Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Impact of Biometrics on the Justice System Computers, Freedom and Privacy Conference, April 5, 2000.

Published byViolet Lindsay Cole Modified over 9 years ago

Similar presentations

Presentation on theme: "The Impact of Biometrics on the Justice System Computers, Freedom and Privacy Conference, April 5, 2000."— Presentation transcript:

1 The Impact of Biometrics on the Justice System Computers, Freedom and Privacy Conference, April 5, 2000

2 2 Unauthorized secondary uses apply to biometrics Biometrics offer the strongest form of positive identification –although viewed as the solution to reducing identity fraud, this feature also threatens personal privacy, specifically: Secondary uses can apply to –collecting biometrics for one use, say welfare enrollment, and using them to identifying individuals at a crime scene, for example –using the biometric as a token to link transactions of individuals and using this information to construct profiles for intelligence purposes. Because of its security and economic value, both government and market forces will pursue these practices.

3 3 Privacy laws are not enough Controls must be built into the code. laws or policies to restrict the use of biometrics are not sufficient.

4 4 Biometrics -- the measurement process Scanner Conversion Software Image Digital Number Finger Iris Voice Hand Biometric signature, e.g., minutia file for fingerprints Keypad Finger Digital Number With today’s technology, all biometrics transform to a number. That number is part of me, I can’t forget nor lose it. Analog to digital Quality enhancement, and feature extraction PIN

5 5 Biometrics -- the comparison process Scanner-S/W Template generation X Numbers (signatures) X scans of the same biometric Incorporates salient and repeatable features of biometric from a number of scans Biometric Number (n) Scanner-S/W Comparison Software Template (t) yes no maybe Authentication: Compare number (n) to a single template (t) to determine verification (yes or no). Identification: Compare number (n) to many templates (t 1 …t k ) to determine any matches within the allowed variability n same as or close to t ? ENROLMENT

6 6 Applications for Authentication Logon to networks, servers, laptops, etc., digital certificates, access to databases, firearms, premises, bank machines, credit and debit cards, access to benefits such as social security, medical, welfare access to personal information such as medical, financial Biometrics viewed as the solution to identity fraud

7 7 Applications for Identification Positive identification, comparing a biometric to a database of known biometric templates to determine its presence -- IAFIS for law enforcement, Negative identification, comparing a biometric to a database of known biometric templates to confirm that it is absent -- applying for welfare benefits to prevent multiple enrollment or “double dipping.”

8 8 Biometric Application Program Interfaces (BioAPI) Plug and Play Biometric Devices Bio Device Bio Device Bio Device BSP API SPI APIFRAMEWORKAPIFRAMEWORK APPLICATIONAPPLICATION Service Provider Interface Biometric Service Provider Goal: Standardize biometrics interface Template(s) Applications include: State welfare program, Bank machine access, logon to a network

9 9 Networking Application Databases Templates Health Care Templates Welfare Templates Law Enforcement Templates Bank Cards

10 10 Authentication does not require central storage of templates Biometrics can be stored locally -- smart card, barcode, etc. Comment In practice, we have to resolve how lost, stolen or damaged cards will be handled without the individual physically going to an “enrolment” center to present his ID and have his biometric processed again? Centralized storage of a biometric or its templates would allow a new card containing the biometric template to be put in the mail, or a virtual card downloaded over the Internet.

11 11 Fingerprint Pattern versus Digital Template The actual fingerprint pattern is not stored, but only a digital template is stored which cannot be converted back to the original fingerprint pattern. Comment The issue is not whether a fingerprint pattern can be reconstructed from its digital template. The issue is that both the fingerprint pattern and its corresponding digital template are unique identifiers and therefore surrogates of one’s identity.

12 12 A Scenario of Privacy Infringement (1) A welfare recipient leaves his latent fingerprints at a nightclub that later becomes the scene of a crime. The latent prints are picked up and matched to the fingerprint database compiled for welfare recipients. He is identified and questioned. Solution The fingerprint database will be off limits to the police by virtue of legislation. How can we ensure it will be the case with the next government? What about the issue of unauthorized access to the database. The temptation for secondary or unauthorized uses of such a database beyond its primary purpose may be very great.

13 13 Solution Never store the actual fingerprint pattern, only its digital template. Still a problem. If the police obtain access to a similar biometric device, and place some digitized latent fingerprints through the system, they will be able to compare against the templates. They have to, otherwise the system doesn’t work. A Scenario of Privacy Infringement (2)

14 14 Mapping Templates X y z X y z T1T1 T* 1 Translation of templates from one format to another is a mapping process from one minutiae n-space to another

15 15 Solution Have unique hardware or software algorithms that are encrypted for different organizations and government agencies. Privacy is based on ignorance of the potential attacker. to be comparable to cryptographic systems, biometric security cannot depend on the secrecy of the algorithm or unavailability of the hardware. The system should have an open design. The protection mechanism must not depend on the ignorance of potential attackers. The algorithms should be open to public scrutiny, just as cryptographic algorithms are subjected to. A Scenario of Privacy Infringement (3)

16 16 Solution Either the templates in a database or their links to personally identifiable information will be encrypted, therefore matching cannot occur without access to the encryption key. In this case, secure key management would be crucial. Who is going to have control over the encryption keys? How do we guard against putting the rabbits in charge of the lettuce? With key management, we are basing our privacy on the trust model versus the absolute security we have with cryptographic algorithms. A Scenario of Privacy Infringement (4)

17 17 Current biometric systems place the “use limitation” provision in FIPs further in jeopardy Third parties, such as the law enforcement community, will have access to personal profiles about you that are more complete, and potentially more damaging than the combined information that your best friends, spouse and parents have.

18 18 Privacy loves the company of numbers 3271 bank card PIN 5733office security system PIN 2259telephone PIN MappleLaptop password 8932home security PIN The feature of PINS that makes for “bad security” makes for great privacy -- a lot of them ! With current biometrics, you have one number or, at most, a few. Safety in numbers -- hazards in one number

19 19 Security issues with Biometrics (I) Limited to a Yes/No response. For network security, still need to link to a PIN unless one uses the template as the password. If so, then templates have to be stored in databases. Solution: use the biometric to encrypt the PIN

20 20 Use the biometric to encrypt the PIN Fingerprint Pattern 73981946%h*9%4Kd Enrollment PIN Coded PIN is stored CODES Fingerprint Pattern %h*9%4Kd73981946 Authentication Coded PIN PIN used for access DECODES Can literally have hundreds of PINs -- Safety in numbers!

21 21 Security issues with Biometrics (II) Current biometrics are not challenge-response sytems. The password, which is the biometric, is always the same. Solution: use challenge-response systems

22 22 Challenge-Response Using Biometrics Fingerprint Pattern 2x + 7H$g&rc#j Enrollment Response Function Coded Res Fnc is stored CODES Challenge x = 4 R = 15 2x + 715 Host Client decodes Res Fnc with fingerprint Calculated Response X = 4 R = 15 sent back to Host

23 23 Security issues with Biometrics (III) If template resides in a client PC, open to future surveillance by intelligent agent software, i.e. trojan horses, worms. Solution: use embedded trusted biometric devices that are isolated from the client. Never store template in the client

24 24 Scanner-S/W Template generation Biometric Template Storage Comparison Software Template (t) Embedded Hardware Device Embedded Biometric Devices To Client PC Trusted Device

25 25 Security issues with Biometrics (IV) Biometric systems are still inaccurate and will generate false identifications.

26 26 The need for balance when using biometrics Confidentiality, Authentication Surveillance & Linkage Benefit Risk

27 27 Conclusion Current off-the-shelf biometrics will permit the secondary uses of personal information. They are not privacy protective. Technology that allows informational self-determination and makes good security a by-product of protecting one’s privacy is the goal. Using the biometric to encrypt a PIN or a standard encryption key will meet that goal.

28 28 The privacy problem with current biometrics A biometric such as a fingerprint can be used as a unique identifier of a person which, as a unique identifier: –can be used to trace the person’s transactions, and – link massive amounts of personal data about them. Because of its value, both economic and security, both market and government forces will promote this practice. If biometrics are adopted as the standard method of authentication in our society, we will have central databases of peoples’ biometrics or digital templates residing in networked databases.

29 29 The Identity Spectrum Anonymity Most Privacy Protective Absolute ID Least Privacy Protective Multiple Pseudonym x.9.59 PINs and Passwords Digital Certificate x.509 Biometric Digital Certificate x.509 Secure transactions do not require divulging of identity in all cases.

30 30 Networking Template Databases

31 31 Process to establish authentication credentials 1.Identification – a one time process to establish that I am a unique, named individual (e.g., George Tomko). 2.Confirmation of Eligibility – a one time process to confirm that the named individual is indeed eligible (i.e. meets certain stated criteria) for a given service. 3.Authentication Credentials – a token, furnished or chosen by the service provider, which allows the individual to access the service involved on a recurring basis. It presumes the existence of steps one and two, without which it could not operate.

32 32 Levels of Security for Identity Fraud No proof of identity required. PIN or password used as token of identity. Digital certificate used as token of identity. Biometric tied to digital certificate used as token of identity. Token changed frequently, e.g, changing a password or PIN on a weekly basis. Different token for each access attempt, e.g. challenge-response system, one time password.

33 33 Industry’s Response This threat to privacy, highlighted by public exposure and heightened media attention, has became somewhat of an obstacle in some countries in the marketing of biometric technologies. In response, biometrics are now being promoted as privacy- enhancing. Is this Orwellian double-speak or is there some foundation to this claim?

34 34 BioAPI Implications

35 35 Integrating Justice Information: The privacy threat Secondary uses of personal information without consent -- beyond the intent of the primary purpose for collection. Impacts privacy rights of : –accused but not yet convicted individuals, –victims or witnesses at a crime scene, –suspicious individuals -- intelligence gathering activities of a government agency.

36 36 Levels of Security for Access “Open door” policy, e.g., no PIN or password Same token used for each access attempt, eg., PIN, password, biometric. Token changed frequently, e.g, changing a password or PIN on a weekly basis. Different token for each access attempt, e.g. challenge-response system, one time passwords. The fundamental problem is that biometrics are not what cryptographers refer to as a “challenge and response” system. That is, the response to the question, “What is your left index fingerprint?” is always the same. A challenge and response system would ask different questions each time and be able to measure the correct response.” (Peter Wayner - New York Times)

37 37 Levels of Privacy Systems designed to protect privacy must have the same level of security as cryptographic systems. That is, their security cannot depend on the secrecy of the algorithm or unavailability of the hardware. The system should have an open design and the protection mechanism must not depend on the ignorance of potential attackers.

38 38 The Solution to Identity Fraud Biometrics are being viewed as a solution to identity fraud because they can be used to positively authenticate and in many cases positively identify individuals. Furthermore, if one wants, biometrics can be used to track individuals and their transactions.

39 39 Privacy Issues Confidentiality of personal data (security) Surveillance of location (activities) Linkage of personal data (secondary use)

40 40 Your Identity Stored in Cyberspace If biometrics are adopted as the standard method of authentication in our society, we will have databases of peoples’ biometrics or digital templates residing in a networked society

Download ppt "The Impact of Biometrics on the Justice System Computers, Freedom and Privacy Conference, April 5, 2000."

Similar presentations

Installation & User Guide

Installation & User Guide
Biometrics: Fingerprint Technology Calvin Shueh Professor Stamp CS265.

Biometrics: Fingerprint Technology Calvin Shueh Professor Stamp CS265.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
CSC 386 – Computer Security Scott Heggen. Agenda Authentication Passwords Reducing the probability of a password being guessed Reducing the probability.

CSC 386 – Computer Security Scott Heggen. Agenda Authentication Passwords Reducing the probability of a password being guessed Reducing the probability.
BIOMETRICS: Libraries have begun to see the value of biometrics. M.G. SELVI Technical Officer Center of Advanced Study in Crystallography and Biophysics,

BIOMETRICS: Libraries have begun to see the value of biometrics. M.G. SELVI Technical Officer Center of Advanced Study in Crystallography and Biophysics,
(Biometrics Consortium)

(Biometrics Consortium)
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
ELECTRONIC PRESCRIPTIONS Basia Korel Kendra Wadsworth.

ELECTRONIC PRESCRIPTIONS Basia Korel Kendra Wadsworth.
2003 1 Increased Security, while protecting Privacy ? True or False ? Christer Bergman, President and CEO, Precise Biometrics.

Increased Security, while protecting Privacy ? True or False ? Christer Bergman, President and CEO, Precise Biometrics.
BIOMETRICS AND NETWORK AUTHENTICATION Security Innovators.

BIOMETRICS AND NETWORK AUTHENTICATION Security Innovators.
User Managed Privacy Using Distributed Trust Privacy and Security Research Workshop Carnegie Mellon University May 29-30, 2002 Lark M. Allen / Wave Systems.

User Managed Privacy Using Distributed Trust Privacy and Security Research Workshop Carnegie Mellon University May 29-30, 2002 Lark M. Allen / Wave Systems.
Introduction to Fingerprint Biometrics By Tamar Bar.

Introduction to Fingerprint Biometrics By Tamar Bar.
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz.

GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz.
Www.ipc.on.ca Biometrics & the Privacy Paradigm: Separating Fact from Fiction Ann Cavoukian, Ph.D. Information & Privacy Commissioner/Ontario Security.

Biometrics & the Privacy Paradigm: Separating Fact from Fiction Ann Cavoukian, Ph.D. Information & Privacy Commissioner/Ontario Security.
Biometrics: Voice Recognition

Biometrics: Voice Recognition
Marjie Rodrigues 411154.

Marjie Rodrigues
“KEEPING YOU TOGETHER, BUT APART” BY: KANISHA NEWMAN United Identity Bank.

“KEEPING YOU TOGETHER, BUT APART” BY: KANISHA NEWMAN United Identity Bank.
Online and Mobile Banking. Online banking Online Banking  Online banking is a fairly established practice in our internet-saturated world.  Many people.

Online and Mobile Banking. Online banking Online Banking  Online banking is a fairly established practice in our internet-saturated world.  Many people.
Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.

Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.

Similar presentations

Ads by Google