Slashdot Mirror
A Wrinkle For Biometric Systems: Irises Change Over Time
scibri writes "The iris scanners that are used to police immigration in some countries, like the UK, are based on the premise that your irises don't change over your lifetime. But it seems that assumption is wrong. Researchers from the University of Notre Dame have found that irises do indeed change over time, enough so that the failure rate jumps by 153% over three years. While that means a rise from just 1 in 2 million to 2.5 in two million, imagine how that will affect a system like India's — which already has 200 million people enrolled — over 10 years."
So then how is The Gap in the future going to remember my preference for assorted tank tops?
if you were fucking over 0.0000005 of your population already to no significant protest, why would anyone care if you are now fucking over 0.00000125 of your population?
any statistical system should serve only as a first alert; and any positive found thereby should be carefully evaluated by more thorough and human measures.
"They were pure niggers." – Noam Chomsky
You already have to update passport and drivers license photos ever few years why would it be difficult to update the iris scan to increase accuracy?
EA David Gardner -"... but the consumers have proven that actually what they want is fun."
One in a million instead of one in two millions. I guess it would still not overload the average office clerk to double check that many people. Yes, it would be a nuisance, but a minor one.
Don't get me wrong, I'm not really a fan of biometrics, but I guess we'd have to come up with a better reason than one of statistical insignificance. Likewise you could say inoculations are bad because one in a million develops a rash so let's toss it altogether.
The only thing that I can take from this is that officials should be informed that a negative on a biometric scan is NOT necessarily a proof that the person is not who he claims to be.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Why not simply use a database to store the scan, and to compare the current scan, and replace with the current scan if it is considered a match? Then the issue is gone. Replaced by other IT issues, I suppose. But still...
Just make sure you stop at all the checkpoints frequently enough that we can keep our records up to date.
Unless you are going 6 months without being scanned, and assuming these changes are fairly linearly progressive and not abrupt, it wouldn't be hard to just update the database with the changes based on an allowed variation over time if multiple scanners are registering a change.
If there is anything wrong with biometric scanning it isn't this.
India, not Indiana. Easy mistake to make.
Iris scanning is NOT used to police immigration in the UK. It was a failed experiment and people are no longer able to register their eyes. Any idiot passing through immigration at Heathrow or Gatwick could see it was taking the biometric people longer, even though there was no queue.
...has been known for centuries. Biometric do not work like stupid politicians want it work.
Non sequitur. Just because the iris changes doesn't say it tells you something about your health status. The planets indeed move, does that validate astrology?
The Tao of math: The numbers you can count are not the real numbers.
The usual assumption is that "biometrics" do not change and that they will accurately and precisely uniquely identify an individual for as long as s/he lives, and beyond. Think about that for a minute. Then consider that this assumption is only now starting to be challenged with those who assumed they could rely on it, while lots of governments the world over are busily taking biometrics from anyone with suitable biometrics to take. The US and its border "controls" are a good example, but so are, well, India, China, all of the EU, and so on. Crank up that brain, o smart slashdot reader. This assumption is false, as has been readily demonstrated, for just about every conceivable biometric. Yet it is an assumption that is still being made.
And then you add a comment here full of assumptions. Check them at the door, please. What's wrong with biometrics is that there are false assumptions at every level. Your comment here is a good example. Explaining why left as an exercise.
The tolerance is already set so loose that it only fails to approve the person 1 in 1 million times. It isn't the error rate, it's a reflection of the *wide* error tolerances set.
They did the same trick with the facial scanners, they rejected too many people when trialed at UK airports, so they 'recalibrated' them until they rejected only an acceptable number of people. Where 'recalibrate' is really just increasing the error margin till the reject rate is low enough that the last labour government can justify the purchase price.
Here they've set the iris scanner to only reject 1 in a million, and now it has to be set 3 times looser to reject 1/3rd of 1 in a million in order to keep the reject rate low enough so that it will still be that low after 3 years.
Oh, and one little side effect of these biometrics is that now have to get our passports updated every 5 years instead of 10, making any cost saving at the expense of the passport holder.
Biometric stuff invades our privacy.
But still: does the detected error rate increas matter?
We do not *identify* people via the iris scan, or do we?
If we just match a person to his/her's passport the error rate is insignificant.
Retina scans probably suffer from less changes and would be a better choice.
As for privacy: Retena scans are FAR more privacy friendly than fingerprints or DNA. We don't go around leaving our eye prints all over the place. And it is far more difficult to obtain them clandestinely.
I have no background in medicine, but that doesn't change the fact that I know both disease and injury can cause drastic changes to the iris. I found out the bit about disease via a news story about a little girl who's cancer was discovered after her picture was posted on facebook (possibly another social networking site - I'm too lazy to google it right now, if you wanna know more, google is your friend). Researching my own eterochromia iridum, i read that this can be caused by a blow to the head.
do the people who design these systems bother learning about the anatomy and mechanics of the eye?
The company I work for uses biometric security. The readers we use know that biometrics change over time and automatically update their databases every time you use the system (using some secret time weighted algorithm) .
You can set a threshold for the change/deviation/etc (in some people it changes more often than others). Our system only uses biometrics for authentication, not identification (that is, the biometrics confirm your ID, the biometrics are NOT your ID).
No kidding. Our bodies change over time, who would have ever thought?
Even our very DNA can change due to radiation..
---- Booth was a patriot ----
Guess our bodies are just complying with the company rules to periodically change our passwords.
"... assuming linear progression(?)" Why the fuck would you do that? It's like depending on genetic mutation to advance the evolution of your species; it's s l o w and a h a p h a z a r d method of improvement. But if your customers don't think about it, at least it keeps you in the game and billing.
TFA reads: "But Bowyerâ(TM)s view is that it comes down to an incorrect and optimistic assumption made at the outset of iris biometrics."
Do you also *assume* that there's job security in kludge hopping?
What iridology does tell you is that people noticed changes in irises decades ago. And they do change a lot and quite quickly in a noticeable number of people with medical conditions, eye irritation, trauma, etc., etc. The researchers at Notre Dame needed to walk across the quad and get some feedback from ophthalmologists before they published.
Face changes; A picture taken over 10 years ago is significantly different that mine today.
Fingerprints change; scars, acids, growth all cause fingerprints to change significantly.
Signature; My signature is rarely the same twice.
I just love it when a sensationalistics statistic is used. The article states a 153% increase in failure rate. How about you look at the pass rate; it would decrease from 99.99995% to 99.999875. That is a decrease of 0.000075%. That change is pretty insugnificant.
Sensational statistics, bring more cash in the drawer; how else are they going to adapt all these machines for their 0.000075% off-tolerance ? :)
--- I am known for the ones who want to find me on the net. Is that a privacy risk or a privilege? One might wonder..