Biometrics – the new “science” of identification

In Europe and the USA the term “biometrics” is a technical term heard increasingly often in the news and conversation. Few Tanzanians will be familiar with biometrics. However, those who have visited the USA in the last year will have experienced their use first hand – visitors are required to place their fingers on a small scanner, and pose for a photo before being allowed to enter the country.

Biometrics are physical things about us that make us unique and can be measured. Fingerprints are a biometric almost everyone has heard of. Fingerprints have been used by the police to identify criminals for over a hundred years. In 1888 Sir Francis Galton suggested that the chances of two individuals sharing a set of prints are 1 in 64 billion. It follows that they
are a good way of identifying someone. The presence of matching fingerprints at crime scenes has been enough evidence to convict many a thief or murderer. Technology has moved on with the discovery of other biometrics. Police forces around the world now use DNA fingerprinting to catch rapists and other criminals – genetic material in our bodies’ cells is also unique and can similarly be used to prove someone was at the scene of a crime.

However the reason biometrics has become a big talking point is not for their use in catching criminals, but in making sure a person is who she says she is.

Under the US-VISIT programme arriving visitors are photographed and have their fingerprints taken. This information is then stored on a database next to the details from their passport. The next time they visit the US (and at some time in the future, when you leave) their fingerprints will be checked against the ones on the database to confirm that they are the same person. The US, amongst other countries, is beginning to introduce biometric information into passports in an attempt to cut down on forgery. Visitors from countries that do not issue “biometric passports” may well find that their entry to the USA is considerably more difficult than it was in the past.

It is not only the US immigration service that is introducing ID cards into peoples’ lives. The UK government wants to introduce a national identity card including biometrics. Some businesses already use biometric technology to control access to restricted areas. It is even possible for individuals to buy such security – a number of computer manufacturers produce fingerprint scanners which allow fingerprints to be used instead of passwords to secure your PC at a cost of less than $200. The patterns in our eyes – our irises – are another biometric that is in use for securing things. Retina scanners are also available for computers, and are likely to be used as an alternative to fingerprints for some countries’ biometric immigration procedures.

Like all technologies biometrics has its drawbacks. A computer cannot store all the information contained in your fingerprints, photograph or iris scan. A biometric that represents you is actually turned into something like a very long password, based on specific parts of the biometric – for example, where your eyes are in relation to your nose, or the length of particular swirls of your fingerprint. This presents two problems – the next time your biometric is taken
will the same password be generated? Not if you have grown a beard or changed your spectacles. Not if the last person who put their finger on the scanner was a fundi with grease on his hands. If this were to happen in the immigration line at a New York airport you can imagine the alarm bells going off and anti-terrorist police throwing a net over you.

The second problem occurs if the biometric has to be transmitted to a different location in order to be checked against a central database. Of course, your actual fingerprint is very difficult to forge, but what about the password generated from it for biometrics? It might be possible for a hacker to obtain this password, and then use it to pass themselves off as you remotely. Not likely to happen in immigration, but online banks must be tempted to use biometrics to allow customers access to their accounts. This creates a financial incentive for criminals to learn more about the technology and its vulnerabilities. An ordinary password can be changed if someone finds it out, but a biometric one – well, maybe you can get by with one less finger!

Like all technologies, biometrics should be seen as a tool that helps us improve our lives. The uses it can be put to must be carefully analysed. There is a danger in viewing it as a magic wand that can solve any problem to do with identity or security. Who we are says little about what we intend to do. It is the intentions and future actions of unknown people that we really want to protect ourselves against.

Interesting Links

Originally published in Arusha Times 319

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s