Slashdot Mirror

← Back to Stories (view on slashdot.org)

UK To Start Biometric Passport Trials

Posted by timothy on from the wait-til-they're-mandatory-all-the-time dept.

pearljam145 writes that the "UK is planning to test biometric passports that will include face and iris or fingerprint recording and recognition for a 6 month period on 10000 volunteers. Read here for more details. A face recognition chip is going to be the primary biometric and iris or fingerprint scanning will be use as a secondary biometric. However face recognition might not be the perfectly viable solution since it has produced too many false positives in the past. Face recogntion to this date is not robust enough to support real time recognition in a crowd (more failures?). Only with cooperation of the subject does this system produce good results. So will face recognition join fingerprint and iris recognition in a long list of obtrusive recognition techniques?"

4 of 153 comments (clear)

  1. Biometrics are bad because... by Anonymous Coward · · Score: 5, Interesting

    Becuase you can change your password a whole lot easier than you can change your DNA.

    The flip side of not being able to lose or forget your biometrics is that you can't change it when it gets stolen. And, yes, people will find ways to spoof biometric authentication schemes into believing that they have your data. Whether it's fake fingerprints, or (more likely) some sort of data hack that sendst the computer the right bitstream for a given person's biometric data, once yours is gone, you're just hosed forever.

    If your password or PIN gets stolen, you can make a new password, or get a new ATM card and a new PIN, and cancel the old ones. Once your biometric info is stolen or spoofed, you have the choice of cancelling it and not being able to authenticate anywhere, or just accpeting that your identity is stolen and will stay stolen.

    Biometrics are great if *combined* with a password. But by themselves, they're foolish for strong authentication. Just because your fingerprints are on your hand doesn't mean that there isn't a pattern there that could be stolen and stored somewhere by bad actors.

  2. biometrics problematic for some by webwench_72 · · Score: 5, Interesting

    It's a long story, but I don't have stable fingerprints; scarring interferes with them. Any time I've needed a fingerprint check (for example, my concealed-carry permit), it was problematic producing 'acceptable' fingerprints in the first place, and thereafter difficult to match current fingerprints to old ones. Although this could make me a great secret agent or something, I'm going to have trouble if any future employer of mine moves to simple fingerprints biometrics as a means of identification.

    --

  3. The rich and famous... by LordK3nn3th · · Score: 5, Interesting

    How will this effect movie stars and other famous people such as Michael Jackson? People who alter their faces like I change my socks will obviously be having problems.

    On a more serious note, how does this effect people who are the result of severe burns, car accidents, plastic surgergy, radioactive mutations, aging, etc? Obviously if someone's face is altered they will have some problems.

    --

    ---
    Never criticize religion on Slashdot. You will be modded down for "Troll" no matter how factual it is.
  4. On Fingerprints and other biometrics by Net+Spinner · · Score: 5, Informative

    Read an interesting take on biometrics in the last Cryptogram that Schneier puts out. If you think about it, biometrics really have NO positive impact on actual security. They're more of a placebo for the average non-security minded person. This is precisely why you see a great deal of hype around them and very little real security. Government officials, last I checked, aren't the most savvy people in the world. Especially the ones who graduated last in their class...

    Blurb out of the Cryptogram:

    "So it is our opinion, that as long as the manufacturers of fingerprint equipment do not solve the live detection problem (i.e. detect the difference between a live finger and a dummy), biometric fingerprint sensors should not be used in combination with identity cards, or in medium to high security applications. In fact, we even believe that identity cards with fingerprint biometrics are in fact weaker than cards without it. The following two examples may illustrate this statement.
    1. Suppose, because of the fingerprint check, there is no longer visual identification by an official or a controller. When the fingerprint matches with the template in the card then access is granted if it is a valid card (not on the blacklist). In that case someone who's own card is on the blacklist, can buy a valid identity card with matching dummy fingerprint (only 15 minutes work) and still get access without anyone noticing this.
    2. Another example: Suppose there still is visual identification and only in case of doubt--the look-alike problem with identity cards--the fingerprint will be checked. When the photo on the identity card and the person do not really match and the official asks for fingerprint verification, most likely the positive result of the fingerprint scan will prevail. That is, the "OK" from the technical fingerprint system will remove any (legitimate) doubt.
    It is our opinion that especially the combination of identity cards and biometric fingerprint sensors results in risks of which not many people are aware."

    Full article is here:
    http://www.schneier.com/crypto-gram-0311.ht ml

    --
    Karma: The only way to win is not to play.