Wednesday, 6 December 2017

Biometrics and You

In the Reading Over My Shoulder series I share remarkable articles and websites that make me raise my eyebrows.

Biometrics on your credit card
Today I am browsing around on the Biometric Update website. I found the following news snippet:
MasterCard rolled out an interesting initiative a few weeks back in South Africa. The company developed cards with an additional layer of security to counteract fraud — a biometric fingerprint sensor. By combining chip technology with your fingerprint, the company can now verify the cardholder’s identity for in-store purchases. The process is quite simple in that you stick your card into the terminal during payment. The biometric fingerprint sensor on the card, which is powered by the terminal, takes a fuzzy image of your fingerprint and matches it against the biometric information stored in the card. If the biometrics match what is stored on the card, then the payment is processed.

Fingerprint biometrics: Lumidigm.
Check their site via the Solutions tab for a very interesting browse.

Fingerprints are not the only type of biometric identification. Banks and governments are exploring a whole range of biometrics, like iris scanning or facial recognition, but there are many more. Here are two more examples:

Collecting your behaviour
This biometric technology won a prize from the Texas Bankers Association. 
BioSig-ID™ is one of the only biometrics that collects a behavior and can be easily replaced just like regular passwords. BioSig-ID™ blends amazing biometric technology with the password format people are comfortable with.
 BioSig-ID™ works on any device with your finger, stylus, or mouse. User's draw a unique 4-character biometric password and this creates a template pattern to which all subsequent log ins are compared. Imposters are blocked since they can't reproduce your pattern. BioSig-ID™ can replace your current security (i.e. Windows Log in) or be used as an additional layer.

How it works
Voice Recognition
Most people are familiar with private applications of speech recognition on their mobiles. There is a host of other applications - even Chrome can write your spoken words for you. It does make you wonder how secure your devices are from eavesdropping agencies, but let's leave that stone unturned for now. Voice recognition for identifying purposes goes further.

Barclays Bank has been using the technology since 2012:
International banking customers are automatically verified as they speak with a service centre executive. Not only does that cut the authentication time by about 20 seconds but critically the approach enables service teams and relationship managers to focus on clients’ needs rather than the mechanics of authentication.

The system has been in action at Barclays since mid-2012 and has certainly gained early endorsement from customers: in a recent poll, 93 per cent of client users scored Barclays at least 9 out of 10 for the speed, ease of use and security of voice authentication.
One company producing voice recognition systems for governments is Agnitio Government Products: "Security Solutions speaker identification and precise ID verification."

Together with other data like your browsing history, travel, spending habits and social media contacts and even your email content, organisations like INDECT can profile you even more accurately than you think you know yourself. But like the proverbial boiling frogs, we are already used to the water being warmed up as we go through our lives logging in here, there and everywhere, using RFID passes from public transport to pop concerts and entry into our work places. We can't even access websites without consenting to cookies that collect our data.

Is privacy a human right?
At first glance it would seem obvious, but the foot is in the door when you check out the legal definitions and various charters extant around the world. A nice little project for law buffs:
UK data protection Act definitions
European Union Agency for Fundamental Rights
In short: you'll find more loopholes in those laws than there are in a string vest.

As you can see, biometrics can use all kinds of physical characteristics to identify who were are, each with its own pros and cons. You would think that the people who are driving ID2020 forward are content to select one of these technologies or a combination of them. But no. For some reason, they are obsessed with something beyond existing biometrics. They are not communicating this obsession, but it can be seen in the imagery of their presentations. It is in the kind of tech companies they invite to their sessions. And it is in their Gaia beliefs which underpin their Sustainable Development Goals. They won't rest until they have stamped their indelible mark of ownership in the hands and/or foreheads of man(kind).

ID2020 summit Identity 2.0

No comments:

Post a Comment