Biometric technologies use biological features such as fingerprints, veins, faces and irises to identify individuals. They greatly improve the accuracy and reliability of identification and verification systems by taking out the element of human error.
In the area of public safety, biometric technologies in the form of fingerprinting, iris and facial recognition have made a significant contribution to border control and law enforcement.
Biometrics has also played an important role in ensuring personal security, both in terms of facilitating the provision of social services at the national level as well as protecting personal devices and accounts from crackers.
Now, the rise of multi-modal biometrics provides new ways to improve public safety, user experience and protect personal privacy. The combination of multiple biometric parameters makes the technology much more robust against challenges.
Mobile biometrics and biometrics on the move are two other developments to look out for. The integration of biometrics technologies with mobile devices will reduce infrastructure costs, while the ease and convenience of non-invasive capture enabled by stand-off biometrics will spur its widespread adoption.
FROM BASIC TO ADVANCED TECHNOLOGY
Whether it be a student’s distinctive facial feature recognised by a teacher taking the class’ attendance, your signature on a check which allows money to be withdrawn from your bank account or your profile picture on Facebook which helps your friends find you; “basic” biometrics are firmly a part of everyday life.
Despite our heavy reliance on them, our current methods of identification and authentication are far from ideal. A study of Australian passport officers published in the journal PLOS ONE showed that the officers missed one out of every seven fake passport photos, and that trained staff were no more accurate than student volunteers.
This high error rate of 14 per cent is particularly worrying in the context of modern day air travel, where hundreds of thousands of people pass through airports each day. It is perhaps not altogether surprising then, that two out of the 227 people on-board the missing flight MH370 from 2014 were traveling on false identities.1
The main weakness of basic biometrics is the high rate of human error. A new haircut can dramatically alter the way a person looks and signatures can be forged, for example. Non-biometric technologies have sought to reduce this subjectivity by relying instead on passwords or physical tokens to establish identity.
However, as anyone who has forgotten their password or left their staff card at home knows, these methods can sometimes lead to frustrating situations. Rather than replace basic biometrics with non-biometric technologies, advanced biometrics make the identification of unique physiological or behavioural traits much more accurate and reliable.
After more than two decades of research, biometric technologies have matured and advanced to the point where they are able to achieve sophisticated functions and outperform human abilities.
In 2017, the U.S. National Institute of Standards and Technology (NIST) reported NEC’s face recognition technology had an accuracy of 99.2 per cent when matching a person as he walked through an airport passenger gate.
Ultimately, what biometrics enables is automated access control and identity management; replacing human, error-prone processes with technology. There are two main types of biometrics:
Being able to verify identity is not only important for border control and law enforcement agencies, but could also help to prevent fraud, increase access to governmental services and even promote democratic participation.
Biometrics, where the person serves as a marker of identity rather than a document, could be particularly useful in developing countries where literacy rates are low. In 2009, the government of India embarked on a massive project to enrol its 1.2 billion residents into the biometrics-based Unique Identification Program, also known as Aadhaar.
Intended as a means to fight corruption particularly in the issuing of subsidies, an Aadhaar social security number also provides the holder with access to other services such as healthcare and education. It also serves as a voter registration system, thereby helping to prevent electoral roll fraud.
Although costs have been substantial, amounting to US$574 million as of September 2013 according to the Unique Identification Authority of India (UIDAI), benefits include fewer leakages, lower transaction costs and improved labour mobility.
In fact, a cost-benefit analysis by the National Institute of Public Finance and Policy (NIPFP) shows that the implementation of Aadhaar yields an internal rate of returns of 53 per cent, even though it only takes into account the savings by the government.
If intangible benefits and systemic benefits to the economy are also accounted for, the rate of return on investment in Aadhaar would be even higher.
While government agencies have been quick to adopt biometric technologies, the take-up rate has been slower among individuals, largely hampered by high costs. Nonetheless, there is evidence that user acceptance is growing as the cost of mature biometric technologies falls.
In fact, a number of existing biometrics users is already substantial, driven largely by the adoption of biometrics technologies in the consumer smartphone market.
Tech giant Apple first introduced their fingerprint locking system known as TouchID with the launch of the iPhone 5S in 2013, causing competitors Samsung to incorporate the same technology into the Galaxy Tab S. The iPhone 6 that came later took the technology further, integrating fingerprint scanning with near field communications (NFC) to enable mobile payments.
A market report by Frost and Sullivan titled Biometrics Go Mobile: A Market Overview predicts that there will be an explosive growth in the biometric smartphone market within the next few years, expanding more than ten times from 43 million in 2013 to 471 million in 2017.
As online shopping becomes more mainstream, there has been a greater demand for more robust authentication processes. Existing methods using numbers exposed on credit cards and password-token combinations are not fool proof. In 2015, consumers lost US$158 billion to cybercrime globally, according to a Symantec report.2
Biometrics provides a much safer way to authenticate high value transactions. For example, it would allow continuous authentication, where the user’s iris is tracked throughout the authentication process. A secondary but related need is the desire for greater convenience. Unlike passwords or tokens commonly used for two-factor authentication, personal physical features cannot be lost or stolen.
Biometric technology will do away with the hassle of carrying around multiple authentication devices and having to remember complex and non-intuitive passwords. Recognising the potential for retail applications, Chinese online payments powerhouse Alipay entered into a partnership with technology company Huawei to incorporate mobile payments into Huawei’s flagship phone, the Mate 7, in 2014.
Aside from the cost factor, one of the considerations preventing the mass adoption of biometric technologies has been the issue of privacy. Although the fact that biometric features are irreplaceable makes them secure, it also means that steps must be taken that they do not fall into the wrong hands.
In particular, consumers are concerned that biometric information in the form of facial photographs and fingerprints are easily available, and therefore open to theft.
However, what many consumers may not realise is that biometric technologies such as fingerprint and facial scanners do not store an actual image of the fingerprint, iris or face, but instead digitally encode the information in what is known as a template.
Each device which captures biometric information would use different features to develop a template, making it difficult for a template captured on one device to be used to authenticate a device using a different template system. Furthermore, it is nearly impossible to reconstruct the original image based on the template data.
As facial recognition technology continues to mature, the next key technology that looks set to grow in importance is video analytics. Traditionally, video surveillance has been used to secure restricted areas such as airport runways or hangars. This process is becoming increasingly automated, and predictive systems add an extra dimension to perimeter protection by enabling a proactive rather than reactive response.
Biometrics technologies are being embraced in video analytics particularly as we approach the limits of human operators. Human concentration, which can taper off after 20 minutes, means that human operators tend to have a high rate of overlooked events, especially when bored or fatigued. Furthermore, relying on human surveillance is not only inherently inefficient, but also increasingly expensive as manpower costs continue to rise.
Then there is the challenge of dealing with the sheer volume of video data being generated. Video surveillance is predicted to reach a staggering 3.36 trillion hours of video in 2020, according to a report by Homeland Security Marketing Research.3
Going by a conservative assumption that only 20 per cent of the most critical video will be reviewed by staff, this nonetheless entails a workforce of over 110 million security personnel worldwide, dedicated to video surveillance.
Not only will video analytic systems be inevitable, but they will also bring new capabilities to the table. Motion detection can be used to identify behaviours such as loitering or objects that have been stolen or left behind.
These capabilities will be particularly useful in high security areas such as airports, alerting staff to suspicious persons and objects such as unattended baggage. Video analytics are also able to automatically track moving objects across multiple cameras and give real-time information on the movement of crowds.
The ability to sharpen images from low resolution video and the automated filtering of irrelevant images facilitate forensic video searches and post event analyses. For example, individuals identified by video surveillance can be checked against Interpol’s stolen and lost passports list.
Video analytics is not restricted to facial recognition, but has also been very useful in vehicle and license plate recognition for security purposes.
Although biometric technologies are a vast improvement over existing identification and authentication methods, no technology is infallible.
Though the chance is small, errors could potentially be introduced at each stage of the biometrics process, from enrolment and matching to database management.
Apple’s TouchID system was shown to be hackable within hours of its 2013 launch. Using a latent print from the phone, a laser printer, some white wood glue and a bit of breath to keep the fake print moist, the Germany-based Chaos Computer Club was able to bypass the fingerprint lock screen.4
There are situations in which single parameter biometrics fail. For example, two to three per cent of the population have no usable fingerprint, such as laborers with worn fingerprints or people with a genetic condition called adermatoglyphia, also known as immigration delay disease.
Clearly, no single biometric parameter is perfect; each has its own advantages and disadvantages in terms of ease of capture, performance and cost. Toget around these issues, multi-modal biometrics has been employed, where two or more sources of biometric information are captured and used to cross reference each other.
While it may be possible to fool a single biometric reader, it takes much more effort to hack into a system which uses multiple biometric readouts. In the previously mentioned Aadhaar program for example, all ten fingerprints as well as a photograph and two iris scans are taken, making the system more robust.
Of course, increasing the number of biometric parameters captured also increases the cost and complexity of implementing the system. Rather than use the maximum number of biometric parameters for every process or transaction, single factor biometrics could be used in parallel with traditional measures such as passwords or tokens, enhancing instead of replacing them.
For high value transactions, where the higher costs are offset by the higher risks, a multi-modal approach could be used. This layered system would help to keep costs low and increase the speed of biometric clearance.
One application is in future cars and road systems. Already trials are being conducted in Europe and elsewhere, where cars can be outfitted with communication devices that announce their presence as well as “talk” to surrounding devices, such as those installed on the kerb or on a traffic light.
A very fast, split-second change in a situation, say, if a driver is running a red light, could trigger a warning in other drivers in the vicinity, so that they are warned of the imminent danger. Such systems can also help alleviate jams. Each device could, for example, connect to one another when many cars are stuck on a highway jam, to relay that information all the way back to drivers who might be heading towards the jam, so they may avoid it.
Such intelligent agents are expected to be common in future cars, and NEC is a major vendor involved in several trials of such smart cars in Europe. Though such technologies are still some years away from mature commercial rollouts, issues are being ironed out to bring the scenario to reality.
Communications among smart devices will impact many facets of urban life. Its effect will become more pronounced as cities become denser and interactions between not just humans but an increasing array of sensors and communications devices increase.
Among the potential issues that government agencies have to work out is that of identity management. They would have to ensure that each machine on the network is what it says it is, so there is no “fake” information being spread through a swarm of machines.
Solutions to guarantee authentication but also non-repudiation and privacy protection for vehicle- to-vehicle communications are being finalised mostly in Europe and US.
BIOMETRICS ON THE MOVE
Enabled by the latest advances in capture technology, biometrics on the move allows features to be taken without manual intervention and even while the subject is in motion. Also known as stand-off biometrics, this technology enables contactless fingerprint capture and iris or face detection based on video surveillance.
In contrast, older technologies are cumbersome and time consuming, requiring direct contact with a fingerprint scanner or for the subject to present themselves to the capture device, holding still to ensure a high-quality scan.
Biometrics on the move could potentially revolutionise law enforcement, allowing real-time watchlist detection and monitoring of people moving through sensitive areas such as nuclear power plants and security facilities. In public safety, biometrics on the move could help with crowd control and flow management, automatically preventing bottlenecks which could potentially be dangerous or at the least, time wasting.
Biometrics on the move also finds many applications in providing business intelligence. Anonymous, non-intrusive real-time monitoring can capture “soft” biometric features such as age, gender and ethnicity, allowing retailers to provide targeted services dependent on demographic features. Information on the people walking through a mall, for example, could help retailers make decisions about how to design and stock their stores.
Most of all, biometrics on the move makes the adoption of biometric technology convenient for users. For example, it can be used to capture information of passengers as soon as they walk into the airport, reducing the amount of time spent clearing immigration. Biometrics embedded in the environment go one step beyond mobile solutions, seamlessly integrating technology into everyday life.
For more info, visit nec.com/safety