Biometrics use in government and corporations - Research Paper Example

? Biometrics Use in Government and Corporations In Greek, “bio” means life and “metrics” means to measure.This basically describes what biometrics entails. The recent past has seen automated biometric systems become popular in the market because of the major advances in computer processing and information technology. Most of these systems derive their functionality from the original ideas conceived many years ago. The application of biometrics technology varies in various organizations and countries, with the aim being identification and verification. In this paper, use of biometrics in corporate and border security would be analyzed as has been applied in various countries globally. There are various biometric technologies available and though this paper will look into each of them, the major focus would be on fingerprint and iris biometrics. Fingerprint biometrics has remained popular not only among governments but also in corporate institutions. There would be various advantages as to support this popularity, but Cole (2005) noted that this technology has a false positive rate of between 0.08% and 4.4%. As compared to its counterpart, Cole (2005) further appreciates the accuracy that organizations could enjoy if the recent iris biometrics technology would be used instead. This system has a false acceptance rate at 1 per 1.2 million of two matching irises. This paper seeks to address security agencies from both the government and corporate organizations on concerns on errors in fingerprint biometrics with illustration using relevant examples. In spite of these drawbacks, application of biometrics by governments and corporations enhance border security and data protection. Introduction Biometrics pertains to unique methods of recognizing human beings on the basis of intrinsic behavioral or physical traits. According to Acharya and Kasprzycki (2010), it is the semi-automated or automated use of behavioral or physiological traits to verify or determine identity. Its application in computer science ensures access control and identity access management. Its application has however been extended to persons under surveillance. Since the terrorist attacks of 9/11/2001, the governments worldwide turned to biometrics capability to increase airport security and border crossings and for production of identity documents that are more secure. Similarly, biometrics has received tremendous demand for employment or testing in commercial applications. Human beings possess various chemical, physiological and behavioral aspects that would be important in biometric authentication. The choice of which aspect to use would be guided by several factors. Liu notes that the chosen aspect should be universal such that all subjects possess it (2011). The trait should be unique for each member of the population for differentiation. Permanence would show how a trait varies with time with a desirable permanence being that with reasonable invariance over time with regard to a specific matching algorithm. The trait should be easy to collect, extract and process. Performance would indicate how robust, fast and accurate a system is while acceptability would indicate how people would accept their biometric trait not only to be captured but also assessed. Finally, the trait should also not be easily circumvented. It is with this in mind that various biometrics have been developed with time in an attempt to have one that would effectively encompass all these traits. Operation of biometrics Any biometric system operates in two modes, namely; verification and identification (Cole, 2005). Verification mode allows for comparison of the captured biometric with a specified pre-existing template saved in a biometric database so as to confirm the person’s claim of identity. It would involve use of ID number, username or smart card to indicate the template to be used in comparison. With identification, the system would be prompted to compare against a whole biometric database for proper identity. The system would scan the database to identify a template that had been pre-specified. While the verification mode has positive recognition being commonly used, where the objective would be to inhibit use of same identity by multiple persons, identification would use both positive and negative recognition where negative recognition would establish the authenticity of the identity claimed. Enrollment refers to the first time of using biometric system where the information on an individual would be captured and stored. This would be used in future for comparison. The first block acts as an interface between the system and the world. The second block would be active in pre-processing while the third block would be important in extraction of the necessary features. A template would be created using an image or number vectors. At the time of enrollment, the template would be stored in the database. During matching however, the template obtained would be moved to a matcher that compares it to other templates and estimates the separation distance using an algorithm. The input would then be analyzed with the matching program to give the output. Uses of biometrics Biometrics technology was originally meant for security purposes so that persons could only access authorized areas or data. However, with advancement in technology and decrease in cost, other ways have been developed to make use of biometrics. The police use biometrics in forensics to identify people’s handwritings and further use in identifying those signing credit receipts. In elections, the government uses biometrics to prevent fraud and cheating by identifying voters and preventing multiple voting by a single voter. It has also been used by governments during verification for accessing computer networks and physical facilities. The technology has been widely used in monitoring entitlement benefits. Those applying for welfare benefits have been subjected to biometric identification so as to obtain funds which help reduce fraud in the programs. More specifically, Immigration and Naturalization Passenger Accelerated Service System, INPASS allows those visitors frequenting the US to be cleared quickly at inspection points by use of their hand geometry biometrics. Canada has a similar service referred to as CANPASS but uses fingerprint biometrics instead (Acharya & Kasprzycki, 2010). Encrypted fingerprints placed on drivers’ licenses reduce counterfeiting these licenses. Warren and Mavroudi (2011) observe the importance that UK has laid in ensuring security of its citizens by requiring that all foreigners in the country, including international students, investors and national groups to have Biometric Residence Permits, BRPs which contain their details for easy identification and verification. The US government appreciates the role that biometrics plays in making its operations efficient. For this reason, the National Security Policy Board chartered the Biometric Consortium charged with the development, testing and evaluation of devices used in biometrics on behalf of the Department of Defense (Didan, 2008). Biometrics could be used not only to secure human movement across borders but also that of animals and plants according to Muller (2011). Corporations have also used biometrics for smooth running of their businesses. This technology has been used in tracking employee behavior specifically where the employees have to use fingerprint or iris scan when entering or leaving work. Transport companies use Radio Frequency Identification to track the distance, time and usage of their fleet while at work (Didan, 2008). Types of biometric technologies Various technologies have been used by organizations for identification and verification. These include fingerprint, voice, palm vein, facial, hand and iris biometrics. Facial recognition biometrics uses the facial structure of the subject for recognition. This has been found to be non-intrusive and could be used in classification of legacy databases without the possibility of recapturing any new images. The system automatically captures the face image using a camera and the computer validates the facial characteristics. In voice recognition technology, the system would use behavioral and physiological traits of the subject’s voice to discriminate speakers. The primary component in this case would be the physiology of the vocal tract which consists of nasal and oral air passages which operate due to the movement of the jaw, tongue, mouth, larynx and pharynx. The behavioral aspect is minor and encompasses the style of movement and manner of speech and pronunciation. With hand biometrics, the subject’s hands physical attributes would be measured and analyzed. The aspects to be measured include the shape, size, length of joints and fingers and characteristics of skin, including ridges and creases. It would be important to note that the pattern of human palm veins would always be unique even for identical twins. Palms have permanent features that could be used for identification. It is this provision that guides palm vein biometrics. The other two technologies used in biometrics include iris and fingerprint biometrics. These two are the commonest and despite having been recommended by the International Civil Aviation Organization, ICAO as technologies for use in travel, in addition to facial recognition, they are the two technologies that have caused major uproars in the information technology industry (Liu, 2011). Each of these technologies has its limitations in as much as they have vast advantages. It would be important to therefore combine some of these capabilities to reap the benefits that each of them offers. Fingerprint biometrics Fingerprint biometrics involves matching fingerprint traits of the template one-on-one against the counterpart stored in the smart card. As early as the late 1800s, police departments were using fingerprint ridges and patterns for recognition of subjects (Acharya & Kasprzycki, 2010). Towards the end of 1960s, the US Federal Bureau of Investigation, FBI, funded research and development of appropriate technologies which yielded a finger print recognition semi-automated system. Due to advances in technology, there are fully automated, rapid commercial fingerprint systems currently in the market used for verification. These systems would be applicable in “one-to-many” verification purposes and human examiners could be required for final fingerprints comparison. The sensor that collects a fingerprint surface digital image would in most cases use optics though this could also be ultrasonic, thermal or capacitive in nature. This system has been widely acceptable because of its high accuracy, being less expensive and difficult to circumvent. In 2004, the Department of Homeland Security, DHS established the US-VISIT program charged with collecting, maintaining and sharing information which includes biometric identifiers on specified nationals arriving at the ports of entry of the US or seeking visas. The program employs fingerprints to screen those in the watch list and for verifying that a visitor would be the one issued with a visa or any other appropriate travel document. The DHS has been working towards having the same system replicated for exit with the pilot in 2009 causing the sampled foreign nationals to have their visas scanned and their fingerprints taken on exit. The Automated Biometric Identification System, IDENT stores biometrics data which includes fingerprint information provided by FBI (Muller, 2011). Fingerprint biometrics has replaced the use of time cards in most corporations as employers embrace more efficient and streamlined payroll operations. Dunkin Donuts, US Marine Corps and Hilton Hotels use these devices for logging in their employees’ arrival and departures by pressing a finger or hand to a scanner. Morden laptops have inbuilt fingerprint readers for access control and greater security. In 2010, International Biometric Group, a consulting firm, estimated the sales of these devices at $635 million with rapid increase in sales forecasted (Warren & Mavroudi, 2011). Workers have however complained that with biometrics, tracking their movements has been excessive. Iris biometrics According to Acharya and Kasprzycki, the iris refers to a muscle in the eye which regulates the pupil’s size so as to control the amount of light entering the eye (2010). Each iris has unique and highly detailed texture, with its striations, furrows and pits playing an important role in recognizing a subject. The maiden patent for iris algorithm was in 1994 with the first commercial products going to market in 1995. These systems have been designed to illuminate the iris with near infrared light followed by taking a picture of the iris using a high definition camera. The near infrared light would not harm the eye. The random patterns in the iris would be encoded mathematically and giving iris codes that would be statistically compared to the stored templates. Surgically altering the iris would not be easy but detecting contact lenses (artificial irises) would be easy; circumventing the iris recognition system would be relatively difficult. These are the reasons for the choice of irises as biometrics. With successful enrolment, these systems are accurate and rapid. The unfounded fears that near infrared light damages eyes have made the penetration of this technology in the market remain at low. According to Liu (2011), the Visa Information System, VIS, was established by the EU Council in 2004 to record biometric identifiers of those applying for visas which would improve information exchange between national border control agencies and countries. The centralized architecture of the VIS consists of the Central Visa Information System, CS-VIS and the National Interface, NI-VIS for each member state for relevant connection of each member state to the central national authority. The data stored includes photographs and fingerprints. Private corporations have been involved in the Registered Traveler, RT program where corporations collect iris biometrics, fingerprints and biographical details of applicants such as frequent flyers. The DHS would then analyze the information collected so as to carry out threat screening prior to the travel for participants. Such persons would then use specialized RT lanes where their identities would be authenticated based on the biometric data already stored in their respective RT access cards. The participants thus enjoy expedited screening. Banks have also used ATM iris recognition that recognizes customers using a sensor camera when they walk up to the ATM. The camera would take photographs of the iris of the customer and if it matches the record in the database, access would be granted (Dinan, 2008). Technological limitation in using biometric systems A compromised biometric system could be a result of accident or design. It could take place at the process level or technical level according to Cole (2005). These systems could be subjected to spoofing, damage to communication conduits or environmental degradation. At system level, hackers could interfere with templates and algorithms, data could be deleted, altered or stolen or the software components could be attacked. While analyzing issues related to fingerprint biometrics, Patrick (2008) noted the significance of measuring biometric accuracy and defined it as a measure of how well a system would correctly match the collected biometric information from a person and not falsely match biometric information collected from different persons. This is a dynamic topic marred with new information arising every passing day. Being a significant selling point, vendors would always report that their systems are very accurate but the difference in accuracy of different systems could be quite large. Care should however be taken when it comes to evaluation of these claims as the methods used to measure accuracy are varied and the discontinuities between these claims and actual performance would only be evident with the deployment of systems. The accuracy in biometric recognition testing would be determined by analysis of two error statistics: a) False rejection rate – in this case, the system would identify two biometric measurements taken from one person as being from different persons b) False acceptance rate – biometric measurements from different persons would be identified as coming from one and the same person. Both rates would be subject to the decision threshold of the system which would be determined by the person designing the system or the operator. Decreasing the threshold to have the system tolerate input noise and variations more would cause an increase in false acceptance rate. Raising the threshold to have the system be more secure would cause and increase in rejection rate. Equilibrium between these two rates would be arrived at the equal error rate. Smaller values of this rate indicate good sensitivity balance hence desirable. Other possible errors include failure to capture and failure to enroll. According to Liu, when a person fails a biometric test, it could be that the person is either “an impostor or an honest person falsely rejected” (2011, 42). Biometrics has influence on either granting or denying visas or admitting or denying entry to a traveler into the case country. A key factor to consider here would be the degree of false matches of the systems being used. Error rate in forensic fingerprint identification has hit legal debates in the recent past. Cole (2005) notes that trial judges should ensure that they act on relevant and reliable evidence when it comes to scientific evidence. The potential or known rate of error should be considered. A major area of concern would be in latent print where the examiners would compare latent prints obtained from scenes of crime to known origin prints. Cole gives an account of Brandon Mayfield who was implicated in the March 2004 Madrid bombing because a latent fingerprint on a bag that carried the explosives was found to match his (2005). The fingerprints of the suspect had been stored in the database following his arrest in 1984 and his service in the military. However, Mayfield claimed neither to have left the US for over 10 years nor holding a passport. FBI’s Senior Fingerprint Examiner had matched 100% for identification of Mayfield, verified by the Supervisory Fingerprint Specialist, Latent Print Unit, Unit Chief and a retired fingerprint examiner with the FBI. This was however retracted by the FBI a few weeks later as it was erroneous. Cases of errors in fingerprint identification have been there and on the high. Despite the reputation, fingerprint evidence would not pass as perfectly infallible. But Cole (2005) observes that latent print examiners still defend the infallibility of these systems even with volumes of evidence that prove otherwise. The claims of infallible biometrics systems should not be squashed as Cole (2005) gives some validity to this reasoning. The first is referred to as typological parsing which involves assigning errors to methodological and human components. Methodology would involve the analysis of a practitioner. The other stratagem could be the temporal parsing of error where documented errors would be consigned to a past that would be irrelevant to the present. The assumption would be that errors lead to changing procedures that would cause past procedures to be obsolete. It becomes unfair when new procedures are branded with past errors. The effects of high rates of false matches could range from embarrassments to inconvenience. Even worse, victims could wrongfully be prosecuted for offences they did not commit. This anomaly had been foreseen and in VIS Regulation Articles 37 – 39, data subjects have been empowered to delete or correct unlawfully recorded or inaccurate data. Liu (2011) recommends use of secondary procedure that should be user friendly. Still, these limitations do not compare to the benefits that biometrics offers as discussed herein. European Commission summarizes the whole issue better by throwing weight on the proposition that “biometrics systems are more secure than traditional identification systems” (2005, 13). They represent secure process of identification as much as they link identity data with the respective persons. Therefore, the linking integrity should be high, which would depend on securing the operations involved in the process of biometric identification, that is, enrollment, storage in the database, acquisition and matching. Since biometric features are part of a system, it would only be wise to ensure that all the other parts would be protected against circumvention. Economic, cultural and social issues due to information technology applications Information technology has transformed information storage, processing and broadcasting setting new standards in efficiency, speed and accuracy in all human activities. Computerized databases store confidential political, economic, social, legal and personal information aimed at supporting human activities for the general benefits to the society. Information technology would not at any one point be a solution to social problems. Nonetheless, its availability would be a pre-requisite if any person or nation should be socially or economically developed. This could only be comparable to electricity during the industrial era. Studies on econometrics indicate a positive relationship between information technology and productivity and competitiveness in corporations, governments and regions (European Commission, 2005). Adequate education level, specifically technical education has always steered productive utilization of new technologies. Historical transformations that have taken place in the past have been possible due to interrelated organizational transformation. In this era of information technology, the crucial organizational form could be taken to be networking. Most organizations have networks with other organizations so as to share information, technology or even circulation of money. This has given birth to an intertwined global economy where there is flexibility and variable geometry. Culturally, information technology has changed the lives of humans in the current world. The entire human activities realm depends on information for execution but technology accelerates the execution pace. According to Kelegai and Middleton (2002), culture refers to norms, values, customs and ideas shared by a society or group, distinguishable from that of another. It implies the collective thinking perspective of a group of people. But the culture of the society could also deter the achievement of full potential that information technology has to offer. Kelegai and Middleton (2002) give the example of when ATM cards were being introduced in Papua, New Guinea. Bank customers from this society found it difficult to surrender their pass books for ATM cards despite having been educated on the importance and benefits of using ATM cards over the traditional pass books. This point to a category of the society that the scholars refer to as Uncertainty Avoidance societies where the members of such a society would always be uncomfortable with uncertainties and would be less tolerant to moving out of the ordinary ideas. In the use of biometrics, there have been similar concerns with claims that the collected data could be used to profile individuals. Retinal scans report could give information on high blood pressure and diabetes. This information could be unethically used for selfish economic gains by denying ‘high risk’ individuals some benefits. European Commission (2005) noted that biometrics systems fail to give perfect identification which has caused specific groups to be disadvantaged; an issue which needs to be addressed so as to discourage negative ethical and societal consequences. According to Gates (2011), the public would mostly view biometrics technology as a way of social sorting with the aim of categorizing individuals for various reasons implying acceptance and rejection, inclusion and exclusion and worthiness and unworthiness. Economically, biometrics technology has played a major role in instilling high levels of trust in financial transactions. It has reduced fraud and thus materializes equity gains and efficiency of the information society. It simplifies the tasks from the user’s end hence minimizing possibilities of errors. Their widespread use have lowered cost of transaction for many organizations hence more efficient transactions for consumers. Biometrics systems vary in prices ranging from low cost to very high cost depending on the level of technology and accuracy. The sales from these systems and the accompanying services would be major economic boost to corporate organizations dealing with them due to the ever growing demand for security worldwide. There have been concerns on how use of this technology poses potential risk to health of humans and related hazards. Contact sensors for instance risk being contaminated. Though the risk could be minimal, as this would raise questions as to how humans go about the risks on door knobs and railings, the risk of public acceptance would be greater here. Regular cleaning by irradiating with UV radiation could minimize these concerns. Secondly, technologies using radiation such as retinal scanning using infrared light pose the risk of damaging body tissues like those in the eyes. Indirectly, there could be ethical risks involved specifically where private medical information could be used maliciously. The milestone achieved in information technology has raised complex social, legal, cultural and economic issues in the modern world. The major issues would include freedom of expression, right to privacy, access to information, cultural diversity and intellectual property rights. Information technology has proven to be very instrumental in gathering information and acquiring knowledge and should therefore be considered as a basic right for all humans. Legal rights would be violated everyday creating societal problems like cyber crime, digital divide, privacy concerns and digital security, all of which have a direct or indirect effect on people’s lives. Conclusion In the modern world, social development would be guided by the capacity to establish synergy in the interaction between human values and technological innovation, which would yield institutions which would create positive loops of feedback. Biometrics technology would be one such innovation which has aided many governments and corporate institutions to reinforce their security in addition to many other capabilities that come with it. Each day has major achievements made in ensuring that the accuracy desired from these systems has been achieved by exploring possible avenues with limited errors. However, it would be for the good of the concerned parties that any results drawn from these systems be counterchecked with other available technologies to improve on the reliability of the results. Technological advancement has been the greatest asset for growing economies and in spite of the challenges that come with it, people should always device ways to handle them and convert the challenges effectively for the greater good. This paper clearly indicates that in as much as it could be accompanied by shortcomings to human social, economic and cultural aspects, information technology provides humans with greater capacities to have efficient systems and processes. References Acharya, L. & Kasprzycki, T. (2010). Biometrics and the Government. Ottawa, Canada: Library of Parliament. Cole, S. A. (2005). More Than Zero: Accounting for Error in Latent Fingerprint Identification. The Journal of Criminal Law & Criminology, 95 (3), 985 – 1078. Dinan, M. (2008). Large Corporations Upgrading Security with Biometrics. Retrieved 23 February 2012 from http://www.tmcnet.com European Commission (2005). Biometrics at the Frontiers: Assessing the Impact on Society. Institute for Prospective Technological Studies. Gates, K. (2011). Our Biometric Future: Facial Recognition Technology and the Culture of Surveillance. New York: New York University Press. Kelegai, L. & Middleton, M. (2002). Information Technology Education in Papua New Guinea: Cultural, Economic and Political Influences. Journal of Information Technology, 1 (1). Liu, Y. (2011). Scenario Study of Biometric Systems at Borders. Computer Law and Security Review. The International Journal of Technology and Practice, 27, 36 – 44. doi:10.1016/j.clsr.2010.11.006 Muller, B. J. (2011). Risking it all at the Biometric Border: Mobility, Limits, and the Persistence of Securitization. Geopolitics, 16 (1), 91 – 106. doi:10.1080/14650045.2010.493775 Patrick, A. S. (2008). Fingerprint Concerns: Performance, Usability, and Acceptance of Fingerprint Biometric Systems. Ottawa, Canada: National Research Council of Canada. Warren, A. P. & Mavroudi, E. (2011). Managing Surveillance? The Impact of Biometric Residence Permits on UK Migrants. Journal of Ethnic and Migration Studies, 37 (9), 1495 – 1509 Read More