Slashdot Mirror

← Back to Stories (view on slashdot.org)

Would a National Biometric Authentication Scheme Work?

Posted by Soulskill on from the i-am-who-eye-am dept.

Ian Lamont writes "The chair of Yale's CS department and Connecticut's former consumer protection commissioner are calling for the creation of a robust biometric authentication system on a national scale. They say the system would safeguard privacy and people's personal data far more effectively than paper-based IDs. They also reference the troubled Real ID program, saying that the debate has centered around forms of ID rather than the central issue of authentication. The authors further suggest that the debate has led to confusion between anonymity and privacy: 'Outside our homes, we have always lived in a public space where our open acts are no longer private. Anonymity has not changed that, but has provided an illusion of privacy and security. ... In public space, we engage in open acts where we have no expectation of privacy, as well as private acts that cannot take place within our homes and therefore require authenticating identity to carve a sphere of privacy.' The authors do not provide any suggestions for specific biometric technologies, nor do they discuss the role of the government in such a system. What do you think of a national or international biometrics-based authentication scheme? Is it feasible? How would it work? What safeguards need to be put in place?"

15 of 178 comments (clear)

  1. I'm wondering by taustin · · Score: 4, Insightful

    . . . if there's a biometric "authentication" method that hasn't been cracked in the real world in ways that would be easy for the average clever crook to duplicate for a trivial amount of money. Fingerprint scanners are trivial - Mythbusters fooled a brand new, state of the art door lock with a xerox of a fingerprint, by licking it. Retina scanners have been cracked, facial recognition software is a joke with no punch line. What else is there?

    And once a system has been cracked, it is totally useless, since you can't change your "password" on biometric stuff.

    1. Re:I'm wondering by dgatwood · · Score: 4, Insightful

      MythBusters did a test of several of these devices. None were particularly hard to beat, including some that were supposed to be....

      Even now, the best form of authentication is a human standing there looking at your driver's license, deciding whether it is real or not, then comparing the photo. The only thing that would be significantly better and more accurate would be a system in which you would swipe a driver's license and it would contact the DMV and bring up a digital copy of that license for comparison purposes. Anything beyond that---particularly biometrics---is more likely to weaken, not strengthen security as people will tend to believe what some biometric reader device tells them over what they see with their own eyes 99 times out of 100.

      --

      Check out my sci-fi/humor trilogy at PatriotsBooks.

    2. Re:I'm wondering by Daniel_Staal · · Score: 5, Insightful

      Which totally misses the point. Which is why? What problem are they trying to solve? What possible problem is worth the cost of those in power having a way to track every individual of any age anywhere in the country?

      --
      'Sensible' is a curse word.
    3. Re:I'm wondering by NeutronCowboy · · Score: 3, Insightful

      Nevermind whether the scanner has been cracked. What happens if you lose your biometric password, or it gets mangled beyond recognition? I suspect they'll scan multiple parts of your body (ten fingers, 2 eyes, voice) and will accept a majority of successes as opposed to only 100% of successes. But there still will be some poor sap who lost the majority of his fingers in a wood chipper accident, and had both eyes affected due to glaucoma or retinal sunburn. Now he comes down with a cold. What's gonna happen? He won't be able to authenticate?

      What worries me the most about biometric IDs is the idea that somehow, biometrics never change. I expect that there will be no process in place to change the biometrics, or that the process will be so impossible as to be the same as having no process. And if the process to change your biometric passwords is easy, why use them instead of just a regular picture ID?

      This stuff might work in specific situations, where outliers are rare, and relationships between the scanners and scannees close enough to make fixes easy. But I can only see nightmares if this gets implemented on a national level.

      --
      Those who can, do. Those who can't, sue.
    4. Re:I'm wondering by Anne+Thwacks · · Score: 3, Insightful
      Thanks to the modern miracle of SQL Injection, and similar high power technologies, any amount of fraudulent records can find their way into the database, while the legitimate ones leak out. If the UK government has anything to do with it, all the data will be available for a moderate price in Moscow, Lagos and Bangalore within days of the system going live.

      In short, the people with most to gain from this are the criminals, who will have a really cheap, simple and reliable way of proving they are who they are not.

      Meanwhile hoards of old ladies will be hauled of to jail "But officer, I thought it was my ID card - I realise now it was my library card/son's ID card - if you just let me go home, I can get my ID from the draw by the bed where I always keep it!"

      You biometric database is exactly as secure as the PHP written by school leavers who lied on their CVs that protects it.

      --
      Sent from my ASR33 using ASCII
  2. absolutelly! by rucs_hack · · Score: 3, Insightful

    Yes of course it would work!

    Everyone knows that bad people are entirely willing to be completely honest, so obviously a system like this would mean we would know everything about them, and could stop all evil in the world.

  3. Private Sector by kid_oliva · · Score: 3, Insightful

    It sounds interesting, but I am not for governmental control or involvement. Most here believe less government is better government. Why would we want to involve an entity that can't even balance a checkbook get its hands on something this complicated. I'm sorry but I don't see George W, Hilary Clinton, Barack Obama, or John McCain doing an adequate job at all except to hose it up and force regulation and compliance. Our current issues will not be solved with this. They will only take on a new twist.

    --
    I eat Karma for breakfast, lunch, and dinner. That's why I don't have any.
  4. Oh no, not this again. by inviolet · · Score: 5, Insightful

    Biometrics is inherently flawed as an authentication system, because biometrics is a password you can't change. Once someone gets your password, or at least the numerical representation of it such as could be lifted from a compromised reader or database, you are toast. How are you going to change your retina scan to something new?

    And never mind the demonstrated hackability of all but the premium readers.

    Biometrics sound great at first blush, and to the common voter they seem foolproof, so this fad will get worse before it will get better. In fact, the authentication issue may have achieved the level of complexity as the net-neutrality issue, such that Joe Registered Voter cannot possibly understand it (even if he is the rare sort to spend an hour googling it before forming an opinion).

    Meanwhile, text passwords plus certificates (where 'certificate' could be a smart card, or your cellphone's IMEI, or whatever) is still the answer for security. It's awful, to be sure, but it's much less awful than biometrics.

    --
    FATMOUSE + YOU = FATMOUSE
    1. Re:Oh no, not this again. by QuantumG · · Score: 4, Insightful

      People continue to confuse identification with authentication.

      http://wordnet.princeton.edu/perl/webwn?s=identification
      http://www.google.com.au/search?hl=en&q=define%3Aauthentication

      Biometrics are good for identification.. they replace your "login", not your "password".

      --
      How we know is more important than what we know.
  5. The article misses the point of anonimity by MyNameIsFred · · Score: 5, Insightful

    ...The debate over Real ID and sensitivity to creation of any form of national ID reveal a fear that anything that identifies us to others will intrude on privacy . This has led to a preoccupation with forms of ID rather than the fundamental question of how we can reliably identify ourselves to each other....
    This quote suggests that they miss the whole point of the debate over Real ID. I would argue that the main point of the opposition to Real ID was to oppose anything that make it easier for the government to reliably ID us.

    ...While anonymity implies privacy, it does not confer it. We delude ourselves into thinking we have privacy if the person next to us doesn't know our name...
    Again this misses the point of the Real ID debate. While making it difficult for the government to ID does not prevent them from IDing us, it helps. It also helps prevent the government from retaliating against protesters. It does not prevent it, but makes it harder. That is why protesters frequently cover their faces. That is why protesters want to make it difficult for the government to track their travels.

    Even the courts have found that anonymity is important component of freedom of speech. (Along with freedom of association.).
  6. Re:It would work to... by jamstar7 · · Score: 4, Insightful

    This would do a lot of things. It would a) keep tabs on anyone who was not american (potential terrorists!) b) keep tabs on problem individuals c) increase national security, because sex offenders could be tracked (and given poor service when they're trying to access govn't services.

    Why does all this scare me? Is it because I could be classified a 'problem individual' based on my political leanings? Is it because the Executive Branch reserves the right to pull American citizenship at will? Is it because even the Russians know the best way to deal with a recalicrant individual, no matter what his power base, is to tar him as a sex offender?

    My other question is of course, if I'm out and about, living my life in a lawful manner, why should the government care about me?. Police aren't there to arrest the lawful, they're there to arrest the criminals after commission of a crime. Where is the mandate to surveil everybody in sight waiting for them to commit a crime?

    --
    Understanding the scope of the problem is the first step on the path to true panic.
  7. If this fails by bob.appleyard · · Score: 3, Insightful

    It doesn't matter how strong your security system is, it will fail. What happens when it does? I can't get a new $BodyPart if some fraudster spoofs it.

    --
    How dare you be so modest!! You conceited bastard!!
  8. Who Watches The Watchers? by softwaredoug · · Score: 4, Insightful

    Who is to be trusted with by biometric data? Who would have access? How would the software/authentication work? Who will write the software? Is it going to be proprietary? Will it be enabled in voting machines? Why should I trust the government agency/subcontractor to do all this correctly? It seems that whoever controls this biometric data would have A LOT of power, especially if its integrated into every little device out there. Consider the potential lack of transparency in, say, an election. Could some government employee, maybe just above the average capabilities of a TSA employee, tamper with election results? Also, if my biometric info is linked to my credit card, how hard would it for that person to go on a shopping spree. How could I prove it wasn't me? The whole thing wreaks...

  9. Re:It would work to... by fyngyrz · · Score: 5, Insightful

    The premise of the article - or at least the blurb - is wrong. It makes the claim we "have no expectation of privacy in the public space." But we do. Ever want to take a road trip to some town where no one knows you, just to get away, do some shopping, have dinner, watch a show, without having to deal with people who know you? Ever enjoy the feeling of being out, alone, in an unfamiliar city?

    How's that going to sit when the desk clerk looks you in the eye as you walk up and says, "How you doing, Mr. LeParanoid, and how's that appendectomy scar healing up? Wife happy about that diamond necklace you bought last week?"

    Or gives you a steely look because you're on The Sex Offender List (because you had the temerity to have sex with someone 3 days over some arbitrary line, or perhaps you pissed in a bush somewhere) and proceeds to treat you like a criminal as soon as your RF-enabled ID gets in range of his LittleDictatorsConsole(tm)? Sure, you can add biometrics to it so he's sure you're a sex offender or other malcontent antisocial. That'd all be real good, wouldn't it? After all, in this society, onece you're a criminal, you're permanently low class, you can't make up for it.

    This whole ID mania needs to go away. It is a sign of a pervasive sickness among the rulers of this society. It is not a solution, or a potential solution, to terrorism, or any other problem we face.

    --
    I've fallen off your lawn, and I can't get up.
  10. Re:It would work to... by profplump · · Score: 4, Insightful

    Authentication does not necessarily mean that those around me know who I am. Take a credit card transaction as an example -- the credit card company wants to know that I'm an authorized user of the card I hold. The merchant wants to know that my credit card company will pay them on my behalf. But the merchant doesn't have any fundamental interest* in knowing who I am -- only the credit card company does. So if I authenticate to the credit card company, and the credit card company authenticates to the merchant, we can all feel safe, and I can remain anonymous with respect to the merchant.

    It's certainly possible to design the system to provide strong authentication for a variety of purposes without compromising privacy or even anonymity. Whether or not anyone will bother to do that/allow that to happen is debatable, but you shouldn't necessarily relate the ability to authenticate with an inability to provide privacy.

    *I know they might like to know who I am for marketing purposes and whatnot, but they have no interest with respect to conducting a safe and reliable financial transaction.