.[8]
[edit]Current, emerging and future applications of biometrics
[edit]Proposal calls for biometric authentication to access certain public networks
John Michael (Mike) McConnell, a former vice admiral in the United States Navy, a former Director of US National Intelligence, and Senior Vice President of Booz Allen Hamilton promoted the development of a future capability to require biometric authentication to access certain public networks in his Keynote Speech[9] at the 2009 Biometric Consortium Conference.
A basic premise in the above proposal is that the person that has uniquely authenticated themselves using biometrics with the computer is in fact also the agent performing potentially malicious actions from that computer. However, if control of the computer has been subverted, for example in which the computer is part of a botnet controlled by a hacker, then knowledge of the identity of the user at the terminal does not materially improve network security or aid law enforcement activities.[10]
Recently, another approach to biometric security was developed, this method scans the entire body of prospects to guarantee a better identification of this prospect. This method is not globally accepted because it is very complex and prospects are concerned about their privacy. Very few technologists apply it globally.
[edit]Issues and concerns
[edit]Privacy and discrimination
It is possible that data obtained during biometric enrollment may be used in ways for which the enrolled individual has not consented. For example, biometric security that utilizes an employee's DNA profile could also be used to screen for various genetic diseases or other 'undesirable' traits.[according to whom?]
[edit]Danger to owners of secured items
When thieves cannot get access to secure properties, there is a chance that the thieves will stalk and assault the property owner to gain access. If the item is secured with a biometric device, the damage to the owner could be irreversible, and potentially cost more than the secured property. For example, in 2005, Malaysian car thieves cut off the finger of a Mercedes-Benz S-Class owner when attempting to steal the car.[11]
[edit]Cancelable biometrics
One advantage of passwords over biometrics is that they can be re-issued. If a token or a password is lost or stolen, it can be cancelled and replaced by a newer version. This is not naturally available in biometrics. If someone's face is compromised from a database, they cannot cancel or reissue it. Cancelable biometrics is a way in which to incorporate protection and the replacement features into biometrics. It was first proposed by Ratha et al.[12]
Several methods for generating cancelable biometrics have been proposed. The first fingerprint based cancelable biometric system was designed and developed by Tulyakov et al.[13] Essentially, cancelable biometrics perform a distortion of the biometric image or features before matching. The variability in the distortion parameters provides the cancelable nature of the scheme. Some of the proposed techniques operate using their own recognition engines, such as Teoh et al.[14] and Savvides et al.,[15] whereas other methods, such as Dabbah et al.,[16] take the advantage of the advancement of the well-established biometric research for their recognition front-end to conduct recognition. Although this increases the restrictions on the protection system, it makes the cancellable templates more accessible for available biometric technologies.
[edit]Soft biometrics
Soft biometrics traits are physical, behavioural or adhered human characteristics, which have been derived from the way human beings normally distinguish their peers (e.g. height, gender, hair color). Those attributes have a low discriminating power, thus not capable of identification performance, additionally they are fully available to everyone which makes them privacy-safe.
[edit]International sharing of biometric data
Many countries, including the United States, are planning to share biometric data with other nations.
In testimony before the US House Appropriations Committee, Subcommittee on Homeland Security on "biometric identification" in 2009,Kathleen Kraninger and Robert A Mocny [17] commented on international cooperation and collaboration with respect to biometric data, as follows:
" | To ensure we can shut down terrorist networks before they ever get to the United States, we must also take the lead in driving international biometric standards. By developing compatible systems, we will be able to securely share terrorist information internationally to bolster our defenses. Just as we are improving the way we collaborate within the U.S. Government to identify and weed out terrorists and other dangerous people, we have the same obligation to work with our partners abroad to prevent terrorists from making any move undetected. Biometrics provide a new way to bring terrorists' true identities to light, stripping them of their greatest advantage—remaining unknown. | " |
According to an article written in 2009 by S. Magnuson in the National Defense Magazine entitled "Defense Department Under Pressure to Share Biometric Data" the United States has bi-lateral agreements with other nations aimed at sharing biometric data.[18] To quote that article:
" | Miller [a consultant to the Office of Homeland Defense and America's security affairs] said the United States has bi-lateral agreements to share biometric data with about 25 countries. Every time a foreign leader has visited Washington during the last few years, the State Department has made sure they sign such an agreement. | " |
[edit]Governments are unlikely to disclose full capabilities of biometric deployments
Certain members of the civilian community are worried about how biometric data is used. Unfortunately, full disclosure may not be forthcoming to the civilian community.[19]
[edit]Countries applying biometrics
[edit]Australia
Visitors intending to visit Australia may soon have to submit to biometric authentication as part of the Smartgate system, linking individuals to their visas and passports. Biometric data are already collected from some visa applicants by Immigration. Australia is the first country to introduce a Biometrics Privacy Code, which is established and administered by the Biometrics Institute. The Biometrics Institute Privacy Code Biometrics Institute forms part of Australian privacy legislation. The Code includes privacy standards that are at least equivalent to the Australian National Privacy Principles (NPPs) in the Privacy Act and also incorporates higher standards of privacy protection in relation to certain acts and practices. Only members of the Biometrics Institute are eligible to subscribe to this Code. Biometrics Institute membership, and thus subscription to this Code, is voluntary.[20]
[edit]Brazil
This section needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. (March 2009) |
Since the beginning of the 20th century, Brazilian citizens have had user ID cards. The decision by the Brazilian government to adopt fingerprint-based biometrics was spearheaded by Dr. Felix Pacheco at Rio de Janeiro, at that time capital of the Federative Republic. Dr. Pacheco was a friend of Dr. Juan Vucetich, who invented one of the most complete tenprint classification systems in existence. The Vucetich system was adopted not only in Brazil, but also by most of the other South American countries. The oldest and most traditional ID Institute in Brazil (Instituto de Identificação Félix Pacheco) was integrated at DETRAN[21] (Brazilian equivalent to DMV) into the civil and criminal AFIS system in 1999.
Each state in Brazil is allowed to print its own ID card, but the layout and data are the same for all of them. The ID cards printed in Rio de Janeiro are fully digitized using a 2D bar code with information which can be matched against its owner off-line. The 2D bar code encodes a color photo, a signature, two fingerprints, and other citizen data. This technology was developed in 2000 in order to enhance the safety of the Brazilian ID cards.[citation needed]
By the end of 2005, the Brazilian government started the development of its new passport. The new documents started to be released by the beginning of 2007, in Brasília. The new passport included several security features, like Laser perforation, UV hidden symbols, security layer over variable data and etc. Brazilian citizens will have their signature, photo, and 10 rolled fingerprints collected during passport requests. All of the data is planned to be stored in ICAO E-passport standard. This allows for contactless electronic reading of the passport content and Citizens ID verification since fingerprint templates and token facial images will be available for automatic recognition.[citation needed]
[edit]Canada
Canada has begun research into the use of biometric technology in the area of border security and immigration (Center for Security Sciences, Public Security Technical Program, Biometrics Community of Practice). At least one program, the NEXUS program operated jointly by the Canada Border Services Agency and U.S. Customs and Border Protection, is already operational. It is a functioning example of biometric technology, specifically "iris recognition biometric technology"[22] used for border control and security for air travellers. Canada is also the home for the world's biggest biometric access control company called Bioscrypt Inc..
[edit]Gambia
The Gambia Biometric Identification System (GAMBIS) allowed for the issuance of Gambia's first biometric identity documents in July 2009. An individual's data, including their biometric information (thumbprints) is captured in the database. A National Identification Number (NIN), unique to each applicant applying for a card, is issued to the applicant. Biometric documents issued for Gambia include national identity cards, residential permits, non-Gambian ID cards and driver licenses.
[edit]Germany
The biometrics market in Germany will experience enormous growth until the year 2009. "The market size will increase from approximately 120 million € (2004) to 377 million €" (2009). "The federal government will be a major contributor to this development".[23] In particular, the biometric procedures of fingerprint and facial recognition can profit from the government project.[23] In May 2005 the German Upper House of Parliament approved the implementation of the ePass, a passport issued to all German citizens which contain biometric technology. The ePass has been in circulation since November 2005, and contains a chip that holds a digital photograph and one fingerprint from each hand, usually of the index fingers, though others may be used if these fingers are missing or have extremely distorted prints. "A third biometric identifier – iris scans – could be added at a later stage".[24] An increase in the prevalence of biometric technology in Germany is an effort to not only keep citizens safe within German borders but also to comply with the current US deadline for visa-waiver countries to introduce biometric passports.[24] In addition to producing biometric passports for German citizens, the German government has put in place new requirements for visitors to apply for visas within the country. "Only applicants for long-term visas, which allow more than three months' residence, will be affected by the planned biometric registration program. The new work visas will also include fingerprinting, iris scanning, and digital photos".[25]
Germany is also one of the first countries to implement biometric technology at the Olympic Games to protect German athletes. "The Olympic Games is always a diplomatically tense affair and previous events have been rocked by terrorist attacks—most notably when Germany last held the Games in Munich in 1972 and 11 Israeli athletes were killed".[26]
Biometric technology was first used at the Olympic Summer Games in Athens, Greece in 2004. "On registering with the scheme, accredited visitors will receive an ID card containing their fingerprint biometrics data that will enable them to access the 'German House'. Accredited visitors will include athletes, coaching staff, team management and members of the media".[26]
As a protest against the increasing use of biometric data, the influential hacker group Chaos Computer Club published a fingerprint of German Minister of the Interior Wolfgang Schäuble in the March 2008 edition of its magazine Datenschleuder. The magazine also included the fingerprint on a film that readers could use to fool fingerprint readers.[27]
[edit]India
India is undertaking an ambitious mega project to provide a unique identification number to each of its 1.25 billion people. The Identification number will be stored in central databases. consisting the biometric information of the individual. If implemented, this would be the biggest implementation of the Biometrics in the world. India's Home Minister, P Chidambaram, described the process as "the biggest exercise... since humankind came into existence". The government will then use the information to issue identity cards. Officials in India will spend one year classifying India's population according to demographics indicators. The physical count began on February 2011.[28] See Unique Identification Authority of India for more information.
[edit]Iraq
Biometrics are being used extensively in Iraq to catalogue as many Iraqis as possible providing Iraqis with a verifiable identification card, immune to forgery. During account creation, the collected biometrics information is logged into a central database which then allows a user profile to be created. Even if an Iraqi has lost their ID card, their identification can be found and verified by using their unique biometric information. Additional information can also be added to each account record, such as individual personal history.[citation needed]
[edit]Israel
The Israeli government has passed a bill calling for the creation of a biometric database of all Israeli residents; the database will contain their fingerprints and facial contours. Upon enrolling, a resident would be issued a new form of an identification card containing these biometrics. The law is currently in its trial period, during which enrollment is optional; pending on successful trial, enrollment would be mandatory for all residents.[29]
Opponents of the proposed law, including prominent Israeli scientists and security experts, warned that the existence of such a database could damage both civil liberties and state security, because any leaks could be used by criminals or hostile individuals against Israeli residents.[30][31]
[edit]Italy
Italy has standardized protocols in use to police forces. Specialist and University Faculty *Enrico Manfredi d'Angrogna Luserna v. StaufenRome University Tor Vergata - Siena University[32]
[edit]Netherlands
Starting 21 September 2009, all new Dutch passports and ID cards must include the holder's fingerprints. Since 26 August 2006, Dutch passports have included an electronic chip containing the personal details of the holder and a digitised passport photograph.[33] The chip holds following data: your name (first name(s) and surname); the document number; your nationality, date of birth and sex; the expiry date; the country of issue; and your personal ID number (Dutch tax and social security (SoFi) number).[34]
[edit]Recent requirements for passport photographs
Since 28 August 2006, under EU regulation '2252/2004' all EU member states have been obliged to include a digital image of the holder's passport photograph.[35][36]
[edit]New Zealand
SmartGate was launched by the New Zealand government at Auckland International Airport on Thursday 3 December 2009.[37] The program is available at Auckland, Wellington and Christchurch international airports for arriving travellers, and also for travellers departing from Auckland (with plans to extend the program for departures from Wellington and Christchurch by mid-2011).[38]
The kiosk and gate system will allow all New Zealand and Australian electronic passport holders over 18 to clear passport control without needing to have their identity checked by a Customs officer. The system uses "advanced facial software" which "compares your face with the digital copy of your photo in your ePassport chip".[39]
Deputy comptroller of customs John Secker said SmartGate represented probably the biggest single development in border processing in New Zealand in the past two decades. People will have a choice whether they want to use the system or go through normal passport control.[40]
[edit]United Kingdom
Fingerprint scanners used in some schools to facilitate the subtraction of funds from an account financed by parents for the payment of school dinners. By using such a system nutritional reports can be produced for parents to surveil a child's intake. This has raised questions from liberty groups as taking away the liberty of choice from the youth of society. Other concerns arise from the possibility of data leaking from the providers of school meals to interest groups that provide health services such as the NHS and insurance groups that may end up having a detrimental effect on the ability of individuals to enjoy equality of access to services.[citation needed]
[edit]United States
Starting in 2005, US passports with facial (image-based) biometric data were scheduled to be produced. Privacy activists in many countries have criticized the technology's use for the potential harm to civil liberties, privacy, and the risk of identity theft. Currently, there is some apprehension in the United States (and the European Union) that the information can be "skimmed" and identify people's citizenship remotely for criminal intent, such as kidnapping.[citation needed]
The US Department of Defense (DoD) Common Access Card, is an ID card issued to all US Service personnel and contractors on US Military sites. This card contains biometric data and digitized photographs. It also has laser-etched photographs and holograms to add security and reduce the risk of falsification. There have been over 10 million of these cards issued.[citation needed]
According to Jim Wayman, director of the National Biometric Test Center at San Jose State University, Walt Disney World is the nation's largest single commercial application of biometrics.[41] However, the US-VISIT program will very soon surpass Walt Disney World for biometrics deployment.
The United States (US) and European Union (EU) are proposing new methods for border crossing procedures utilizing biometrics. Employing biometrically enabled travel documents will increase security and expedite travel for legitimate travelers.[citation needed]
NEXUS is a joint Canada-United States program operated by the Canada Border Services Agency and U.S. Customs and Border Protection. It is designed to expedite travel cross the US-Canada border and makes use of biometric authentication technology, specifically "iris recognition biometric technology".[22] It permits pre-approved members of the program to use self-serve kiosks at airports, reserved lanes at land crossings, or by phoning border officials when entering by water.
[edit]In popular culture
- The 2002 film Minority Report features extensive use of casual Iris/Retina scanning techniques for both personal Identification and Point Of Sale transaction purposes. The main character changes his official Identity by having his eyes transplanted, and later accesses a security system using one of the removed eyes.
- The movie Gattaca portrays a society in which there are two classes of people: those genetically engineered to be superior (termed "Valid") and the inferior natural humans ("Invalid"). People considered "Valid" have greater privileges, and access to areas restricted to such persons is controlled by automated biometric scanners similar in appearance to fingerprint scanners, but which prick the finger and sample DNA from the resulting blood droplet
- The television program MythBusters attempted to break into a commercial security door[specify] equipped with fingerprint authentication as well as a personal laptop so equipped.[42] While the laptop's system proved more difficult to bypass, the advanced commercial security door with "live" sensing was fooled with a printed scan of a fingerprint after it had been licked, as well as by a photocopy of a fingerprint.[43]
- In Demolition Man the character Simon Phoenix cuts out a living victim's eye in order to open a locked door which is fitted with iris scanning. A similar plot element was used in Angels & Demons (2009) when an assassin gains access to a top secret CERN facility using a physicist's eye. Unfortunately, both of these examples are misleading to the audience since the methods depicted for enucleation(removal of an eye) from a corpse would not be a viable way to defeat such a system.[44]
[edit]See also
- Access control
- AssureSign
- AFIS
- BioAPI
- Biometric passport
- Biometrics in schools
- BioSlimDisk
- British biometric national identity card
- Facial recognition system
- Fingerprint recognition
- Government databases
- International Identity Federation
- Iris recognition
- Private biometrics
- Retinal scan
- Speaker recognition
- Surveillance
- Vein matching
- Voice analysis
[edit]Notes
- ^ As Jain & Ross (2008, footnote 4 on page 1) point out, "the term biometric authentication is perhaps more appropriate than biometrics since the latter has been historically used in the field of statistics to refer to the analysis of biological (particularly medical) data [36]" (wikilink added to original quote).
- ^ Strictly speaking, voice is also a physiological trait because every person has a different vocal tract, but voice recognition is mainly based on the study of the way a person speaks, commonly classified as behavioral. Biometric voice recognition is separate and distinct from speech recognition with the latter being concerned with accurate understanding of speech content rather than identification or recognition of the person speaking.
- ^ Systems can be designed to use a template stored on media like an e-Passport or smart card, rather than a remote database.
[edit]References
- ^ a b c Jain, A., Hong, L., & Pankanti, S. (2000). "Biometric Identification". Communications of the ACM, 43(2), p. 91-98. DOI 10.1145/328236.328110
- ^ a b c d Jain, Anil K.; Ross, Arun (2008). "Introduction to Biometrics". In Jain, AK; Flynn, P; Ross, A. Handbook of Biometrics. Springer. pp. 1–22. ISBN 978-0-387-71040-2.
- ^ http://biosecure.it-sudparis.eu/public_html/biosecure1/public_docs_deli/BioSecure_Deliverable_D10-2-3_b3.pdf
- ^ Weaver, A.C. (2006). "Biometric Authentication". Computer, 39 (2), p. 96-97. DOI 10.1109/MC.2006.47
- ^ a b Jain, A.K.; Bolle, R.; Pankanti, S., eds (1999). Biometrics: Personal Identification in Networked Society. Kluwer Academic Publications. ISBN 978-0792383451.
- ^ "CHARACTERISTICS OF BIOMETRIC SYSTEMS". Cernet.
- ^ A. Rattani, "Adaptive Biometric System based on Template Update Procedures," PhD thesis, University of Cagliari, Italy, 2010
- ^ A. Rattani, B. Freni, G. L. Marcialis and F. Roli,"Template update methods in adaptive biometric systems: a critical review," 3rd International Conference on Biometrics, Alghero, Italy, pp. 847-856, 2009
- ^ McConnell, Mike (January 2009). "KeyNote Address.". Biometric Consortium Conference. Tampa Convention Center, Tampa, Florida,. Retrieved 20 February 2010
- ^ Schneier, Bruce. "The Internet: Anonymous Forever". Retrieved 1 October 2011.
- ^ Kent, Jonathan (31 March 2005). "Malaysia car thieves steal finger". BBC Online (Kuala Lumpur). Retrieved 11 December 2010.
- ^ N. K. Ratha, J. H. Connell, and R. M. Bolle, "Enhancing security and privacy in biometrics-based authentication systems," IBM systems Journal, vol. 40, pp. 614-634, 2001.
- ^ S. Tulyakov, F. Farooq, and V. Govindaraju, "Symmetric Hash Functions for Fingerprint Minutiae," Proc. Int'l Workshop Pattern Recognition for Crime Prevention, Security, and Surveillance, pp. 30-38, 2005
- ^ A. B. J. Teoh, A. Goh, and D. C. L. Ngo, "Random Multispace Quantization as an Analytic Mechanism for BioHashing of Biometric and Random Identity Inputs," Pattern Analysis and Machine Intelligence, IEEE Transactions on, vol. 28, pp. 1892-1901, 2006.
- ^ M. Savvides, B. V. K. V. Kumar, and P. K. Khosla, ""Corefaces"- Robust Shift Invariant PCA based Correlation Filter for Illumination Tolerant Face Recognition," presented at IEEE Computer Society Conference on Computer Vision and Pattern Recognition (CVPR'04), 2004.
- ^ M. A. Dabbah, W. L. Woo, and S. S. Dlay, "Secure Authentication for Face Recognition," presented at Computational Intelligence in Image and Signal Processing, 2007. CIISP 2007. IEEE Symposium on, 2007.
- ^ Kraniger, K; Mocny, R. A. (March 2009). "Testimony of Deputy Assistant Secretary for Policy Kathleen Kraninger, Screening Coordination, and Director Robert A. Mocny, US-VISIT, National Protection and Programs Directorate, before the House Appropriations Committee, Subcommittee on Homeland Security, "Biometric Identification"". US Department of Homeland Security. Retrieved 20 February 2010
- ^ Magnuson, S (January 2009). "Defense department under pressure to share biometric data.".NationalDefenseMagazine.org. Retrieved 20 February 2010
- ^ Defense Science Board (DSB) (September 2006). "Chapter 17, Recommendation 45". Unclassified Report of the Defense Science Board Task Force. Washington, D.C. 20301-3140: Office of the Under Secretary of Defense For Acquisition, Technology, and Logistics. p. 84. Retrieved 20 February 2010
- ^ Biometrics Institute Privacy Code
- ^ http://www.detran.rj.gov.br/_documento.asp?cod=1438
- ^ a b "Cross Often? Make it simple, use NEXUS". Retrieved June 12, 2011.
- ^ a b The Biometrics Market in Germany 2004-2009: Anti-terrorism Laws Drive Growth - Market Research Reports - Research and Markets
- ^ a b IDABC - DE: Germany to phase-in biometric passports from November 2005
- ^ Migration Information Source - Germany Weighs Biometric Registration Options for Visa Applicants
- ^ a b Biometrics used to keep German Olympians safe - Software - Breaking Business and Technology News at silicon.com
- ^ Kleinz, Torsten (2008-03-31). "CCC publishes fingerprints of German Home Secretary". The H. Heise Media UK Ltd.. Retrieved 2010-06-08.
- ^ "India launches biometric census". BBC News. 1 April 2010.
- ^ The Jerusalem Post: Knesset approves controversial Biometric Database Law
- ^ Digital World: Getting to know all about you and me
- ^ YNET: Biometric Database - A Danger to State Security
- ^ Diognosys Methods in Forensic Anthropology - ELMA 2005 isbn13-978890242885
- ^http://www.minbuza.nl/en/Services/Consular_Services/Dutch_passport_ID_card/Biometric_passports
- ^http://www.paspoortinformatie.nl/english/Travel_documents/Reading_the_chip
- ^ Ministry of Home Affairs and kingdom relations. "Biometric passports". Retrieved 6 July 2010.
- ^ Criteria for accepting passport photos in Dutch travel documentsMinistry of Foreign Affairs. "Fotomatrix English" (PDF). Retrieved 6 July 2010..
- ^ "SmartGate - The smart new way to breeze through passport control". Retrieved June 21, 2011.
- ^ "How available is SmartGate?". Retrieved June 21, 2011.
- ^ "How does SmartGate work?". Retrieved June 21, 2011.
- ^ Segedin, Kara (4 December 2009). "Digital gateway opens way for fast-track NZ welcome". The New Zealand Herald. Retrieved 20 September 2011.
- ^ Article describing Disney's 2006 biometric initiative replacing hand geometric scanners with fingerprint readers
- ^ Video of the Mythbusters episode on how to hack fingerprint scanners
- ^ "Crimes and Myth-Demeanors 1". Mythbusters. The Discovery Channel. July 12, 2006. No. 16, season 4. Transcript.
- ^ Carlisle, James; Carlisle, Jennifer (2009). "Eyeball to Eyeball: the Use of Biometrics in ANGELS & DEMONS". In Burstein, Dan; de Keijzer, Arne. Inside Angels & Demons: The Story Behind the International Bestseller. Vanguard Press. pp. 374–383. ISBN 978-1593154899.
[edit]Further reading
- White Paper - Hardware Obsolescence Management in the Biometrics Industry; Reducing Costs by Enhancing the Flexibility of Biometric Solutions. Published by Aware, Inc., May 2010.
- Biomtrics Institute Privacy Code, September 2006
- Biometric Vulnerability Assessment Framework, Published by the Biometrics Institute, 2007–2011
- White Paper - Identification Flats: A Revolution in Fingerprint Biometrics. Published by Aware, Inc., March 2009.
- TechCast Article Series, Vivian Chu and Gayathri Rajendran, GWU, Use of Biometrics.
- Delac, K., Grgic, M. (2004). A Survey of Biometric Recognition Methods.
- Biometric Technology Application Manual. Published by the National Biometric Security Project (NBSP), the BTAM is a comprehensive reference manual on biometric technology applications.
- "Fingerprints Pay For School Lunch." (2001). Retrieved 2008-03-02. [1]
- "Germany to phase-in biometric passports from November 2005". (2005). E-Government News. Retrieved 2006-06-11. [2]
- Oezcan, V. (2003). "Germany Weighs Biometric Registration Options for Visa Applicants", Humboldt University Berlin. Retrieved 2006-06-11.
- Ulrich Hottelet: Hidden champion - Biometrics between boom and big brother, German Times, January 2007
Biometric identity project in India aims to provide for poor, end corruption
Sunday, March 28, 2010
In this country of 1.2 billion people, Inderjit Chaurasia could not prove his identity.
When the migrant worker tried to open his first bank account in New Delhi, he was turned away because he had only a driver's license for identification. Then he applied for a government food-subsidy card but was rejected for the same reason.
"Everywhere I go, they ask me for proof of residence and income tax that I do not have," said Chaurasia, 32, adding that he has never voted or paid taxes. "We are migrant workers. We go where the job takes us. Where do we find identity papers?"
Millions of Indians like Chaurasia are unable to tap into government and financial services because they lack proper identification. And, many here say that corrupt officials routinely stuff welfare databases with fake names and steal money meant for the poor.
But a mammoth project underway aims to address that problem by assigning all Indians a unique identity number backed by their biometric details and storing that information in a gigantic online database. The government says the new system -- which its creator calls a "turbocharged version" of the Social Security number -- will cut fraud and ensure that people who need assistance can get it.
By bringing more people into the banking system, Indian officials also hope to raise the number of people paying income taxes, which currently stands at 5 percent.
"A large number of Indians do not have bank accounts. They have no identity papers to establish who they are," said Nandan Nilekani, who was a successful software entrepreneur before joining the government to launch the identity project. "The unique identity will bring in financial inclusion and will also help national security in the long term."
India's plunge into biometric identification comes as countries around the globe are making similar moves.
In 2006, Britain approved a mandatory national ID system with fingerprints for its citizens before public opposition prompted the government to scale back plans to a voluntary pilot program beginning in Manchester.
U.S. senators have proposed requiring all citizens and immigrants who want to work in the country to carry a new high-tech Social Security card linked to fingerprints as part of an immigration overhaul.
Many countries are phasing in passports with computer chips linked to digital photographs or fingerprints, or both, and adopting the U.S. practice of keeping a fingerprint database on all foreign visitors.
But the effort in India might be notable for trying to move the furthest fastest.
http://www.washingtonpost.com/wp-dyn/content/article/2010/03/27/AR2010032701460.html
Pl Read:
http://nandigramunited-banga.blogspot.com/
No comments:
Post a Comment