Slashdot Mirror

← Back to Stories (view on slashdot.org)

Iris Scanners in Canadian Airports

Posted by Hemos on from the minority-report-where-are-you dept.

Ian_Bailey writes "The Toronto Star is reporting that the first biometrics (Iris-scanning specifically) devices in airport will be in place in Toronto and Vancouver starting in March. These devices are meant to speed-up the check-in process for frequent travellers, without compromising security. It is stressed that privacy advocates have nothing to worry about, because they are completely voluntary and cannot be used to scan without a person's knowledge, but there is a brief note about using it in the future for staff."

12 of 186 comments (clear)

  1. Canada is not the first? by VladDrac · · Score: 5, Interesting

    As far as I know, schiphol airport has had irisscans for a while now. See for example this article

    1. Re:Canada is not the first? by JaredOfEuropa · · Score: 4, Informative

      The article does mention Schiphol. The interesting thing to note is that Schiphol uses these devices to speed up passport control, not check-in or customs. For a fee, travellers can sign up for this program and bypass passport control completely. The scanner is placed next to the passport control booth so the officers can keep an eye on it, to help people resist the temptation to just hop over the barrier.

      --
      If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
  2. But I wear contacts! by Crazieeman · · Score: 5, Funny

    If I take them out, they'll Xray those too, and I never had to look for a lost contact on an Xray belt before, the floor is bad enough.

  3. Okay, I'll bite. by Fat+Casper · · Score: 5, Insightful
    And this makes things safer how?

    "We've used the latest in biometric technology to confirm that the passenger manifest is accurate. You are cleared for takeoff."

    --
    I spent a year in Iraq looking for WMD and all I found was this lousy sig.
  4. Transmission of eye disease by kcelery · · Score: 4, Interesting

    My friend contracted an eye-disease when he used a telescope, one of those peek-a-minute-for-a-quarter machine. We suspected that his eye-lash came in contact with the bacteria left by the previous patient.

    His red-eye recovered in a week after medication.

  5. Thanks Goodness for Privacy Advocates... by Anonymous Coward · · Score: 5, Insightful

    So long as it's a voluntary system, that's a great system and I applaud it.

    One potential problem becomes what's "voluntary" soon becomes mandatory. We might as well learn from history. Two specific examples from US history:

    (1) The Social Security Number was ~never~ supposed to be used as any kind of central identification number. Now, no one knows who I am without it. I would gladly dump my social security "promises of benefits" to not have a social security number.

    (2) [More recent] To get a driver's license in the state I moved to, I had to give a thumbprint. I've never had fingerprints taken before in my life.

    Are we safer as a result? All I know is that now my identity can be more easily tracked by central governmental organizations and those with sufficent access privileges, despite my wishes.

    Technology is a tool, not a solution. Just like a hammer, it can be used for much good, but it's easy for those in power to convert it into something pretty sinister.

  6. My concerns with biometric "passwords" by johnburton · · Score: 5, Insightful

    My concern with all of these schemes is that if someone gets hold of your biometric data it may be passible to spoof the device in some way. At least with a password you can change your password if someone gets hold of it, but with these schemes, if someone gets hold of your data there is nothing you can do about it. Probably not an issue for this application, but I see it suggested for things like ATM machines or access to building (where swipe cards are used now) where they are used unattended. I expect that if these devices become widespread then someone will build a device to spoof them. and once someone has got hold of your data there is nothing you can do about it

    --
    Sig is taking a break!
  7. These things are notoriously poor by potcrackpot · · Score: 4, Informative
    Biometric eye-scanners are notoriously bad at recognising people, and very inaccurate. This article (about a trial of fingerprint-, iris- and face- scanning technology) quotes such figures as 47% accuracy!
    The system struggled to identify people if there were wearing spectacles, if the lighting was wrong or if they moved their heads too much.

    Apparently, people could fool face-scanning systems (yes, I know they're different) with photos or video images. It doesn't actually say how to fool iris-scanners - but suggests that the trial wasn't convinced of their greatness.

    Still, at least they're not going to use fingerprint scanners at the airport as they think they're too easily fooled - the BBC article reckons you can fool those by breathing on them.

    I'm not sure whether this kind of security is best placed in an airport - fine for lower-risk security such as getting into your office block, or maybe even for your home burglar alarm - but at an airport with (potentially) massive numbers of subscribers to the system - sounds like a poor idea.

  8. let's see... by huge · · Score: 4, Funny

    Everyone who has seen the "Demolition Man" knows how to bypass these things...

    --
    -- Reality checks don't bounce.
  9. Schiphol system works but it�s unsafe by ginkelb · · Score: 5, Informative

    Sure we are using the irisscan program on schiphol airport to bypass customs.

    There is however an security risk with this system that can not be solved by placing the scan equipment next to a security officer.

    The scan of the iris is kept on personal digital medium and not on a central server due to privacy laws in holland. When a visitor arives he presents the machine with his card, look into the camera and the machine verifys that the presented iris is the same as stored on the card.

    The problem with this is obvious. Hack the card, upload youre own scan and you can get access while using the name of someone else.

    Sure privacy issues arise when you store the irir scans on a central server and only present the machine with youre identity. But untill you do it that way youll never get a really secure system.

    Greetz,
    Bas

    --
    Real programmers don't document.
    It was hard to write so it should be hard to understand.
  10. Uhhhhhhhhh?!? by JaredOfEuropa · · Score: 4, Interesting

    I can hardly believe this... Presumably the machine uses some private key, but once that is hacked, people could create their own cards... it would be as secure as a black&white passport on plain paper: everyone could print their own on their laserprinter at home.

    --
    If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
  11. Are smart cards and key pairs the answer? by Neil+Watson · · Score: 5, Insightful
    I'm no expert on cryptography. What if you had a smart card. You program that smart card generating an expirable key pair. You get the private key (burned onto the card) and the government gets the public key. Your private key has a "passphrase": your retina print (which never needs to be stored).

    Now, to prove you are who you say you are you swipe the card. You private key is compaired to your public key and verified.

    Every six months, your key pair becomes invalid and you generate a new pair.

    --
    UNIX/Linux Consulting