Voice Biometrics Becoming More Accurate and Secure
Voice biometrics, according to Ziv Barzilay of CellMax Systems, has become a secure and accurate option for companies doing business over any type of communications network, especially financial institutions where identity theft is a prominent issue. Citing that voice biometrics was in the past inaccurate and too costly and impractical to use, the other forms of physical biometrics have been more popular. Voice biometrics is the only biometric technology that enables immediate authentication anywhere at any time, by using a phone or microphone. CellMax’s solution examines the 15-plus parameters that make up our voiceprint including teeth, nasal cavity, and lips and uses a real-time algorithm for identification.
United Kingdom Realizing the High Cost and Benefits of e-Borders
The United Kingdom has recently finished a trial electronic borders program where 29 million travelers were screened before they were allowed into the UK resulting in more than 13,000 alerts and 1,000 arrests. After the trial program, it is estimated that the program will cost £1.2 billion and will provide unified border control by 2009. The program requires all commercial and private carriers to submit detailed passenger and crew data prior to departure to and from the UK. That information is then checked in real time against watch lists and assessed for risks. “We’re creating an overseas border control with tougher checks before travelers board a train, plane or boat for Britain,” said immigration minister Liam Byrne. Starting next year, foreign nationals residing in Britain will be issued a biometric ID card. Biometric visas are now issued in over 80 countries. The e-Borders program is a joint project led by the Border and Immigration Agency, in partnership with the police, HM Revenue and Customs, and UKVisas.
New thumb drives include top security features
If you are looking for a way to battle all the spies trying to figure out your most confidential secrets, Transcend recently launched JetFlash 220 USB thumb drives, fully equipped with biometric protection and AES 256-bit encryption technology. Sounds tough to operate, but Plug and Play installation makes working with this thumb drive a breeze. They can also be used for secure websites, automatically entering logins and passwords when the drive is inserted into the USB slot, according to a review by MOBILEWHACK.
City Workers File Religious Protest Claiming Biometrics is ‘Mark of the Beast’
Claiming that the use of biometrics (specifically a time-keeping system that uses finger measurements to track worker’s hours) is the “mark of the beast,” several employees of the City of Wilmington, NC have filed religious protests against their employer. “As my divine…right, I request that you, my employer, accommodate my sincerely held religious belief by not requiring me to submit to the use of a thumbprint, DNA or any other biological identification device,” one employee wrote. These complaints are derived from the idea that, to some, biometrics - such as fingerprinting, retinal scans and hand measures - represent the “mark of the beast” as predicted in Revelation in the New Testament. According to David Alan Carmichael, who established the American Christian Liberty Society, the Book of Revelation depicts a society where people are forced to be marked by the name or number of the beast on their right hand or forehead which some liken to hand and eye scans. “Those are stops on a slippery slope to imbedded computer identification chips, the ultimate mark,” he said. Kronos, Inc. has implemented the system for the city of Wilmington at an estimated cost of $350,000. The new technology will be more accurate and efficient, and will eliminate the chance of an employee punching an absent friend’s timecard. Only about 12 of the city of Wilmington’s 1,200 or so workers appealed being measured for the Kronos system, Al McKenzie, the city’s director of human relations, said.
HIIDE system works to seek out insurgents
After being at war for several years, the United States has created new and improved identification methods used in the battlefield. One of the new pieces of equipment developed is the HIIDE™ system. HIIDE is an acronym for Hand-held Interagency Identity Detection Equipment and is a biometric identification database through which soldiers can quickly input and access the registered citizens within Iraq. Family Security Matters reported that there were two type of people that are primarily targeted for input into the biometric system: suspected insurgents, and Iraqi law enforcement personnel.
Lab to test new measures that could help eliminate identity theft
UK scientists at the National Physical Laboratory will take part in a new project targeting identity theft that should help all of Europe. The initiative, which has been nicknamed “Biotesting Europe,” is partially funded by the European Union. The scientists feel that most biometric systems are currently used for more secure purposes such as border control, but believe they could also be used in a domestic context to reduce identity theft. According to the report at vnunet.com, the National Physical Laboratory hopes to outline a more secure way to protect one’s identity.
The biometric backbone of the FIPS 201 ID card program
By David Benini, Aware, Inc.
Following the publication of the FIPS 201 standard in 2005, a series of specifications evolved defining the functionality and interaction of the components that together make up a comprehensive biometrics-enabled credentialing system. The requirements set forth in FIPS 201 were divided among twenty product categories and three services that form the GSA’s Approved Product List (APL). There are six categories that cover specific biometric technologies. Because PIV cards utilize fingerprint and facial biometrics, the categories are split between the two technologies.
Fingerprint biometric product categories:
- Template Generator
- Template Matcher
- Fingerprint Capture Station
- Single Fingerprint Capture Device
Facial image biometric product categories:
- Facial Image Capturing (Middleware)
- Facial Image Capturing Camera
Fingerprint biometric product categories
The first set of biometric categories covers hardware and software required to capture and verify fingerprint biometrics on PIV cards.
The “Fingerprint Capture Station” is the equipment used to capture an individual’s full set of fingerprints at the point of enrollment. The “Template Generator” is the software that generates the INCITS 378 compliant biometric template from the captured prints.
An approved “Fingerprint Capture Station” product must be an FBI-certified fingerprint live scan device or card scan solution, but must also include software to generate both NIST NFIQ image quality scores and fingerprint images within ANSI/INCITS 381 compliant data files.
Moving from enrollment to utilization, the “Single Fingerprint Capture Device” is used in the field to capture the live fingerprint images for matching against the enrolled template. The “Template Matcher” software performs this matching process.
Products in the fingerprint minutiae based “Template Generator” and “Template Matcher” categories must be submitted to NIST’s MINEX program for certification. NIST tests the software for interoperability between templates and matchers from different vendors. The software submitted for testing must be able to exchange template files compliant to the ANSI/INCITS 378 data interchange format for fingerprint minutiae templates.
Facial Image biometric product categories
Hardware and software for facial capture are covered by two different categories; the “Facial Image Capturing Camera” is simply a digital camera with sufficient resolution and the ability to prevent over-compression. The software to format the image is the “Facial Image Capturing (Middleware).”
The “Facial Image Capture (Middleware)” product category serves as a catch-all for facial image and data requirements. Software products in this category should create data structures compliant with ANSI/INCITS 385 and also validate that the captured facial images are compliant (e.g. dimensions, size of the head in the frame, resolution, compression ratio). It includes a requirement that if the facial image is compressed using the JPEG2000 “region of interest” (ROI) technique, the product must support prevention of the compression of the inner facial region beyond a ratio of 24:1. JPEG2000 ROI is recommended when optionally storing facial images on the smart card because of its significantly improved compression performance over JPEG.
Generally the term “middleware” refers to software that enables connectivity between large distributed applications, web services, and service-oriented architectures (SOA). But in the smart card vernacular, the “middle” is relative and refers to something quite different. The “PIV Middleware” product category actually refers to software serving as an interface for communication between the PIV application on a PC and the smart card itself. FIPS 201 specifies this interface, and products in the PIV Middleware category must be independently certified to be compliant. This shouldn’t be confused with biometric middleware products on the market that are typically servers performing centralized tasks such as biometric data routing and processing.
Biometrics required for PIV but not categorized on APL
Some facets of PIV system biometrics are not addressed by FIPS 201 standards, except to say that they are required. While FIPS 201 identifies strict requirements for background checks to the FBI and OPM that require biometric verification, these elements are not detailed in FIPS 201 and thus are not categorized on the APL. This is because there are well-established procedures for fingerprint image compression, quality and data formatting that are addressed by legacy standards and certification programs (e.g. the FBI’s “Appendix F” image quality certification for fingerprint scanners, and the ANSI/NIST ITL-1 2007 standard for background check file formatting).
Putting the pieces together: the NASA PIV system lifts off
NASA was well-prepared for HSPD-12, deploying an operational pilot system with approved products more than six months before the pending October 2007 deadline. Like many agencies NASA already had an identity management system, a card management system, and a fingerprint background check submission system in place. The agency was issuing employee ID cards well before HSPD-12 was announced.
While PIV imposes new standards for card issuance procedures, physical card properties, data formats, and interfaces, it is the introduction of biometrics for identity verification that is perhaps the most disruptive to an agency’s legacy systems … and NASA’s is no exception. NASA’s identity management and card issuance systems had operated completely independently from its fingerprint background check system, so the introduction of biometrics to the identity system enrollment process provided a strong incentive to combine these functions in a single enrollment station. The FIPS 201 requirement to use the same biometric for background check and for generation of minutiae templates to be stored on the ID cards, solidified this need.
NASA designed an architecture that would utilize the same registration workstation for both PIV enrollment and background checking. A new registration workstation collects biometric images and biographic data for both functions during a single enrollment session. This workstation includes products from several APL categories to perform multiple tasks, including a pre-enrollment search of the IDMS, ten-fingerprint auto-capture, facial image auto-capture, and biographic data collection and formatting for the PIV card and the fingerprint background check.
A new central server was installed, used to a) aggregate all enrollment traffic from all of the geographically distributed enrollment workstations, b) prepare data for card personalization, archival, and enrollment or update in the IDMS, and c) forward background check files to the legacy background check server. The flexibility and functionality of this central server helped facilitate this modular “overlay” upgrade that achieves PIV compliance in a way that substantially mitigated the risk and costs of a broader modification of their existing systems.
This video clip illustrates an example of a PIV biometric enrollment application utilizing products from the GSA’s Approved Products List. (Video will open in new window.)
ImageWare selected by Veterans Affairs to implement biometric identity management
The U.S. Department of Veterans Affairs (VA) has selected ImageWare Systems to provide the VA with large-scale, agencywide biometric identity management capabilities and enable the agency to produce Personal Identity Verification (PIV) credentials in support of Homeland Security Presidential Directive 12 (HSPD-12). This deployment is considered one of the largest to date.
Read the full article at SecureIDNews.com.
Microsoft applies for patent on biometric enabled ad delivery
Microsoft has filed for a patent for use of biometric identification as a precursor to customized ad delivery. An article in InformationWeek says the patent application covers systems, “to determine the identity of someone watching a display and deliver personalized ads to that person. Identification could come from biometric sensors, cameras, or more traditional login methods. A computer would then evaluate information that has been tracked about the person and the content and present a personally relevant advertisement.”
Read the full article at www.informationweek.com.
SafeNet chosen by Security Biometric Clearing Network to provide security for Registered Traveler program
SafeNet has been chosen by the Security Biometric Clearing Network (SBCN) to secure and support the Transportation Security Administration’s (TSA) Registered Traveler program. SBCN provides the security and biometric services of the TSA’s Registered Traveler system. The Registered Travel program was set up by the TSA to allow passengers to voluntarily submit to a government screening process. Once approved, passengers can take advantage of an expedited screening process at participating airports. SBCN wanted the highest level of hardware security available in order to protect the information on America’s transportation system and the identities of travelers participating in the Registered Traveler program, and SafeNet has been selected to provide that.
SafeNet Chosen by Security Biometric Clearing Network to Provide Products and Services for the Transportation Security Administration’s Registered Traveler Program
SafeNet Hardware Security Modules Guard Information and Identities of America’s Travelers
BALTIMORE–SafeNet, Inc., a global leader in information security, announced today that it was chosen by Security Biometric Clearing Network (SBCN) to secure and support the Transportation Security Administration’s (TSA) Registered Traveler program.
SBCN provides the security and biometric services of the TSA’s Registered Traveler system. The Registered Travel program was set up by the TSA to allow passengers to voluntarily submit to a government screening process. Once approved, passengers can take advantage of an expedited screening process at participating airports.
In order to best protect the information on America’s transportation system and the identities of travelers participating in the Registered Traveler program, SBCN required the highest level of hardware security available. SBCN selected SafeNet to provide a key management and cryptographic acceleration solution that featured government certifications, scalable performance, role-based access control and role separation to protect the chain of custody and provide non-repudiation of sensitive transactions.
“SafeNet stepped up when we needed a partner. They provided a quality product, the real world experience and excellent customer service to SBCN. They listened to us to get an understanding of what we wanted to accomplish and then worked with us to achieve our goals. The level of service continued after deployment. They are a true partner,” said Patrick J. Osborne, CIO, SBCN.
SafeNet Luna Hardware Security Modules (HSMs) were used for the most secure root key protection, XML encryption, SSL acceleration and encryption, and other application-specific purposes. SafeNet network attached Luna SA HSMs were chosen to provide high-availability to meet defined service level agreements and performance requirements. This architecture provides scalability for future performance needs as the system grows.
SafeNet’s Security Consulting Services helped to reduce future maintenance and administrative costs by documenting precise procedures for on-going system maintenance and disaster recovery. The scalable design of the solution will allow SBCN to easily upgrade capacity as demand increases without interrupting service.
SafeNet HSMs and Security Consulting Services helped SBCN deploy a multi-tiered Certification Authority (CA) in less time than it would have taken to outsource it, and at a lower cost, all while meeting the strict security requirements imposed by the TSA.
For more information, click on http://www.safenet-inc.com/products/pki/index.asp
About SafeNet, Inc.
SafeNet is a global leader in information security. Founded more than 20 years ago, the company provides complete security utilizing its encryption technologies to protect communications, intellectual property and digital identities, and offers a full spectrum of products including hardware, software, and chips. UBS, Nokia, Fujitsu, Hitachi, ARM, Bank of America, NetGear, the Departments of Defense and Homeland Security, Adobe, Samsung, Texas Instruments, the U.S. Internal Revenue Service and scores of other customers entrust their security needs to SafeNet. For more information, visit http://www.safenet-inc.com.
About SBCN
Security Biometric Clearing Network (SBCN) operates the largest civilian clearinghouse in the nation, processing both Criminal History Record Checks (CHRC) and name-based background vetting requests for TSA and the aviation community. Additionally, SBCN serves as the Central Identity Management System for the U.S. Registered Traveler program.