Here you can find the Biometric News of Dec. 2010. (Newest on top).
Every week, a selection of this news has been published in the Weekly Biometrics Newsletter.
You can subscribe to this (free) Newsletter by sending an e-mail to rene.bense@xs4all.nl
A short history of airport security: We screen for guns and bombs, so the terrorists use box cutters. We confiscate box cutters and corkscrews, so they put explosives in their sneakers. We screen footwear, so they try to use liquids. We confiscate liquids, so they put PETN bombs in their underwear. We roll out full-body scanners, even though they wouldn’t have caught the Underwear Bomber, so they put a bomb in a printer cartridge. We ban printer cartridges over 16 ounces — the level of magical thinking here is amazing — and they’re going to do something else.
This is a stupid game, and we should stop playing it.
It’s not even a fair game. It’s not that the terrorist picks an attack and we pick a defense, and we see who wins. It’s that we pick a defense, and then the terrorists look at our defense and pick an attack designed to get around it. Our security measures only work if we happen to guess the plot correctly. If we get it wrong, we’ve wasted our money. This isn’t security; it’s security theater.
There are two basic kinds of terrorists. The are the sloppy planners, like the guy who crashed his plane into the Internal Revenue Service building in Austin. He’s going to be sloppy and stupid, and even pre-9/11 airplane security is going to catch him. The second is the well-planned, well-financed, and much rarer sort of plot. Do you really expect the T.S.A. screeners, who are busy confiscating water bottles and making people take off their belts — and now doing uncomfortable pat-downs — to stop them?
Of course not. Airport security is the last line of defense, and it’s not a very good one. What works is investigation and intelligence: security that works regardless of the terrorist tactic or target. Yes, the target matters too; all this airport security is only effective if the terrorists target airports. If they decide to bomb crowded shopping malls instead, we’ve wasted our money.
Exactly two things have made airplane travel safer since 9/11: reinforcing the cockpit door, and convincing passengers they need to fight back. Everything else has been a waste of money.
Bruce Schneier is a security technologist and author of several books on computer security, including "Beyond Fear: Thinking Sensibly About Security in an Uncertain World."
In conjunction with Cartes & Identification 2010, Voice Commerce, the innovative financial services group, announces the launch of KYC Secure®, a federated database developed to secure and authenticate a consumer’s identity over their mobile phone. The first regulated mobile identity database of its kind, KYC Secure® has been designed to support a global standard for e-money and mobile payment account opening procedures. It provides any company or financial institution with the means to verify a customer’s identity based on their unique biometric Voice Signature™ in order to significantly reduce exposure to online, credit and identity fraud.
KYC Secure® brings together Voice Commerce’s regulated VoicePay® and Cashflows® payment systems and ensures Voice Signatures™ are verified before being stored in the secure VoiceTransact™ database. A number of organisations are already supporting this federated initiative including Experian which is already providing Voice Commerce with its credit information services and 192business who provide online identity verification solutions to Voice Commerce to verify the identities behind the Voice Signatures™.
Chinese scientists have developed a biometrics device, probably for the military, that uses a person's pace to identify them covertly, according to a confidential U.S. cable leaked by WikiLeaks.
The Chinese Academy of Science (CAS) Institute of Intelligent Machines (IIM) in Hefei, capital of Anhui province has developed a biometrics device that uses a person's pace to identify them. The device measures weight and two-dimensional sheer forces applied by a person's foot during walking to create a uniquely identifiable biometrics profile. The device can be covertly installed in a floor and is able to collect biometrics data on individuals covertly without their knowledge.
The European Commission has demanded Britain justifies the widespread and routine fingerprinting of children in schools because of "significant concerns" that the policy breaks EU privacy laws.
The commission has taken up the case of a father who has battled education authorities because his daughter's fingerprints were taken without permission.
The commissioner is also concerned that parents are not allowed legal redress after one man was told he could not challenge the compulsory fingerprinting, without his permission, of his daughter for a "unique pupil number".
In many schools, when using the canteen or library, children, as young as four, place their thumbs on a scanner and lunch money is deducted from their account or they are registered as borrowing a book.
Research carried out by Dr Emmeline Taylor, at Salford University, found earlier this year that 3,500 schools in the UK – one in seven – are using fingerprint technology.
EU data protection rules, Brussels legislation that overrides British law, requires that the gathering of information such as biometric fingerprints, must be "proportionate" and must allow judicial challenges.
"We should be obliged if you could provide us with additional information both regarding the processing of the biometric data of minors in schools, with particular reference to the proportionality and necessity in the light of the legitimate aims sought to be achieved, and the issue concerning the availability of judicial redress," said the letter, seen by The Daily Telegraph.
A Baltimore man accused of plotting to blow up a military recruiting station was "grinning from ear to ear" and said "Allahu Akbar" as he prepared to detonate what he thought was a powerful bomb last week, federal prosecutors said Monday.
Antonio Martinez, 21, who recently converted to Islam and changed his name to Muhammad Hussain, is accused of trying to kill members of the military whom he saw as a threat to Muslims. The FBI learned of Martinez's intentions through an informant, joined the plot and supplied him with a fake car bomb that he tried to detonate, authorities said.
Prosecutors portrayed Martinez as a man who was determined to cause as much harm as possible and sees himself as a holy warrior. But defense attorney Joseph Balter said his client was "incapable" of carrying out an attack on his own, failed when he tried to recruit confederates to join him and was caught in a "government sting operation."
(Sting operations are common in the United States, but not allowed in other countries such as Sweden and the Netherlands.)
Watch the Video here
And another here:
Accenture has been named one of the prime contractors eligible to compete for services as part of the FBI IT Supplies and Support Services contracting vehicle that has a $30 billion ceiling. The bureau will use the contract to procure IT services specific to its mission.
The indefinite delivery/indefinite quantity vehicle has a one-year base contracting period plus seven additional one-year options. Under the contract, Accenture is eligible to provide the FBI and other DOJ agencies with advanced analytics to support intelligence-led policing and investigation; process innovation via Accenture's Law Enforcement Center of Excellence; multi-modal biometrics and large-scale identification solutions; and financial, supply chain and human resources solutions.
The FBI qualified Accenture to compete for work in four of five contracting areas under the contract: hardware, software and related services; operations and maintenance; technical and development; and "other," which includes briefings, process improvements, training and other duties as the FBI determines. The contract is open to all FBI organizations and other U.S. Department of Justice (DOJ) agencies that seek to acquire IT services and supplies.
Australia's Privacy Act will need to be toughened and guidelines created if the federal government wants to use biometric technology in its plans to curb the use of "pokies" or poker machines, according to a peak technology group. Australian Prime Minister Julia Gillard warned the states that the government will impose regulation if a mandatory "pre-commitment technology" to curb poker machine use is not in place by May.
The Biometrics Institute general manager Isabelle Moeller said that strict national laws restricting the use of captured data would be required to ensure clubs, pubs and casinos adequately protect and do not abuse sensitive customer information.
Interoperability remains crucial to the continued success of coalition military operations in Afghanistan, said Brig. Gen. Benjamin Hodges, deputy commander of Regional Command and director of the Pakistan and Afghanistan Coordination Cell at the Joint Chiefs of Staff.
He outlined a number of key mission needs he faces in Afghanistan in a presentation at Army IT Day in Vienna, VA. Among the command, control, communications, computers, combat systems, intelligence, surveillance and reconnaissance (C5ISR) requirements for forces in the theater are a joint coalition partnered environment, biometrics, knowledge management and surveillance systems.
Besides providing a shared environment for coalition troops, additional effort must be put into biometrics, Hodges explained since forensic technologies are being used to identify and track improvised explosive device manufacturers. However, arrests are falling short because of a pressing need to register the local population into a biometric database.
AuthenWare®, a leading cybersecurity software provider, and FreeBalance, a global Government Resource Planning (GRP) software company, announced that FreeBalance has OEMed and is integrating the AuthenWare Identity Authentication solution into its Government Resource Planning (GRP) solution, the FreeBalance Accountability Suite. AuthenWare's second-factor technology verifies that the person typing a user ID and password is the actual owner of those credentials, based on effective and innovative keystroke dynamics, a behavioral biometric technology.
This technology requires no additional hardware, representing a low-cost, sustainable security solution for government customers. The integrated FreeBalance AuthenWare solution will help GRP customers prevent identify thefts and web fraud by rendering phishing and key logging attacks ineffective.
The planned central storage of all fingerprints and facial scans in the Netherlands is uncertain now ruling party VVD "is very critical" on the design. Minister Donner (Ministry of Internal Affairs) promised not to take irreversible steps until February 2011.
Late November began the process of ‘Privacy First’ and 21 co-plaintiffs against the new Passport Act.
Anyone who carefully reads the existing case law and the WRR report, and here another one, will come to the conclusion that any storage of biometric data is contrary to the European Human Rights Convention, including the current decentralized storage in Dutch municipalities. Therefore, municipalities and the Council of Europe both have to act quickly.
Parascript, LLC, the image analysis and pattern recognition technology provider announced that its SignatureXpert was awarded best performance for forensic signature verification at the 12th International Conference on Frontiers in Handwriting Recognition in Kolkata, India. Parascript was among seven participants representing 10 offline signature-verification systems from several countries. Parascript SignatureXpert delivered the lowest error rate at 8.94 percent, performing significantly higher than the rest.
The next best rate from a competitor was 16.42 percent. "We are proud to demonstrate that our signature verification technology can offer a scientific, objective tool to aid forensic handwriting experts," said Alexander Filatov, president and CTO for Parascript. "Our technology is already used in such diverse applications as detecting signature forgeries on financial documents and verifying voter authenticity on vote-by-mail ballots worldwide."
Hoyos Corporation, a Puerto Rico based advanced R&D laboratory and intellectual property holding company, announced that it will add a new iris scanning device, called the EyeSwipe-Nano, to their suite of identity management products. The EyeSwipe-Nano will be approximately one quarter of the size of the EyeSwipe-Mini®, roughly the footprint of a dollar bill.
The new product can capture the irises of people from a distance and in motion at a rate of twenty people per minute. The high throughput, accuracy, and ease of use make this device an attractive product for commercial, industrial, and high-density residential property usage. The EyeSwipe-Nano will use the same iris-scanning technology that powers Hoyos' entire suite of biometrics products. The product will be commercially available during the first quarter of 2011 and will be comparably priced to older technology card readers on the market today.
PhoneFactor, released the results of its recent survey on the state of online banking security. The survey, conducted in November 2010, included responses from financial services professionals at more than 70 banks.
Key findings in PhoneFactor's study include:
1. Real-time attacks from online banking trojans (ZeuS, Clampi, etc), also referred to as Man-In-The-Middle attacks, are seen as the greatest threat to online banking today for more than half (51%) of survey respondents, and 69% indicated an increase in the frequency of these attacks over the last 12 months. In fact, 37% of respondents reported that online banking trojans are the most prevalent type of attack at their bank.
2. Password phishing and pharming were a distant second with 24% of respondents believing password attacks to be the greatest threat to online banking. These attacks, however, continue to rage on. 55% of respondents indicated an increased frequency of these attacks over the last 12 months.
3. Online ACH and wire transfers were seen as being most vulnerable to attack with nearly one in three respondents rating these types of transactions as either "extremely" or "very" vulnerable.
4. There is still widespread misunderstanding about whether current security measures, such as one-time-passcodes, protect against today's top threats. Only 37% of respondents recognize that one-time-passcodes do not protect against ZeuS. Of those who recognize the weakness of these methods, 79% are either using today or plan to use next generation methods, such as out-of-band phone calls, transaction verification, and biometrics to protect against ZeuS.
With smartphones and tablets swiftly replacing desktops and laptops, the majority of future financial and other secure transactions will be over mobile/wireless networks and will need much more vigorous safety measures. That is why front-facing cameras tied into biometric authentication is on its way through facial and/or eye scanning as a mean to unlock a device or private files stored on the device. Blue Planet Apps has been working on its own BioLock, which appears to coming along satisfactorily. BioLock, as a consumer device could replace the lock screen, allow users to lock as much of the phone such as contacts, dialer, phone numbers, and apps.
The enterprise model connects to Microsoft Azure cloud, and does the authentication off the device, so the scan is taken, sent to the cloud, authenticated, and sent back. It is currently designed to use a 1024bit Polymorphic Cipher. This is designed to be adapted into the end users applications, for example, a banking app, or government email app that can encrypt messages before sending them. Blue Planet Apps is currently working very closely with Samsung to develop BioLock on Samsung devices, with the possible result being that Samsung will deploy it on all its devices as part of the AndroidOS.
Watch the Video here:
Unipower Solutions, a leading provider of hospitality point-of-sale (POS) software, today announced Giant Macaskills has deployed Unipower Bar POS software solution with integrated fingerprint biometrics. The Unipower Bar POS solution leverages DigitalPersona U.are.U® Fingerprint Readers to reduce cash register shrinkage and improve the operational efficiency at the Giant Macaskills three Hertfordshire pubs.
Giant Macaskills is a multiple licensee, with a chain of three 15th Century Coaching Inns, which have been designed with an eclectic mix of old and new furnishings, to create a boutique pub offering. Like many licensees the turnover of staff can be high and transient. Employees are often students, part-time workers and short-term contractors. Petty theft from the till is a common problem in the pub trade.
“Pubs are a cash based business so it’s easy to lift from the till by ringing in voids and cancelling transactions. Traditional, security methods such as swipe cards and dongles can be switched, used by different staff members and lost so they are not reliable for staff cash flow accountability,” said Pete MacGaskill, managing director of Giant Macaskills.
Last month, 50 of the most promising U.S. start-ups were recognized as part of the Startup Open, a competition for companies with high-growth potential that took place during Global Entrepreneurship Week 2010 in Kansas City, MO. Among those standouts was Tactical Information Systems, based in Austin.
The company has created a platform for low-cost matching of fingerprints, palm prints, iris and face images. Tactical Information Systems' first product, WanderID, uses face matching to provide identification services for people who cannot reliably identify themselves in case of an emergency, such as young children.
People with Alzheimer's disease or similar cognitive disorders also benefit from the service, the company says. Tactical Information Systems is planning its next product to be released, called CloudID. The goal for CloudID is to take the expensive biometric matching tools used by only the largest organizations and make them available as a cloud-based service to small and medium-size police stations.
According to new research from Siemens IT Solutions and Services, only 18 percent of organizations with biometric measures currently in place are using them for logical access control -- vital to securing IT equipment and data files. "Biometrics may be perceived as innovative and thus costly but this is not the case, indeed business cases show a rapid payback on initial investment," continues Ian Collard, Identity Management, and Biometrics Manager at Siemens IT Solutions and Services. "IT helpdesks often observe that the most common reason for user calls is password resets -- a task which has been calculated to cost an organization upwards of £70 a time, when all the human and process stages have been taken into account." Collard says by implementing innovative user identification using biometric palm-vein, fingerprint, or even voice recognition, costs can be halved, pressure on the helpdesk reduced and organizational efficiencies gained. Biometrics technology is a crucial tool in today's business armory.
West Virginia University has added forensic sciences to its list of priority areas for research. The Board of Governors approved the change in hopes that it will encourage more private-investment in forensic research. WVU has programs built around the biometric sciences, which use unique human traits like facial recognition and iris patterns to develop identification technologies. The board also approved $88,201 in contributions to the Research Trust Fund, including a $50,000 gift for pediatrics research from the Martha Gaines & Russell Wehrle Memorial Foundation. The latest gifts bring private and state dollars devoted to key research areas to just over $17 million.
At Cartes in Paris, delegates received impressive growth statistics for the international microprocessor card industry. Eurosmart, the main industry association in its annual assessment of the market predicts that the microprocessor smart card market will hit 5.32 billion units shipped in 2010 and rise to 6.02 billion units in 2011. The Government and healthcare segment was the third largest and saw impressive growth. In 2009, this segment was reported as 160 million units. For 2010, this has risen to an estimated 190 million and further growth of 18 percent to 225 million units is expected for 2011. The association put the growth down to rising sales of eID cards, especially from the European residence permit and growth in e-services for citizens. The visa waiver initiative from the USA and the drive to issue fingerprint-supported ePassports in Europe is also a growth driver.
Leveraging remote fingerprint verification on central and secure IBM iSeries servers, LANpoint Time Clock with VSSA Biometric Strong User Authentication-enabled TGS/400 system eliminates unauthorized clock-in via use of SecuGen biometric sensors. Centrally managed employee credentials and unlimited user capacity promote applicability, while privacy protection is ensured via secure biometric minutiae technology that never stores fingerprint image and cannot be used to recreate one.
The U.S. Biometrics Identity Management Agency, an Army agency tasked with coordinating biometrics efforts across the Defense Department, is expanding capabilities and broadening data sharing with other government agencies and coalition partners. The agency, which also operates the department's premier biometrics database, is coordinating with the departments of Justice, State, and Homeland Security to share biometrics data between the three primary databases used by the various departments.
The Defense Department relies on its Automated Biometrics Identification System (DOD ABIS) to process and store biometrics data from foreign nationals requesting access to U.S. installations overseas, latent prints from improvised explosive devices and other hostile actions, enemy combatants and detainees.
The Justice Department uses the Integrated Automated Fingerprint Identification System, which includes not only fingerprints but also corresponding criminal histories; mug shots; scar and tattoo photographs; physical characteristics such as height and weight, hair and eye color; and aliases. The system also includes fingerprints, mostly of individuals who have served or are serving in the U.S. military or have been or are employed by the federal government.
The departments of State and Homeland Security share a database, which like the Defense Department system also is known as the Automated Biometrics Identification System. It is referred to as IDENT, and it stores biometrics from visa applicants, visitors to the United States, illegal border crossers, and immigration violators.
AvidBiometrics.com announced that it is now carrying a full selection of GunVault Gun Safes. The new line of safes and cases from GunVault feature a variety of features and models with various locks including the No-Eyes Keypad combination system as well as GunVault's popular biometric line of safes. A high-performance algorithm is used to achieve speedy identification of enrolled fingerprints; and at the same time has a very low False Reject Rate (FRR) for a given False Accept Rate (FAR). Said John Stetson, sales manager for the site, "We initially carried the biometric versions of the GunVault, and sold out in less than a week!"
Chris Bowen has today announced the introduction of biometrics to its visa application processing for those seeking asylum, in order to improve its border security and monitor unscheduled arrivals.
Biometric data is widely used in the international community as an effective tool to manage visa and immigration processes, improve identity management and combat fraud,’ Mr Bowen said.
Biometrics is the study of unique biological signifiers such as fingerprints, iris scans and DNA sampling to log and check identities. The technology is widely used in the security services and was the cornerstone of the multi-purpose ID cards that never came to fruition in the UK. The data is 100 percent fraud proof.
‘The introduction of biometrics to onshore and offshore visa application processing is a tangible milestone on the path to even stronger border security for Australia and is critical to maintaining the integrity of our visa and migration programs.’
‘This initiative will assist in establishing the identity of protection visa applicants who arrive in Australia but are often unable to provide sufficient documentation to prove their identity, and strengthen our ability to detect inconsistent immigration claims,’ Mr Bowen said.
MasterCard Worldwide, a leading global payments company, today said it has developed a payment solution for ‘Aadhaar’. ‘Aadhaar’ is a 12-digit Unique Identification Number (UID) that captures basic demographic and biometric information of Indian residents. The UID will make it possible for residents to establish their identity with financial institutions thereby providing them a gateway into the formal banking system. This payment solution will enable Aadhaar holders to perform payment transactions using UID numbers with biometric authentication.
The solution is based on the Unique Identification Authority of India (UIDAI) platform and MasterCard’s payment network and family of brands. The solution will empower ‘Aadhaar’ account holders to move away from cash and towards electronic transactions.
The solution supports prepaid, debit and credit payment products in a broad based offering to drive UIDAI’s objective of Financial Inclusion.
As part of the proposed solution, it enables participating banks to issue a 16 digit Primary Account Number (PAN) to individuals enrolled into ‘Aadhaar’. MasterCard has developed a direct interface with UIDAI to perform UID biometric authentication of such payment transactions. With this solution, payment transactions will be performed using the UIDAI authentication infrastructure and MasterCard’s authorization, clearing and settlement infrastructure.
As violent drug cartels take over Mexico and expand their criminal enterprises north, the United States has signed a “trusted traveler” agreement that allows pre-screened Mexican airline passengers to bypass lengthy airport security checkpoints.
The foreigners will get “trusted traveler cards” with fingerprints and other biometric data and they must answer customs declarations questions on touch-screen kiosks before leaving airport inspection areas.
Homeland Security Secretary Janet Napolitano claims it’s a way to enhance information sharing and mutual security in the face of “ever-evolving, multinational threats.”
About 84 million Mexicans are expected to qualify for the trusted traveler program, according to Mexico’s Interior Ministry Secretary, who signed the agreement on behalf of his country this week. Celebrating the festive occasion, the Mexican government official assured that the new accord will facilitate the U.S. entry of business travelers and tourists who are key factors in economic development, growth of trade and cultural exchange.
Recently reported results from a hyperspectral imaging (HSI) study that displayed a 42.8% overall improvement in characterization of latent fingerprints in comparison to previous HSI image processing methods.
Improved data collection and image processing techniques were used to examine aged and recently deposited latent fingerprints on various surfaces that typically prove to be more difficult for forensic scientists, including white lined paper, white printer paper, a white business card, black tape and aluminum foil. The result yielded fingerprint images with enhanced detail between the ridge and the substrate without the use of chemical agents.
"While the chemical development of fingerprints will always play an important role in forensic analyses, there are certain instances, such as prints deposited on valuable or old surfaces or those requiring DNA extraction, where it can be detrimental to use such methods," said John Belechak, Chief Operating Officer and Forensic Science Director at ChemImage. "We are encouraged by these findings because they bring our innovative hyperspectral imaging technology one step closer to being a validated alternative."
The majority of firms that utilise biometric technology fail to use it to boost their data security, according to new research. survey by Siemens IT Solutions and Services has revealed that just 18 per cent of organisations with biometrics are using it to secure their corporate system (logical access control). irms are merely using biometrics, such as retina scans and fingerprint recognition, as a means of restricting building access.
Ian Collard, identity management and biometrics manager at Siemens IT Solutions and Services, claimed many firms are still yet to secure their computer hardware despite a number of high profile incidents of data loss. e said: "Frontline building security gives good safeguards to walk in threats but should be complemented with IT infrastructure security measures to prevent access to sensitive data and files."
Around a quarter of respondents cited cost as the main reason for their failure to adopt biometrics, while 24 per cent claimed there was insufficient evidence that the technology reduced data breaches.
Crime scene forensic analysis has long functioned on the premise that a person's unique identity is hidden in the tiny loops and swirls of their fingerprints, but teasing that information out of the incomplete prints left at crime scenes is still an inexact science, at best; a University at Buffalo researcher has developed a way computationally to determine the rarity of a particular fingerprint and, thus, how likely it is to belong to a particular crime suspect
Crime scene forensic analysis has long functioned on the premise that a person’s unique identity is hidden in the tiny loops and swirls of their fingerprints, but teasing that information out of the incomplete prints left at crime scenes is still an inexact science, at best.
Now, a University at Buffalo professor — who in 2001 provided the first scientific evidence that fingerprints truly are unique — has developed a way computationally to determine the rarity of a particular fingerprint and, thus, how likely it is to belong to a particular crime suspect.
The paper, “Evaluation of Rarity of Fingerprints in Forensics,” was presented by Sargur N. Srihari, Ph.D., co-author and SUNY Distinguished Professor in the UB Department of Computer Science and Engineering, at the Proceedings of Neural Information Processing Systems conference held Monday December 6 in Vancouver.
By combining machine learning with the ability to automate the extraction of specific patterns or features in a fingerprint and then comparing it with large databases of random fingerprints, Srihari and co-researchers are able to come up with a probability that a specific fingerprint would randomly match another in a database of a given size.
War-torn Afghanistan lacks basic national infrastructure, yet on Sunday the government unveiled plans for a $100 million electronic identification system with cards to be issued to all Afghans within five years.
A chip in the wallet-size identification cards will hold a drivers' license, vehicle registration, signature and voting registration and would aid fairer, more transparent and efficient future elections, the Ministry of Communications said.
After three decades of conflict, Afghanistan is struggling to rebuild its economy and crumbling infrastructure such as roads, electricity and water access. A September parliamentary election was tainted by widespread allegations of fraud, including reports of fake voter identification cards and repeat voting.
"We consider this a very important initiative for the development of Afghanistan," Minister for Communication and Information Technology Amirzai Sangeen told a news conference at which a $101.5 million contract for the project was signed with Afghan company Grand Technology Resources.
"In our country the need for having proper identification is a very urgent matter," he said. "Giving ID cards to everyone is a process ... probably it is a three to five year process." The Ministry of Finance will fund the project from its development budget, as the government believes the system will help improve the country's security.
Distributing ID cards in insurgent strongholds in the south and east of the country could prove difficult, however, as insurgents often intimidate or target Afghans seen to be cooperating with the government or foreign troops.
Bruce Schneier December 2.
Organizers of National Opt Out Day, the Wednesday before Thanksgiving when air travelers were urged to opt out of the full-body scanners at security checkpoints and instead submit to full-body patdowns -- were outfoxed by the TSA. The government pre-empted the protest by turning off the machines in most airports during the Thanksgiving weekend. Everyone went through the metal detectors, just as before.
Now that Thanksgiving is over, the machines are back on and the "enhanced" pat-downs have resumed. I suspect that more people would prefer to have naked images of themselves seen by TSA agents in another room, than have themselves intimately touched by a TSA agent right in front of them.
But now, the TSA is in a bind. Regardless of whatever lobbying came before, or whatever former DHS officials had a financial interest in these scanners, the TSA has spent billions on those scanners, claiming they're essential. But because people can opt out, the alternate manual method must be equally effective; otherwise, the terrorists could just opt out. If they make the pat-downs less invasive, it would be the same as admitting the scanners aren't essential. Senior officials would get fired over that.
So not counting inconsequential modifications to demonstrate they're "listening," the pat-downs will continue. And they'll continue for everyone: children, abuse survivors, rape survivors, urostomy bag wearers, people in wheelchairs. It has to be that way; otherwise, the terrorists could simply adapt. They'd hide their explosives on their children or in their urostomy bags. They'd recruit rape survivors, abuse survivors, or seniors. They'd dress as pilots. They'd sneak their PETN through airport security using the very type of person who isn't being screened.
So what's next? Strip searches? Body cavity searches? TSA Administrator John Pistole said there would be no body cavity searches for now, but his reasons make no sense. He said that the case widely reported as being a body cavity bomb might not actually have been. While that appears to be true, what does that have to do with future bombs? He also said that even body cavity bombs would need "external initiators" that the TSA would be able to detect.
Do you think for a minute that the TSA can detect these "external initiators"? Do you think that if a terrorist took a laptop -- or better yet, a less-common piece of electronics gear -- and removed the insides and replaced them with a timer, a pressure sensor, a simple contact switch, or a radio frequency switch, the TSA guy behind the X-ray machine monitor would detect it?
For more links on this subject click here
The news about the potential health dangers of the TSA's naked body scanners just keeps getting worse. An increasing number of doctors and scientists are going public with their warnings about the health implications of subjecting yourself to naked body scanners.
At the same time, some internet bloggers are insisting that the TSA's naked body scanners pose no health risks because air travelers are subjected to higher levels of radiation by simply enduring high-altitude flights where cosmic radiation isn't filtered out by the full thickness of the Earth's atmosphere. This comparison, however, is inaccurate: The TSA's body scanners focus radiation on the skin and organs near the skin whereas cosmic radiation during high-altitude flights is distributed across the entire mass of your body.
Read the whole letter here.
Even though it was written in April of this year, this letter has received increased publicity lately due to the TSA's sudden expansion of naked body scanners in airports as well as the agency's arrogant insistence that such machines will soon be used at bus stations, railway stations and other entrance points for mass transportation.
As an alternative to the naked scanners the TSA has ‘enhanced’ the pat-down procedure.
They search your most private area’s for contraband. So the choice given is really no choice at all.
BIO-key International, Inc. announced the successful deployment by Genesis HealthCare System, based in Zanesville, Ohio, of BIO-key's biometric identification for staff to quickly, conveniently and securely establish their identity when ordering, verifying or administering medications as required by Ohio law.
In the initial rollout, 2,000 clinicians and staff use fingerprint biometrics to establish their identity in Genesis's Epic software to order, verify or administer medications. In the next phase of this project, Genesis is implementing fingerprint biometric user logon with Vergence, a single sign-on solution from Sentillion, a Microsoft company. With these solutions in place, Genesis staff members can instantly establish their identity with the simple touch of a finger, giving them faster access to the systems they are authorized to use.
Over the last six months, members of the Afghan Air Force and their NATO Air Training Command -- Afghanistan advisers have been conducting a Personnel Accountability Inventory incorporating a Biometrics component to strengthen force accountability and enhance force protection for AAF and coalition partners. Up to now over 2,400 AAF members of the 4,000 have been processed and now, the second session of the PAI & biometrics to account for the rest of the remaining members began on Nov. 28.
The personal information gathered will be stored digitally with a picture, an iris scan, a thumbprint and cross-referenced for accuracy. When this is done, it means that the Afghan Air Force will have a full inventory of its people, with reliable data when needed.
A device dubbed the BlackBerry Empathy when used in conjunction with a biometrics ring worn by user collects "emotional data," allowing the phone to chart an emotional health chart, monitoring the user's emotional health throughout a period. It also allows evaluation of how a phone call/message affects the user emotionally. The device features a transparent OLED display that can turn opaque when used. The front of the device features a touch screen display while the back features the iconic BlackBerry QWERTY keyboard.
Australia's Department of Immigration is rolling out a $69 million biometrics solution to crack down on visa fraud, the scheme requires applicants at home and abroad to submit to face and fingerprint scans. The four-year project kicked off at department offices in Australia and British Government visa application centers in Bangladesh, Zimbabwe, Yemen, UAE, Kuwait, Oman, Qatar, Bahrain and Saudi Arabia.
It was expected to be expanded to centers in seven countries in Europe, Africa, Middle East and Asia next year. At the unveiling of the Unisys solution at the department's Sydney offices, Chris Bowen, the Minister for Immigration and Citizenship, announced that a digital photograph and fingerprint scans will be collected from everyone applying for a protection visa within Australia.
"Biometrics is an important tool against identity fraud and fraudulent visa applications," Bowen said. "Australia is significantly expanding the use of biometric testing offshore and on-shore. [Applicants] will be required to provide a digital facial photograph and a scan of their fingerprints as part of their visa application, regardless of their nationality." The rollout countries were based on a desire to test the biometric system, countries that posed the greatest risks from those applying for Australian visas from outside their borders and infrastructure availability, Bowen said.
Watch the video here
The UK Department of Work & Pensions has abandoned its trials of voice biometrics as an anti-fraud tool. The DWP has spent at least £2.4m on trials since May 2007. This is one of the largest payment organizations in the UK, so its decision is of interest to most organizations that need to validate customer identity and handle payments. Voice biometrics has had a lot of interest from the financial services industry, so the DWP's decision may well lead a number of banks to study it closely. Fraud is a huge problem for DWP (the DWP's own estimates put their annual fraud losses at £5.2bn per annum) and voice biometrics has promised so much to reduce fraud.
It looks like voice biometrics company Persay Inc. has been sold. Two concise notices to the Tel Aviv Stock Exchange (TASE) by shareholders Teuza - A Fairchild Technology Venture Ltd. and Shrem Fudim Technologies Ltd.
They did not disclose the name of the buyer or the size of the deal, but mentioned how much they would get for their holding in the company. Shrem Technologies said that it would make about $2 million for its 30 percent holding in Persay, indicating a sale price of $6.7 million, less than the amount invested in the company.
According to Israel Venture Capital Association, Persay raised $10.4 million in four financing rounds. Shrem Fudim Group Ltd. (TASE: SFG) unit Shrem Technologies added that it could receive an additional $360,000 for Persay, and that it will report a pretax capital gain of NIS 9.7 million on the sale. Tueza said that it had invested $410,000 and would make $1.15 million on its share of the company, which it did not disclose. Persay chairman Dr. Shuky Gleitman is a director at Teuza. Persay develops voice biometrics solutions for verifying customers by companies' customer services call centers, in order to prevent identity theft and other frauds.
An Israeli company believes that tracking the unique signatures in the movement of eyeballs could be the foolproof biometric system ever. its setup could be used as a lie detector, or a drug and alcohol test. In ID-U Biometrics' system, the user has to watch a moving object onscreen, while the camera observes the motion of their eyes. Since the way eyes move is based on a combination of factors -- such as anatomy, physiology, behavioral characteristics, and eye structure -- it is a signature that simply cannot be duplicated or forged, according to its developers.
Dr. Daphna Palti-Wasserman, CEO of ID-U Biometrics, says she designed the system by drawing up a wish list for the ultimate identification technology. "We explored the possible human signals and mechanisms that could deliver our dream biometrics," she told Fast Company. "It brought us to the visual system and to the dynamic approach.
" This approach differs radically from eye-related biometrics we've written about previously, such as iris scanning. Iris scanning systems rely on matching the image of your iris structure with a stored pattern of your iris. In contrast, the pattern the ID-U technology is based on consists of dynamic movements made by your eyes as they track a target, something that cannot be controlled or learned. "Most of the eye movement components are involuntary, and we are not aware of them at all," says Palti-Wasserman.
UM and Time Inc. unveiled the findings of a groundbreaking proprietary research study that explored consumer interaction and response to advertising in iPad magazine apps. The results of the study were presented by Mike Haggerty, SVP, Director of Research and Marketing Accountability, UM, and Betsy Frank, Chief Research & Insights Officer, Time Inc., at Advertising Age's Media Evolved Conference in New York.
This study marked the first time that biometrics research has been conducted on the advertising within iPad magazine apps, providing scientific evidence of how users engage and respond to the ads.
A key finding is that engagement on the iPad mobile digital device is complex and consists of three elements: Visual Attention, Accessibility, and Propulsion. Visual Attention describes an ad's power to grab a reader's attention and make the user linger on the ad to notice its elements. Accessibility refers to whether an ad offers easy entry points to stay on the ad or go deeper, often through an act of swiping or tapping. And Propulsion is the ability to drive through the adscape by moving from page one through to the interactive elements and features of the ads. This encourages maximum interaction with the brand.
"The three dynamics that we uncovered were quantified with the biometrics of emotion and cognition. This framework allows us to measure a successful advertising experience on the iPad," said Haggerty. "This is exciting new research that gives us a true understanding of what makes an effective tablet advertising experience. We look forward to developing this into actionable ways for our clients to advance how their brands will interact with tablet users."
The National Institute of Standards and Technology has released a draft of the third revision of Special Publication 800-78, Cryptographic Algorithms and Key Sizes for Personal Identity Verification, for comment. The previous version, SP 800-78 Revision 2, was published early this year.
It identifies acceptable symmetric and asymmetric encryption algorithms, digital signature algorithms, key establishment schemes, and message digest algorithms. It also specifies mechanisms to identify the algorithms associated with PIV keys or digital signatures. That version was updated to re-align with the Suite B Cryptography specification and with then recently published FIPS standards.
Homeland Security Presidential Directive 12 mandated the creation of new standards for interoperable identity credentials for physical and logical access to federal government facilities and systems. Crypto keys specified in FIPS 201 for the cards are an asymmetric PIV authentication key, a card authentication key that may be either symmetric or asymmetric, and an asymmetric key management key that supports key establishment or key transport.
Those standards are implemented in the PIV Card, the civilian counterpart of the military's Common Access Card. FIPS 201, "Personal Identity Verification of Federal Employees and Contractors," established standards for identity credentials. SP 800-78 specifies the cryptographic algorithms and key sizes for PIV systems and is a companion document to FIPS 201. All cryptographic algorithms employed in this specification provide at least 80 bits of security strength.
AuthenWare joined the Juniper Networks Technology Alliances Program. Juniper Networks SA Series SSL VPN Appliances allow any Web-enabled device such as a corporate laptop, PDA or Smartphone to provide remote access to organizational resources without the need for any client software on the user device. AuthenWare is a second-factor authentication technology that combines keystroke dynamics with behavioral and environmental heuristics to make user authentication and validation easy, cost-effective and reliable.
The zero-footprint software creates a unique personal security pattern, and uses it to recognize authorized users to stop identity theft, web fraud and system vulnerability. AuthenWare for Juniper seamlessly integrates the two products, offering customers strong security through an additional layer of user validation and authentication.
"We are pleased to have AuthenWare join our Technology Alliances Program," said Scott Lucas, Director, Technology Alliances at Juniper Networks. "Providing remote access to enterprise applications demands stringent application and data protection regardless of the user's location, type of device or operating system. AuthenWare's strong security complements our technology and customer strategy."
Fallout from the WikiLeaks leaks pointed the spotlight at American diplomats' attempt to get biometric and other sensitive identifying information from leading figures at the United Nations, and countries such as South Africa, the Sudan, Senegal, North Korea, China, Cuba, Egypt, India, Indonesia, Malaysia, and Syria.
One cable purportedly requested that "Biographic and biometric data, including health, opinions toward the U.S., training history, ethnicity (tribal and/or clan), and language skills of key and emerging political, military, intelligence, opposition, ethnic, religious, and business leaders.
Data should include email addresses, telephone and fax numbers, fingerprints, facial images, DNA, and iris scans." A biometric database in Iraq was created out of fingerprints found on enemy weapons and bombs.
In Afghanistan, the current government is creating biometric identification card for the entire adult population using technology from American firms. The U.S. military currently has biometric information on 800,000 Afghans, while the Afghan government's database contains just 250,000 records.
Nigeria's leading corporate e-Payment platform, Remita was in the spotlight recently when about 120 selected senior bank executives from 22 commercial banks met in Lagos. The event was a One-Day Bankers' Interactive Forum organized by SystemSpecs to discuss the current trend in Nigeria's e-Payment space and how SystemSpecs' integrated biometric, payroll and e-Payment solution, Remita can continue to deliver services to customers.
John Obaro, Managing Director SystemSpecs, said "The rate of adoption and growing importance of corporate e-Payment in Nigeria's economy has made this gathering necessary. There is need for all stakeholders to continue to work together to achieve operational efficiency on e-Payment to meet our national goals and aspirations." Obaro described how Remita has evolved with new features to become Nigeria's first and only one-stop solution for biometrics, salary processing, salaries and vendors payment.
IEEE, the world's largest technical professional association, announced that enrollment for the next testing phase of its Certified Biometrics Professional (CBP) program is now open. Testing windows for 2010 are scheduled for April 24 to May 31 and November 20 to December 31, with corresponding registration periods open from January 11 to May 26 and from August 9 to December 28, respectively. IEEE and some of the world's leading biometrics experts developed the new program to help meet training, hiring and evaluation needs of professionals and organizations throughout the biometrics industry.
The IEEE CBP program focuses on the relevant knowledge and skills necessary to apply biometrics to real-world challenges and applications. "We strongly encourage the biometrics community to get involved in the next test group of this important program," said Matthew S. Loeb, staff executive, IEEE.
The IEEE CBP program provides the industry with an unbiased measure of the baseline level of knowledge held by an individual, and is a by-product of the evolving field of biometrics and the growth this industry has seen over the last 10 to 15 years."
A new report released by Javelin Research showed that while consumers still overwhelmingly prefer knowledge-based authentication methods for online banking and other sensitive applications, alternative factors, such as biometrics and one-time-passwords, are gaining acceptability. Based on a survey conducted across nearly 2,000 U.S.-based consumers, the 2010 Authentication Report showed for online banking, 64 percent of consumer perceived that challenge-response questions were effective, compared to 58 percent who believed biometrics to be effective and 42 percent who thought one-time passwords worked well.
"This year we continue to find knowledge-based questions and challenge-response to still be the No.1 method that is familiar with consumers and perceived to be effective by them," says Robert Vamosi, an analyst for Javelin and the author of the report, which came out last week. "But this year, what was surprising was that one-time passwords and biometrics were starting to make a move on No. 1 and were performing better than we've seen in previous years."
Worldwide revenue from biometric technology is set to reach £8.9 million in 2015. Biometric technology is used in access control systems, particularly for intruder detection and perimeter security in the form of facial recognition software. Much of the increase in revenue will come from this sector. Governments and institutions alike are increasingly turning to technology to combat and counter the threats posed by sophisticated criminals and terrorists around the world.
As the threat perception grows, security agencies are investing in innovative technologies to preserve a safe and secure environment. The use of biometrics as means to verify identity in an attempt to weed out criminals with false documents is not a new phenomenon. However, a growing trend has been identified within both governments and the private sector to harness this powerful tool in order to keep home and corporate environments safe.
"The growth in the biometric security market is remarkable," said Ahmed Pauwels, Chief Executive Officer of Epoc Messe Frankfurt GmbH, organizers of the Middle East's premier safety and security trade fair and conference, Intersec. "Industry figures estimate that worldwide revenues from the biometric market will treble to US $14 billion (AED 51.4 billion) by 2015," he added.
"The latest in biometric security devices and machinery from the world's leading manufacturers will be on display at the Intersec trade fair and conference 2011, which will run from January 16 to 18, 2011 at the Dubai International Convention and Exhibition Centre, Both the public and private sector in the region are increasingly interested in incorporating biometric technology as part of their overall security environment. We have seen the growth in finger scans, eye scans and facial recognition technology in airports and security-sensitive sites across the region," Pauwels stated.
Industrialist Ratan Tata has the capacity to challenge a breach of his privacy in the Supreme Court. But what about the nearly 60 crore Indian residents who don’t know what will become of the biometric data being collected by UIDAI?.
The leak of the Niira Radia tapes in India and thousands of US classified documents on WikiLeaks, has stirred up again the debate on privacy. Earlier this week, Tata group chairman Ratan Tata petitioned the Supreme Court to order the government to restrict the use of conversations contained in the tapes, on the grounds that making them public was a breach of his privacy.
The WikiLeaks disclosures have exposed many decisions and processes in the US government that have become a serious embarrassment for its leaders. Some of these leaders are talking about punishing those responsible for the leaks.
It's all well for such influential business and political figures to argue in defence of their privacy. But do these standards apply to the common citizen anywhere, and more specifically in India? Many of such common people may not even be aware of this thing called 'privacy', leave the 'right to privacy'. Take the unique identification programme being conducted in India today.
Chinese scientists have developed a unique biometrics device, probably for the military, that uses a person's pace to identify them covertly, according to a confidential US cable leaked by WikiLeaks.
The Chinese Academy of Science (CAS) Institute of Intelligent Machines (IIM) in Hefei, capital of Anhui province has developed a biometrics device that uses a person's pace to identify them, a cable sent from the US Embassy in Beijing was quoted as saying by the whistle-blower website WikiLeaks.
"The device measure weight and two-dimensional sheer forces applied by a person's foot during walking to create a uniquely identifiable biometrics profile. The device can be covertly installed in a floor and is able to collect biometrics data on individuals covertly without their knowledge."
Research company Juniper has drawn up a list of predictions for the mobile and wireless industry for 2011 and they portray humanity hurtling headlong towards a mobile-centric lifestyle. Juniper sees 2011 as a year where we'll see increasing use of Augmented Reality, the first Cloud-Based Operating Systems, Mobile Banking becomes a must, the beginning of the demise of the credit card, the rise of Mobile Lottery Tickets, biometrics coming to mobile and Social Purchasing moving to a whole new level.
Juniper's full report can be downloaded here, but for those who need the short version, here are Juniper's top 10 wireless predictions.
- Surging Mobile Data Traffic
- Augmented Reality to Enhance Mobile Games and Retail
- Cloud-Based Operating Systems are Launched
- Mobile Banking will become a “must-have” when opening a new account
- Mobile Devices Begin to Replace Credit Cards
- Mobile Handsets Become Even More Sensitive
- Mobile Lottery Tickets Sales to Soar Fuelled by Deployments in US, Europe, and China
- Mobile-Specific Threats Lead to Demand for Mobile-Specific Security
- Buyouts take Social Purchasing to a New Level
- More Vendors Develop a “GreenHeart”
Residents of Hong Kong reported the highest level of concern globally for financial and personal security issues among the 11 countries surveyed for the latest Unisys Security Index. Residents of Hong Kong reported the highest level of concern globally for financial and personal security issues among the 11 countries surveyed for the latest Unisys Security Index.
In the survey that included 898 respondents from Hong Kong, the territory ranked second behind Brazil in overall level of security concerns in the Unisys survey. The national security issue that most concerned Hong Kong citizens was health epidemics (70 percent) while only 37 percent were concerned about security in relation to war or terrorism.
In terms of financial security, four out of five respondents showed "serious concern" over bank card fraud and 59 percent were concerned about their ability to meet essential financial obligations. On personal security issues, 81 percent of Hong Kongers were seriously concerned about unauthorized access to personal information and 58 percent were concerned about their personal safety over the next six months.
Australia will join the global clampdown on fraudulent visa applications by expanding its collection of biometric data to onshore applicants. Federal Immigration Minister Chris Bowen announced the change today, saying it would reduce identity fraud and fraudulent claims.
"Around the world identity fraud and fraudulent visa applications are on the rise," he told journalists in Sydney. "We need to make sure that Australia's toolbox is world's best practice for dealing with this." Biometrics data will now be collected from all applicants for protection visas lodged in Australia, alongside those for most overseas applicants. The federal government will also begin the phased introduction of biometric data collection for processing offshore visa applications.
The independent chief inspector of the UK Border Agency (UKBA) found that during one week between 18 and 24 April 2010, the gates at Manchester airport's Terminal 1 broke down five times.
Four were due to technical faults and one because of a lack of staff. Of the technical faults, one on 23 April resulted in a passenger getting trapped in a gate. All gates were subsequently closed and the fault was not rectified until 27 April. UKBA managers told the inspector they had a maintenance contract with a company based in Portugal to support facial recognition gates.
The contract, which covered both Manchester and other airports, was monitored by the Home Office IT unit. Under the agreement, the gates would be fixed within four working days, but if a gate broke down on a Friday, it could be out of order until the following Thursday. In the opinion of the inspector, this contractual time frame is too long.
On November 30, Secretary of the Armenian National Security Council Arthur Baghdasaryan received Krzysztof Zarnotal, president of the Polish Security Printing Works agency. Under the agreement reached in the course of Baghdasaryan’s visit to Poland, Zarnotal arrived in Armenia to introduce a system of biometric passports, council’s press service informed NEWS.am.
A biometric residence permit was formerly known as an identity card for foreign nationals and was required for some people during their stay in the UK. Whether you will be required to obtain a biometric residence permit will depend on your immigration category and if you apply for permission to extend your stay.
The persons who must currently apply for a biometric residence permit, if they want to extend their temporary permission to stay, would fall in one of the following immigration categories: Tier 2 (general) of the points-based system; Tier 2 (intra-company transfer) of the points-based system; Tier 2 (sportsperson) of the pointsbased system; and Tier 2 (minister of religion) of the points-based system. Those categorized in Tier 4 (general) of the points-based system, including postgraduate doctors and dentists; Tier 4 (child) of the points-based system, representative of an overseas business, domestic worker in a private household, and sole representative of an overseas firm, will also need to obtain a biometric residence permit.
