Posts Tagged ‘ e-passports ’

Black Hat: System links your face to your Social Security number and other private things

Aug 15th, 2011 | By | Category: News

Soon it will be practicable to take someone’s photo on a smartphone and within minutes know their Social Security number and a range of other private data like their personal interests, sexual preference and credit status, researchers will tell the Black Hat security conference

Aug. 3, 2011 (1:35 pm) By: Jennifer Bergen

Soon it will be practicable to take someone's photo on a smartphone and within minutes know their Social Security number and a range of other private data like their personal interests, sexual preference and credit status

The annual Black Hat security conference is in full swing right now in Las Vegas. The conference, which started on July 30 and goes to August 4, is the place to be for security researchers to discuss and learn about different types of security vulnerabilities seen in almost every area of technology. One area of security that touches close to home for everyone is the privacy of our personal data being linked to our faces. Specifically, information can be linked to your face and made available to anyone who snaps your picture with their smartphone camera.

With major companies like Apple offering face detection APIs to developers in iOS 5, the method of taking a picture and having a database recognize the person’s face is available, and over the years, it will only get more and more advanced.

This privacy-invading technology is what Alessandro Acquisti, a professor at Carnegie Mellon University, will present at the conference on August 4. Acqusiti’s study uses three different technologies, including cloud-computing, facial recognition, and public information that can be found via various social networks. The technology would allow the user to see information about the person, in addition to the social security number, like sexual orientation, credit ratings, and personal interests.

Acquisiti says the point of the technology is to show that it’s something that’s already available, which means digital surveillance will only get better as technologies improve. He told Network Wold that “this and fear is the future we are walking into.”

The presentation is based on research that he and his team conducted. First, the team was able to identify people on an online dating site where members use aliases as identification. To do this, they looked at a person’s Facebook profile photo and compared it using PittPatt face-recognition software. They were able to identify other photos of the same person in the dating service database, and once the software made a match, the team looked at the photos to see how close of a match it was.

It’s not perfect yet, as the software ended up only identifying 1 of every 10 people. But, the team said this was actually acceptable number considering that the software only used one profile photo to identify the person. The number may also be improved if they considered Pitt-Patt’s second and third guesses.

The subsequent two experiments identified random people on a college campus (with 33% accuracy) and predicted the first five digits of a person’s social security number. The latter is possible because those digits are based on place and date of birth, both of which are available on many people’s Facebook pages.

The fact that these are all rough technologies that are only going to be fine-tuned in the near future is pretty scary. Facebook had implemented a facial recognition photo-tagging feature a few months ago that made many people upset, but now only lets people in your friends list can use the service. Facial recognition isn’t an immediate privacy threat but as technology improves it will be a way to quickly collect increasing amounts of information in people, using only publicly available data. Partial records could be constructed and then filled out as potential targets are identified.

via Network World



Privacy is vital to freedom from ‘Big Brother’

Jul 17th, 2011 | By | Category: Articles

“Big Brother Is Watching You” was the pervasive punch-line in British writer George Orwell’s classic novel “1984.” Now we know Big Brother is listening too.

Arthur I. Cyr

By Arthur I. Cyr

“Big Brother Is Watching You” was the pervasive punch-line in British writer George Orwell’s classic novel “1984.” Now we know Big Brother is listening too.

Revelations that Rupert Murdoch’s News International Corp. for years has conducted massive hacking into British cell phone information is truly shocking. Alleged targets include cell phones of a murdered young girl and relatives of soldiers killed in action. Britain’s political parties have united in Parliament, an unusual move, to condemn the company.

The scandal includes allegations of police payoffs. An initial police investigation concluded the snooping was a renegade incident targeting only a few individuals.

Murdoch’s political influence in Britain has been enormous. Politicians across the spectrum fear his power to embarrass or endorse, and have assiduously courted his favor.

Orwell, one of the greatest writers of the 20th century, was a committed socialist. Unlike many on the left, however, he had personal involvement with working people, because he was one. He stressed egalitarianism, while warning about the dangers of concentrated power in government as well as corporations.

The Murdoch snooping scandal is particularly grotesque, and may bring down that media empire. However, guarding individual freedom, including privacy, from intrusive power structures inevitably is a challenge.

Other developments in British politics and American business underscore this tension. Britain’s coalition government has wisely repealed a national identity card. A card microchip linked to biometric data encouraged bureaucratic snooping. Amid launch of the latest iPhone, Apple leader Steve Jobs gave particular emphasis to protecting customer privacy.

A wag once suggested that “1984″ was really about 1948, a reference to the Stalinist dictatorships ruling in Eastern Europe as well as the Soviet Union when the novel was published. The Cold War had just emerged, and for many communism seemed the wave of the future.

Intense anti-communism seriously distorted U.S. domestic politics and the wider society intellectuals accused of left-wing views found their careers damaged and in some cases destroyed. Blacklisting of writers became a symbol of this intimidation.

An open economy under the rule of law helps limit abuse. Modern Britain has never had dictatorship, and the effects of Conservative Prime Minister Margaret Thatcher’s “Big Bang” deregulation of the economy were important in facilitating freedom. Her heavy-handed style earned her the sobriquet “Big Sister,” but the reforms were crucial to Britain’s economic recovery and reassertion of international influence starting in the 1980s.

A similar process unfolded in the U.S., beginning in the Carter administration and carried much further by the Reagan administration. The financial crises of the past decade, facilitated in part by deregulation gone too far, overshadow the durable beneficial consequences of this market freedom.

This in turn brings context to Steve Jobs’ statement. Apple last year surpassed Microsoft in total capitalization, a major accomplishment for a firm floundering less than 10 years ago before cofounder Jobs returned. Products that facilitate freedom are now major Apple marketing themes.

Meanwhile, competitor Google has grappled with embarrassing accusations that extensive information on individuals has been collected. For example, Google Earth cars driving through random neighborhoods captured specific data from unsecure wireless outlets in unsuspecting households.

In our fascinating, fantastic global information revolution, institutions committed to following the law and protecting personal privacy, not just profits and power, deserve our support. Murdoch and crew deserve condemnation, and prosecution.

Above all, remember: Big Brother is not watching you.

Not yet.

But he’d like to.

Arthur I. Cyr is Clausen distinguished professor at Carthage College. He is also a columnist for Scripps Howard News Service ( E-mail him at


The FBI’s Next Generation Identification: Bigger and Faster but Much Worse for Privacy

Jul 10th, 2011 | By | Category: Articles

This week, the Center for Constitutional Rights (CCR) and several other organizations released documents from a FOIA lawsuit that expose the concerted efforts of the FBI and DHS to build a massive database of personal and biometric information. This database, called “Next Generation Identification” (NGI), has been in the works for several years now. However, the documents CCR posted show for the first time how FBI has taken advantage of the DHS Secure Communitiesprogram and both DHS and the State Department’s civil biometric data collection programs to build out this $1 billion database.


JULY 8TH, 2011 by Jennifer Lynch


This week, the Center for Constitutional Rights (CCR) and several other organizations released documents from a FOIA lawsuit that expose the concerted efforts of the FBI and DHS to build a massive database of personal and biometric information. This database, called “Next Generation Identification” (NGI), has been in the works for several years now. However, the documents CCR posted show for the first time how FBI has taken advantage of the DHS Secure Communitiesprogram and both DHS and the State Department’s civil biometric data collection programs to build out this $1 billion database.

Unlike some government initiatives, NGI has not been a secret program. The FBI brags about it on its website (describing NGI as “bigger, faster, and better”), and both DHS and FBI have, over the past 10+ years, slowly and carefully laid the groundwork for extensive data sharing and database interoperability through publicly-available privacy impact assessments and other records. However, the fact that NGI is not secret does not make it OK. Currently, the FBI and DHS have separate databases (called IAFIS and IDENT, respectively) that each have the capacity to store an extensive amount of information—including names, addresses, social security numbers, telephone numbers, e-mail addresses, fingerprints, booking photos, unique identifying numbers, gender, race, and date of birth. Within the last few years, DHS and FBI have made their data easily searchable between the agencies. However, both databases remained independent, and were only “unimodal,” meaning they only had one biometric means of identifying someone—usually a fingerprint.

In contrast, as CCR’s FOIA documents reveal, FBI’s NGI database will be populated with data from both FBI and DHS records. Further, NGI will be “multimodal.” This means NGI is designed to allow the collection and storage of the now-standard 10-print fingerprint scan in addition to iris scans, palm prints, and voice data. It is also designed to expand to include other biometric identifiers in the future. NGI will also allow much greater storage of photos, including crime scene security camera photos, and, with its facial recognition and sophisticated search capabilities, it will have the “increased ability to locate potentially related photos (and other records associated with the photos) that might not otherwise be discovered as quickly or efficiently, or might never be discovered at all.”

The FBI does not just collect and store data from people caught up in the criminal justice system;about 1/3 of the data collected and reviewed in IAFIS is from civil sources such as attorney bar applications, federal and state employees, and people who work with children or the elderly. In the past, the FBI has not allowed these records to include photos and has segregated civil records from criminal data. Civil records were also not included in bulk checks for criminal investigative purposes. NGI may take down these barriers, however. There is some evidence to show the FBI is considering including this data in future NGI database searches and, according to the CCR FOIA documents, has already begun to include civil records from DHS and State Department database files such as visa applications, immigration records, and border entries and exits.

So why should we be worried about a program like NGI, which the FBI argues will “reduce terrorist and criminal activities”? Well, the first reason is the sheer size of the database. Both DHS and FBI claim that their current biometrics databases (IDENT and IAFIS, respectively) are the each the “largest biometric database in the world.” IAFIS contains 66 million criminal records and 25 million civil records, while IDENT has over 91 million individual fingerprint records.

Once these records are combined into one database and once that database becomes multimodal, as we discussed in our 2003 white paper on biometrics, there are several additional reasons for concern. Three of the biggest are the expanded linking and tracking capabilities associated with robust and standardized biometrics collection systems and the potential for data compromise.

Already, the National Institute for Standards and Technology, along with other standards setting bodies, has developed standards for the exchange of biometric data. FBI, DHS and DoD’s current fingerprint databases are interoperable, indicating their systems have been designed (or re-designed) to read each others’ data. NGI will most certainly improve on this standardization. While this is good if you want to check to see if someone applying for a visa is a criminal, it has the potential to be very bad for society. Once data is standardized, it becomes much easier to use as a linking identifier, not just in interactions with the government but also across disparate databases and throughout society. This could mean that instead of being asked for your social security number the next time you apply for insurance, see your doctor, or fill out an apartment rental application, you could be asked for your thumbprint or your iris scan.

This is a big problem if your records are ever compromised because you can’t change your biometric information like you can a unique identifying number such as an SSN. And the manyrecent security breaches show that we can never fully protect against these kinds of data losses.

The third reason for concern is at the heart of much of our work at EFF. Once the collection of biometrics becomes standardized, it becomes much easier to locate and track someone across all aspects of their life. As we said in 2003, “EFF believes that perfect tracking is inimical to a free society. A society in which everyone’s actions are tracked is not, in principle, free. It may be a livable society, but would not be our society.”

Unfortunately, biometric data collection is not limited to NGI or even to the legacy DHS, FBI and DoD fingerprint collection programs. The federal government and states have been steadily expanding their DNA collection efforts over the last 10 years as well. Currently all 50 states, the federal government and the District of Columbia collect and share DNA records through the FBI’sCODIS database. At least 15 of those states, as of 2010, collect DNA from defendants convicted of misdemeanor offenses. And as of 2009, under the federal DNA Fingerprint Act of 2005 and several recently-expanded state statutes, at least 21 states and the federal government collect DNA samples from any adult arrested for (not just convicted of) a crime. This has led to an exponential increase in the amount of DNA collected in the United States on an annual basis, with nearly 1.7 million samples processed (pdf Pg8) in 2009, alone. As of 2011, the National DNA Index or NDIS (the federal level of CODIS) contains over 9,748,870 offender profiles, and the states’ individual databases are each expanding as well.

Currently, it doesn’t appear the FBI plans to incorporate the DNA data held by CODIS into NGI. However, NGI has been designed to be flexible and to be able to incorporate additional biometric identifiers as the need arises in the future. This means that we can’t rule anything out. FBI claimsNGI “doesn’t threaten individual privacy,” but the government’s continuing efforts to collect, store and track the biometric data for so many Americans and foreigners cannot bode well for a society that values privacy.



Biometric Identity: The Great Divider

Jul 10th, 2011 | By | Category: News

The use of Biometrics in national identity cards has spliced the globe into two with people in developed nations looking at it as infringement of their privacy and civil liberties, reports Team Inclusion


A debate has been raging in India since Manmohan Singh government broadened the sphere of MNIC (Multi-purpose National Identity Cards) to National Population Register (NPR) appending into it a biometrics-based Unique Identification (UID) number. The opponents of the scheme have accused the central government of snooping into privacy of residents. They fear that the project would prove to be the death of right to privacy implicit in Article 21, which guarantees protection of life and personal liberty. They apprehend that the governmental agencies would misuse the information collected under the project to harass individuals.

The UID-Aadhaar detractors frequently quote the examples of UK, USA and Netherlands, Greece, France and Turkey, which recently scrapped either their identity projects, or use of biometrics on the grounds that they intruded into residents’ privacy. Their argument is that once a person hacks into the UID database, he can gain access to any other database as the UID will be linked with banks, phone companies, Public Distribution System (PDS), ministries, departments, Public Sector Units (PSUs) etc. They fear since many US companies are involved in the project, there is a possibility that Washington will have access to the database. They also fear that the unique identity would encourage identity thefts and misuse.

The project backers on the other hand hope that the linkages of UID with social sector schemes would improve targeting and delivery of services, reduce their cost and provide online cost-effective, ubiquitous authentication services.  Denying that the unique number was a guarantee to rights, citizenship and entitlements, they add that the project would promote financial inclusion as the UID number facilitates opening of bank accounts.

There seems to be a major rich-poor, developed-developing and big economy-small economy divide among the countries when it comes to implementation of the national ID project with people in upper western hemisphere and parts of Europe rejecting their government’s efforts to introduce and store biometrics in a central system.  Countries like United Kingdom, France, Hungary, Netherland, Greece, Norway, Turkey and Ireland in Europe have either not incorporated biometrics in the ID or stopped scanning biometric information.
Similarly in North America and Australia continents, countries like USA, Canada, Australia and New Zealand have kept off the biometrics.  In Asia, China, Japan, Sri Lanka are yet to join the clamour for biometric identity.  Russia and Turkey, the two majors of Eurasia, have also not signed up for the biometrics till now.

Here is a list of international experiments that have taken place in various countries around the globe:

Ironically Europe, which is extremely paranoid about terrorism, is also the one, which leads the campaign against use of biometrics in National ID Cards with Britain, Norway, Netherlands and Ireland having witnessed major opposition to the concept in the past.

Britain in fact seems to have done so many somersaults on the issue that it is never clear whether the ID card is in or out.  The project made its first appearance in UK during World War II when then British government decided to use national ID cards to facilitate identification of foreigners around the same time when Greece and France also introduced the cards.

Persons were required to carry the card at all times and show it on demand to police and members of the armed forces.  And this is what brought its downfall. In 1951 Acting Chief Justice Lord Rayner Goddard ruled that police demanding ID card “from all and sundry” was unlawful leading to repealing of National Registration Act, the law which facilitated issuance of the ID card.

In 1984 and 1998, the UK government put in place a Data Protection Act, which authorised storage of lot of personal information in databases.

The UK Parliament passed Identity Cards Act in 2006 providing linkages of National Identity Cards, a personal identification document and European Union travel document with a database known as National Identity Register (NIR).

Another two years later, then UK Home Secretary Jacqui Smith proposed that web communication be stored by the ISPs and MSPs in a giant database for 12 months. “Our ability to intercept communications and obtain communications data is vital to fighting terrorism and combating serious crime, including child sex abuse, murder and drugs trafficking. Communications data – that is, data about calls, such as the location and identity of the caller, not the content of the calls themselves – is used as important evidence in 95% of serious crime cases and in almost all security service operations since 2004,” she said.i

These anti-civil liberties measures proved to be the undoing of Labour government as two years later Conservatives rode back into power on the same issue. In February this year, the government finally scrapped the identity card scheme, terminated Identity Commissioner and destroyed all information held in the National Identity Register. UK Home Secretary Theresa May declared invalidation of existing cards saying they were ‘intrusive, bullying and ineffective’.

Earlier this month, however, the UK government once again revealed plans for an identity assurance scheme, which will help people access services, related to the Department for Work and Pensions. Under the scheme, private companies will run the accreditation services that verify a person’s identity when they log in to a service online. But this may still not be the last word on the subject.

The current French government has proposed a compulsory biometric card system, which is being opposed by human rights groups.

In Greece, fields included in previous ID card formats, such as vocation or profession, religious denomination, domiciliary address, name and surname of spouse, fingerprint, eye and hair color, citizenship and ethnicity were removed permanently as being intrusive of personal data or superfluous for the sole purpose of personal identification.
The plastic card in Hungary does not have any information about the owner’s residential address, nor his Personal ID. This sensitive information is contained on a separate card, called Authority ID.

Ireland and Norway have felt that ‘very serious privacy issues’ are involved in the biometric identity scheme. Austria has also restricted use of Social Security Number (SSN) to areas of social security, taxes, education and other administrative areas.

Yet many European countries – Belgium, Bulgaria, Denmark, Estonia, Finland, Iceland, Italy, Latvia, Lithuania, Poland, Portugal, Romania, Slovakia, Slovenia, Sweden, Switzerland and Ukraine have introduced a National Identification Number for their citizens.

North America
Like Europe, North America too has serious issues with the use of fingerprints, iris scan for national identity cards with America and Canada, the two major countries of the continent having failed to convince their citizens on the subject.

Americans have resisted quite a few attempts of their government to upgrade Social Security Card to a National ID Card. In 1971 and 1973, the American government was forced to say that National ID card was not desirable. Ronald Reagan and Bill Clinton administrations too preferred not to touch the controversial biometrics.

The 9/11, however, did tamper the opposition to identity card as US Congress legislated Real ID Act of 2005 calling for national digital identification system. The Act amended US federal law pertaining to security, authentication and issuance procedures standards for the state driver’s licenses and identification cards, as well as various immigration issues pertaining to terrorism. Since United States has no national identification card, driver’s licenses have been used as a de-facto standard form of identification within the country.
Real ID Act set 11th May 2008 as compliance deadline for all states. But majority of the states have either applied for extensions of the original compliance deadline or received unsolicited extension. Over half of the states have approved either resolutions or binding legislation not to participate in the programme.

Yet Obama Administration has not quite given up.  It hopes to fund pilot projects on adoption of Internet IDs next year.  The administration’s idea is to have multiple identity providers that are part of an ‘identity ecosystem’.

Although every now and then one hears voices for attaching biometrics to Social Security Card to bring about immigration reforms, so far, the American administration has not succeeded in convincing citizens who back civil liberties and privacy.

Earlier Canadians rejected a proposal for a National ID Card that would require fingerprints and an iris (eye) scan. The Canadians estimated that this system would cost Rs 226 billion for their 32 million citizens and offered no security for the country from terrorists as some experts suspected that even with eye scan the cards could be duplicated.
Mexico, however, is on way to introduce iris scan for all its citizens for identification. It has made a beginning with the city of Leon and Guanajuato.

South America
In South America, the saying ‘what is good for goose is good for gander’ stands on its head, as unlike their counterparts in North America, the countries in down South, appear to have no issues with biometrics. Recently UID honchos from India visited Brazil to learn from that country’s ‘innovative targeting and identification mechanisms for social programmes’.
The government of Brazil is engaged in a nation-wide effort to replace its traditional ID card with a Registery of Civil Identity (RCI) card enhanced with biometric data. The new chip-based identity card stores information about the cardholder’s name, gender, date of birth, photograph, affiliation, place of birth, signature, fingerprint, place and date of issuance and expiration. It uses state-of-the-art technology and is designed to avoid repeated identity registration in different states as well as confusion caused by different people with the same name.

Last year Brazil used biometrics in Presidential election to prevent voter fraud and ballot stuffing.

Brazil’s neighbour and second largest country of South America, Argentina, recently signed up with Cross Match Technologies, a global provider of biometric identity solutions, for deployment of identity management systems throughout the country. Cross Match will provide guidance and expertise in the areas of forensic-quality fingerprint and palm print capture devices, multi-model biometric capture systems, document readers, software and associated professional services. The Argentine government uses biometric identity solutions to enhance safety, security and promote welfare programmes for its citizens.

DNI (Documento Nacional de Identidad) is the official form of identification for citizens in Peru, another country in South America. The electronic DNA has facial image and print of right index finger of the cardholder besides other general details like name, date of birth etc.

Chile on the other hand uses biometrics extensively for healthcare insurance, banks, pension funds and retailers as well as police and immigration services. Santiago airport in the country uses facial recognition technology for security.

Pablo Izquierdo, Director General of I-Med, a Santiago-based company explains the diametrically opposite views held on biometrics in North and South America. . “In the U.S. people don’t much like the idea of a database of digital fingerprints; Latin Americans – well – they couldn’t care less about it,” Izquierdo says.ii
Bolivia, which shares borders with Brazil, Peru, Argentina, Chile, registered more than 5 million voters by collecting their fingerprints, biometric photographs and electronic signatures within 75 days before the 2009 elections and is now advising Georgia on the same.

Australia (Oceania)
Both the major countries in the region – Australia and New Zealand – are opposed to national identity and biometrics so much so that the former has rejected proposals for the card twice. The first proposal to create a universal number for Australian citizens and permanent residents was jettisoned in 1987. The second proposal – floated in 2005 for an Access Card for health and welfare benefits – was abandoned two years later due to privacy concerns relating to identity theft and disclosure of information. The country protects its Medicare and tax file number identifiers with strict privacy laws.

A parliamentary committee in Australia recently rejected the use of biometrics as a form of identification technology for gamblers saying that the technology would be a privacy overreach.

In 2009 when New Zealand tried to introduce biometrics in immigration, it kicked up a furore with people fearing that technology will be extended to other arms of the law. No wonder the island country is among the few countries of the world, which do not have a national ID card.

The situation in poor African continent would bring a big smile on the faces of votaries of biometric-based national ID in India as an overwhelming majority of the countries there have either already introduced the cards or are in the process of doing it.

While South Africa, Mauritius, Gambia and Zimbabwe have brought in biometric identity cards, Tanzania, Sudan, Lesotho, Nigeria, Angola, are on course to get them.
In Gambia and Mauritius, citizens above 18 years of age are required to apply for a National Identity Card. The former has made it mandatory for its citizens to show the biometric card at the time of applying for a driving license.

In South Africa, it is necessary for the citizens to carry identity document, which resembles a passport, at the time of opening a bank account, registering at an educational institution, buying a mobile or applying for a driver’s license, passport, unemployment insurance and voting in elections.

Tanzania’s National Identification Authority (NIDA) recently awarded a deal for national ID system for 25 million cards.

NIMC has the mandate to establish, own, operate, maintain and manage the National Identity Database, register persons covered by the Act, assign a Unique National Identification Number and issue General Multi-Purpose Cards (GMPC) to those registered individuals, and to harmonise and integrate existing identification databases in Nigeria.

Sudan is launching a civil registry project that expects to have the fingerprints of 8 million of the 16 million citizens and foreign residents for the country’s national database.
The Angolan Government has officially approved the design of its new ID card for all its adult citizens. The cards will store personal data including personal and biometric identification.

When it comes to biometric national ID cards, Asian continent is divided among ayes and nays with China, Japan and Turkey yet to give assent to biometric identification. Pakistan, Bangladesh and Malaysia, on the other hand have already issued biometric identification for their citizens.  Sri Lanka and Indonesia are all set to join the bandwagon.

In Pakistan, National Database & Registration Authority (NADRA) has captured 371 million fingerprints and 99 million faces and also facilitates mobile-to-mobile payment.  The ID is tagged with Benazir Income Support Programme for poor. NADRA issued support to 500,000 Watan Card-holders during floods in Pakistan in last year.

Bangladesh has had biometric identification since 2008. Bangladeshis use NID card for obtaining passports, driving licenses, credit cards and for registering land ownership. MyKad or Government Multipurpose Card (GMPC), the official compulsory card in Malaysia, carries a microchip, which contains several items including biometrics.

In Israel, a move to have biometric database is being criticised for not using encryption method to minimise infringement to highly sensitive information. The database will be in the custody of Interior Ministry. Association for Civil Rights, an NGO headquartered in Jerusalem, fear the database will grossly infringe on Israeli citizens’ rights.iii

i. A report on BBC uploaded on October 15, 2008
ii. bUSiness, a business magazine of the Chilean American Chamber of Commerce (AmCham Chile)
iii. Report on

March 8 – FBI Announces Next Generation Biometric Identification System… Built by Lockheed Martin (Hacked on May 29)

Jun 6th, 2011 | By | Category: News

BIOMETRIC: “If you can store it; I can steal it”

March 08, 2011: FBI : “The Next Generation Identification System (NGI), built by Lockheed Martin, delivers an incremental replacement of the FBI’s Integrated Automated Fingerprint Identification System (IAFIS)”

May 29, 2011: Lockheed Martin hit by cyber attack!….



March 08, 2011
  • FBI National Press Office(202) 324-3691

CLARKSBURG, WV—New technology designed to revolutionize law enforcement’s ability to process fingerprints has reached its initial operating capability, the FBI announced today.

The Next Generation Identification System (NGI), built by Lockheed Martin, delivers an incremental replacement of the FBI’s Integrated Automated Fingerprint Identification System (IAFIS). NGI provides automated fingerprint and latent search capabilities, electronic image storage, and electronic exchange of fingerprints to more than 18,000 law enforcement agencies and other authorized criminal justice partners 24 hours a day, 365 days a year. Upon completion, NGI will have the ability to process fingerprint transactions more effectively and accurately.

“The implementation announced today represents a tremendous achievement in enhancing our identification services. Already, we’re seeing how the NGI system is revolutionizing fingerprint identification in support of the FBI’s mission,” said Louis E. Grever, executive assistant director, FBI Science and Technology Branch.

“Lockheed Martin was there supporting the FBI when IAFIS went live in 1999, and we’re thrilled to be here for NGI today,” added Linda Gooden, executive vice president, Lockheed Martin Information Systems and Global Solutions. “Technology like this is a powerful tool when it comes to protecting America’s citizens, and we’re proud to serve as a partner in that mission.”

“While IAFIS has been effective, criminal and terrorist threats have evolved over the past decade. Today’s environment demands faster and more advanced identification capabilities,” said Assistant Director Daniel D. Roberts, FBI Criminal Justice Information Services Division. “NGI represents a quantum leap in fingerprint identification that will help us in solving investigations, preventing crime, and apprehending criminals and terrorists.”

In addition to the new fingerprint identification technology, the NGI program has also delivered Advanced Technology Workstations to the FBI’s fingerprint examiner staff. The workstations include significantly larger display screens with higher resolution and true color support, allowing staff to see more detailed attributes of biometric data for more efficient decision-making.


Outrange: Think tank slams plan for biometric database

Mar 14th, 2011 | By | Category: News

“The plan to establish a central biometric database, along with the use of biometric identity cards, will make Israel the only Western democracy to store biometric information about its own citizens,” economist Diana Zaks wrote. “Israel will be in the company of countries such as Ethiopia, Indonesia, Yemen and Pakistan.”


03/13/2011 23:22

If implemented, Interior Ministry will convert Israelis’ identity cards into smart cards with digital chips storing biometric data.

The government is about to begin compiling a biometric database of all Israelis that will put their personal data in the hands of at least 10,000 government employees, according to a position paper released Sunday by the Jerusalem Institute for Market Studies. 

“The plan to establish a central biometric database, along with the use of biometric identity cards, will make Israel the only Western democracy to store biometric information about its own citizens,” economist Diana Zaks wrote. “Israel will be in the company of countries such as EthiopiaIndonesia, Yemen and Pakistan.”

Founded in 2003, JIMS is a nonprofit economic-policy think tank whose declared mission is to promote social progress in Israel through economic freedom and individual liberty.

Its position paper, which analyses the Biometric Law passed by the Knesset in 2009, warns that if implemented, the Interior Ministry will be tasked with converting Israelis’identity cards into smart cards with digital chips storing biometric data, and at the same time the government will establish a central database with each individual’s personal biometric information.

According to the paper, the government is about to embark on a two-year pilot program with voluntary registration, before the program becomes mandatory for all citizens.

The paper argues that the program presents a host of dangers, including leakage of data, possible use by terrorists, criminal penetration and identity theft, increase in police powers and likely pressure on the government to make the data available to local or international businesses or to pharmaceutical companies for research.

“Considering the marginal benefits from establishing a biometric database, the alternative means of achieving its aims, its high cost and the many dangers involved,the government of Israel could do well to consider whether such a database is necessary, and Israelis could do well to express themselves concerning this intended invasion of their privacy and the dangers ahead,” Zaks wrote.


Bangalore’s IISc students slam unique ID scheme Aadhaar

Jan 8th, 2011 | By | Category: News

Students from the Indian Institute of Science and activists held placards and banners saying ‘Beware, Big Brother is watching you’ and ‘Secure electronic archive is a myth’ at the JRD Tata Auditorium of the National Institute of Advanced Studies.

Published: Saturday, Jan 8, 2011, 10:14 IST
By Hemanth CS | Place: Bangalore | Agency: DNA

A group of students and activists staged a silent protest on Friday opposing the 12-digit Aadhaar number as Unique Identification Authority of India (UIDAI) chairman Nandan Nilekani delivered a lecture on Aadhaar’s role in the transformation of public service delivery. Students from the Indian Institute of Science and activists held placards and banners saying‘Beware, Big Brother is watching you’ and ‘Secure electronic archive is a myth’ at the JRD Tata Auditorium of the National Institute of Advanced Studies.

The protesters also distributed hand-outs and newspaper articles opposing the Aadhaar number. A few protesters questioned Nilekani on the necessity of introducing the 12-digit number during the question and answer session which followed his hour-long lecture.

The protesters argued that Aadhaar was a violation of privacy and civil liberties of the people and it could be used for profiling individuals, especially from the minority community.

“During and after the 2002 Gujarat riots, Muslims were handpicked by the rioters and executed based on the data collected from the state identity card. The same thing could happen if Narendra Modi becomes the prime minister. Fundamentalists will use Aadhaar to identify minorities and kill them,” said Rajesh, a IISc student.

The protesters questioned Nilekani’s claim that Aadhaar was voluntary.

“A big myth is being propagated that Aadhaar is voluntary. UIDAI’s concept note stresses that enrollment will not be mandated. But there is a catch: benefits and services that are linked to the UID will ensure demand for the number,” said a protester.

They wondered whether the bio-metric technology adopted by UIDAI is capable of the task of de-duplication. The UIDAI has admitted that retaining biometric efficiency for a database of more than one billion people has not been adequately analysed and that the problem of fingerprint quality in India has not been studied in depth.

Replying to the allegations made on Aadhaar number, Nilekani said that in every country whenever there is an issue of national security, there is provision to access identity. In India, it would be no different.

“The government is thinking of providing national portability and looking at inclusive growth. In turn, it’s an opportunity for people to open bank accounts, have micro ATMs and mobile phones through the Aadhaar,” he said.

If Aadhaar number is made equal to the KYC (know-your-customer) for opening bank accounts, it would lead the way for financial inclusion. According to a survey, more than 80% of the population especially in the rural areas said that they wanted a bank account, he said.

Fingerprint identification evidence questioned by senior judge

Nov 24th, 2010 | By | Category: News

A senior judge has raised concerns over fingerprint evidence used in criminal trials, warning that it rests on “assumptions” that have never been scientifically proven.

By Richard Edwards, Crime Correspondent 8:00AM GMT 19 Nov 2010

Lord Justice Leveson, an appeal judge and chairman of the Sentencing Council, called into question the “century old” identification process, which he said was often considered “virtually unassailable” in tying a person to a crime.

The judge said that there have been “numerous” recent cases of innocent people being wrongly singled out by fingerprint evidence.

In a speech to the Forensic Science Society in London, he said the analysis of fingerprints by experts was “fundamentally subjective” and that it was therefore “inherently capable of misidentifications”.

Lord Justice Leveson called for new research to be carried out to ensure fingerprinting is “robust” and reliable.

“There is growing unease among fingerprint examiners and researchers that the century old fingerprint identification process rests on assumptions that have never been tested empirically,” he said.

Speaking about the use of expert evidence in court cases, the senior judge said it was vital to have a “methodology and a hypothesis that are capable of withstanding robust testing”.

“Arguably, as it currently stands, the science of fingerprint identification does not,” he added.

The judge is the most senior member of the judiciary to speak out about the concerns, which have been raised by experts and academics for the past few years.

However it is unlikely to lead to a series of convicted criminals appealing their cases because in most instances where fingerprints are now used in court, the evidence is corroborated by other forensic samples such as DNA testing.

However examples of failings include Brandon Mayfield, who in 2004 was wrongly linked to the Madrid train bombings by FBI fingerprint experts in the United States.

Shirley McKie, a Scottish police officer, was wrongly accused of having been at a murder scene in 1997 after a print supposedly matching hers was found near the body.

Criminal fingerprinting techniques were pioneered at Scotland Yard at the beginning of the 20th century. The first successful conviction using them was of Harry Jackson, a burglar who was jailed in 1902.

No two fingerprints are ever exactly alike in every detail – even two impressions recorded immediately after each other from the same hand.

It requires an expert examiner to determine whether a print taken from a crime scene and one taken from a subject are likely to have originated from the same finger.

Unlike other forensic fields, such as DNA analysis, which give a statistical probability of a match, fingerprint examiners traditionally testify that the evidence constitutes either a 100 per cent certain match or a 100 per cent exclusion.

Lord Justice Leveson said: “The language of certainty that examiners are forced to use hides a great deal of uncertainty, which greatly undermines the examiners’ legitimacy.”

A recent study found that experts do not always make the same judgment on whether a print matches a mark at a crime scene, when presented with the same evidence twice.

Six examiners in several countries were given eight sets of prints to compare on two different occasions, without knowing it was past of a study. They changed their decision in six cases and only two of the experts were consistent with their previous decision.

The research, carried out at Southampton University, found they were more likely to change their decision if given contextual information, such as “the suspect has confessed”, that conflicted with their previous judgment.

The origin of Privacy Man – DHS has lots and lots of databases

Oct 15th, 2010 | By | Category: News

The Department of Homeland Security created Privacy Man to teach bureaucrats how important it is to responsibly handle sensitive personal information contained in government databases. DHS has lots and lots of databases.


The origin of Privacy Man

This week, Elevated Risk introduced you to the coolest new superhero around. He’s a masked crusader, just like all the greatest superheroes, and his name is Privacy Man. The Department of Homeland Security created Privacy Man to teach bureaucrats how important it is to responsibly handle sensitive personal information contained in government databases. DHS has lots and lots of databases.

The department graciously gave us one of the posters it created to promote Privacy Man internally, which you can find below. We included it in our piece about local, state and federal government employees repeatedly getting caught conducting unauthorized searches of their neighbors, ex-spouses, girlfriends, family members, politicians and celebrities (to be sure, DHS databases weren’t the only ones searched).

Such breaches raise questions about the security of massive information systems containing often highly personal details about the American public. The government has been on a mad dash since Sept. 11 to create new databases for compiling, analyzing and sharing intelligence, so that would-be terrorists can’t make a move without authorities knowing about it.

After receiving the poster, we started asking some mostly snarky questions around the office. Why does Privacy Man appear to be lurking outside the window of a private office? Shouldn’t he be in a nondescript government building somewhere quietly protecting your privacy instead of showing off and rappelling down the side of a skyscraper? Why are there two Privacy Men? Is this really the best work Michael Chertoff and Tom Ridge can get now (when they’re not moonlighting as consultants)? And “privacy is everywhere”? What exactly does that mean?

As it happens, there are some answers to our essential questions about Privacy Man.

A DHS official contacted us to explain that the poster was inspired by none other than Batman and Robin. He even included a screen grab of the scene used to create the poster (see below for comparison). It also turns out that the building Privacy Man and his trusted sidekick are dangling from is the Transportation Security Administration’s headquarters.

Privacy Man, this DHS official added, was launched following a data breach in 2007. Here’s what the Washington Post wrote that year in an editorial describing problems at the TSA, while also expounding upon breaches across the federal government:

The Transportation Security Administration isn’t terribly secure when it comes to safeguarding personal information. An external computer hard drive with data on 100,000 staffers was reported missing from a secure area at the agency on May 3. Now, two laptops that belonged to a TSA contractor, Integrated Biometric Technology, and that contained details on 3,930 people have disappeared. It’s yet another example of the federal government unwittingly aiding and abetting potential identity thieves. Safeguarding personal information has been the law of the land since passage of the Privacy Act of 1974 and the Federal Information Security Management Act of 2004. But you wouldn’t know it by the many stories about federal agencies accidentally letting Social Security numbers and other private, sensitive information slip away.

Maybe Privacy Man should have been modeled after author J.D. Salinger, legendary for his obsession with privacy (he built a six-foot fence around his remote property in Cornish, N.H., and rarely left). Then again, maybe Salinger was a little extreme, and somewhere between him and Privacy Men swinging down the sides of buildings protecting our privacy “everywhere” we can strike a reasonable balance.

Maybe that’s asking too much in a post-9/11 world.

Why no one wants DHS to play cyber mall cop

Jul 25th, 2010 | By | Category: Articles

The public has repeatedly rebuffed attempts by the federal government to centralize identification management

By Mike Spinney – Jul 22, 2010

Mike Spinney is a senior privacy analyst at the Ponemon Institute, which conducts independent research on privacy, data protection and information security policy.

The Homeland Security Department recently announced an initiative aimed at creating a more secure system of online identification. According to its Web site, the National Strategy for Trusted Identities in Cyberspace seeks to “improve cyberspace for everyone — individuals, private sector and governments — who conducts business online.”

That’s certainly a noble goal. But the very existence of NSTIC begs two very important questions: Does protecting me and my fellow citizens while we transact business online fall within the department’s areas of responsibility? And does DHS truly believe it can do what the private sector, driven by a clear and compelling profit motive, has yet to successfully accomplish?

The answer to both questions is a resounding no. DHS should focus on doing what its name implies — protecting the homeland — and resist the urge to demote itself into the role of national cyber mall cop.

I say this not to demean the department, which shoulders a weighty load in addressing the manifold threats to our shores in this age of terrorism, but because any effort by DHS to create a voluntary trusted identity program is doomed to fail.

The recent experience and backlash associated with Real ID — rebuffed by the general public and legislatively rejected by 11 states before being scrapped — and high-tech passports — subject to ongoing criticism for their security vulnerabilities — demonstrate that the public is uneasy at best and at worst dead set against any attempts by the federal government to centralize identification in any form. Another national identification storm cloud is gathering on the horizon in the form of the Biometric Enrollment, Locally-stored Information, and Electronic Verification of Employment provision of pending immigration reform. With every attempt at using technology to track citizens, George Orwell’s shadow grows longer.

Conspiracy theories aside, lessons learned from the evolution of Social Security numbers into a de facto national financial credential — in spite of being prohibited by the law that created them for any use other than the management of Social Security benefits — should be enough to remind us of what can happen with a national identification program even when it is conceived with the best of intentions.

Of course, DHS would not be the first organization to fail at creating a broadly successful universal digital identifier. Devices such as smart cards and tokens have been in use for years and are effective for managing identity-based access to secure enterprise systems. But such technology works best in a single organization because cost and management issues temper their advantages in broader applications.

At the consumer level, where individuals might be using multiple identities for a broad range of applications, any secure identity system would need to take into account the highly complex vagaries of human behavior. Doing so successfully in the private sector would be a feat with a multibillion-dollar payday — and there’s plenty of money and brainpower being spent on that effort already.

Consider, too, the challenges DHS faces in successfully launching a trusted identity program when the agency lacks the trust of the general public. In the Ponemon Institute’s annual Privacy Trust Study of the United States Government, DHS ranked 70th among the 75 federal agencies studied. The Citizenship and Immigration Services agency and Customs and Border Protection agency, both of which are part of DHS, ranked 74th and 75th, respectively.

If DHS believes that a more secure online experience will enhance homeland defense, that goal would be better served by the creation of an educational program that makes people more aware of how to safely conduct online activities. When you get beyond the Beltway, you find that too many people are making unsafe decisions online not because the technologies and techniques are lacking but because they simply don’t know any better. If left to persist, public ignorance will be the downfall of any trusted identity strategy.

G-4 visa holders are not required to submit their biometrics upon arrival to the USA

Jul 25th, 2010 | By | Category: News

Department of Homeland Security Report of the Chief Privacy Officer:


G-4 visa holders are exempt from US-VISIT procedures and are not required to submit their biometrics upon arrival at a port of entry in the United States. A G-4 visa is a type of nonimmigrant U.S. visa for employees of international organizations and members of their immediate families. US-VISIT received a redress letter by mail from a G-4 visa holder who had been erroneously fingerprinted. He requested that his fingerprints be deleted from the US-VISIT system. US-VISIT checked his records and discovered that his fingerprints had already been deleted from the system. No further action to correct his record at US-VISIT was required at the time. US-VISIT sent a letter to the individual indicating his biometrics had been deleted from the US-VISIT system.

Third Quarter Fiscal Year 2010 Report to Congress
Department of Homeland Security Report of the Chief Privacy Officer Pursuant to Section 803 of the Implementing Recommendations of the 9/11 Commission Act of 2007
June 23, 2010

Third Quarter Fiscal Year 2010 Report to CongressDepartment of Homeland Security Report of the Chief Privacy Officer Pursuant to Section 803 of the Implementing Recommendations of the 9/11 Commission Act of 2007June 23, 2010

The fake passport blog – part 2

Jul 21st, 2010 | By | Category: Articles

In a country where Nepali’s, Bangladeshis and Pakistani’s can practically walk across the border – why should a terrorist bother to fake a biometric passport?

It could come useful in certain situations. Why would someone like David Headley risk a clandestine crossover, when he could live in the best of hotels, mix in the most hallowed social circles – legally? It’s also a neat trick to shift blame to an Indian citizen, after a terrorist attack.

But an “attack” is not the only thing a cloned biometric passport can be used for. It can also be used to steal your identity. For cheap. If my last post made you believe it’s almost impossible to mess around with a biometric passport, I’m very sorry. Because this one – is about how it’s already been done. With equipment that costs less than ten thousand rupees.

Lukas Grunwald, a German security expert, did it in 2006. British newspapers reported on a similar stunt by Adam Laurie, in 2007. Jeroen Van Beek, a researcher in the Netherlands, actually walked into Amsterdam airport with a fake biometric passport made in the name of Elvis Presley. He was not stopped.

Just Google their exploits – most technically minded terrorists probably already have. Here’s a quick account of how they did it.

A biometric passport has a chip, about the size of the one in your mobile phone SIM. That chip is embedded in a radio transmitter, slightly smaller than your visiting card. The entire unit is then sealed, into the last, thick page of our passports. You’ll get one of these things when you apply to renew your passport.

Effectively – this passport is now a tiny radio transmitter. It emits radio signals at a certain frequency. And over those radio waves, it transmits the information stored in its chip.

If you have a radio scanner listening in on that specific frequency – you can intercept that data. You could be standing ten meters away, you wouldn’t even need to touch the passport. You could read it, then clone it.

I’ll get into the specifics later. But here’s why you should begin to get worried.

1.) Let’s say a terrorist knows he looks a fair bit like you. First, he’d clone all your passport details by eavesdropping on the chip. Then insert his new, cloned chip into a fake paper passport he’s already made.

He’d grow a beard or a pony tail – to confuse the airport guards. When they test his passport on their reader, it wouldn’t ring any alarms – after all it’s a perfect clone of a perfectly valid passport.

When they try to physically cross check his appearance against your facial image stored on the chip, they wouldn’t spot a difference. A biometric facial or fingerprint scanner would have rung alarms – but they’re very expensive and used at very few counters. So a terrorist COULD cross borders – using YOUR passport details.

There is also a psychological problem – if the machine says a passport is OK, airport officials will tend to believe it and drop their guard. They won’t bother to do a more careful physical check. Because that would take more time – and after all wasn’t the biometric passport meant to save time at check in counters?

2.) Or let’s say it’s scamsters who want to target you. The postman or courier boy who delivers your passport home, could copy details from its chip, without even opening the envelope. So could a hotel attendant abroad – when you show him your passport to book a room. Among those details, will be an exact digital copy of the first page of your passport.

This first page is something we often photocopy. We use it as a proof of identity – to open a bank account, to apply for a new phone connection, for a driving license etc. The scamster could send that first page to an Indian bank and open a new account in your name. And funnel in dirty money into it, without you ever knowing.

3.) There’s another loophole in the “Biometric Passport as extra security” scheme. When you walk into a country like the US with your passport, your info is not only scanned and crosschecked – it’s also stored on their servers for a very long time. This supposedly happens to all passports presented at immigration – part of their “War on Terror” is keeping track of the details and frequency of people’s visits.

In theory, a corrupt official in the department could gather your private data and sell it to people on the black market. Right now – someone else can’t easily match your unique biometrics. But technology gets better everyday, so a leak in the department would mean a terrorist could walk around with your identity.

4.) Another pinprick in the “security” angle. At least one researcher has shown how to trigger a small bomb when it comes close enough to radio signals transmitted by a particular country’s passport. Terrorists could also use a similar technique can to single out people of a particular country from a group – and target them for kidnapping/elimination.

It’s not just passports. The technology can be used to eavesdrop and clone other RFID or Radio Frequency Identification Devices. That includes the card you use to get entry into your office, your new driving license and perhaps even the upcoming UID or Universal Identity card.

Getting back to the passports. Inexpensive Radio Frequency scanners can easily be bought online. You could also build one by modifying the Bluetooth receiver on your PC. Software like Golden Reader, that let you communicate with a passport chip, are easily available on the net. The International Civil Aviation Organization or ICAO – the nodal agency behind the biometric passport movement, has it on its website.

When held over a passport reader at the airport, the chip and the reader first challenge each other with a code. Once each is satisfied the other’s a genuine party – the chip transmits the info it carries to the reader.

To prevent people from eves-dropping on this exchange, the designers of biometric passports used a simple trick. They printed a twenty four character, two line strip of data on one of the pages of the passport.

This “Strip” is called a “Machine Readable Zone”, or MRZ. Only after swiping this strip through a machine, would the passport reader be able to generate a valid challenge that the passport chip would respond to. So whoever wants to read the passport, would have to have it open, in his hand.

Smart. The problem is, the characters they’ve decided to print on that strip. Your date of birth, your passport number, its date of expiry and so on – in a specific pattern.

Clever programmers can guess those details. Your DOB, they find from sites like Facebook. From public databases online – they observe patterns in a long series of passport numbers. They also find out the number of passports issued everyday in the country.

They feed all that research into a maths formula that’s often used by companies to generate things like random credit card numbers. And crack the MRZ of your passport, on a normal home PC, in under two hours. The big expense – about Rs 10,000 for a radio scanner. With the MRZ code, a terrorist or scamster can suck data from your chip, standing upto ten meters away at the check in counter.

Governments could of course put in place a more complex passport numbering system. But though such demonstration attacks have been widely reported in the foreign press, they haven’t moved on this yet.

When someone like a postman has the luxury of holding your physical passport in his hand, he can suck it dry with another trick. He swipes the passport against his radio scanner many, many times.

The more the number of swipes, the higher the chance of the computer mathematically guessing the security code. In an ATM, if you enter the wrong code thrice – you’re locked out and can’t withdraw any money. A similar safety feature hasn’t yet been built into these passport chips.

A small backgrounder on how all this started in the first place. After 9/11, America decided that all foreigners entering its borders would need to have machine readable passports with biometrics – on the assumption that these would be tough to forge.

It demanded this of the 27 countries that had a visa waiver agreement with it. Most of Europe fell in line and soon, the rest of the world.

After researchers publicly carried out attacks on these passports, FIDIS, or the “Future of Identity in the Information Age” – a European Union funded body called the technology used in them “poorly conceived”.

“European governments have forced their citizens to adopt documents which dramatically reduce their security and privacy and increase the risk of identity theft.”

The Indian Government however – doesn’t seem to have listened.

New Hampshire to ban biometrics?

Feb 24th, 2010 | By | Category: News

By Leischen Stelter – 02.23.2010

CONCORD, N.H.—A bill introduced in the New Hampshire Legislature could have serious consequences for the development and deployment of biometric technology and could also jeopardize public confidence in the technology. HB 1409, sponsored by Rep. Neal Kurk, originated over concerns of privacy, but there is concern that the broadness of the bill could negatively impact the development of biometrics as an important security tool, said Don Erickson, director of government relations for Security Industry Association.

Specifically, this bill dictates, “no government agency or private entity shall issue an identification card, other than an employee identification card, or use an identification device or system, that requires the collection or retention of an individual’s biometric data.” The legislation also restricts the disclosure use of “biometric data as a condition of doing business with, engaging in any business activity or relationship with, or obtaining services from, that agency or entity.”

The legislation would ban all biometrics, including fingerprints, palm prints, facial features, voice data recognition, iris recognition, hand geometry and retinal scans, according to the bill.

If passed, this legislation would take effect on January 1, 2011.

SIA issued a statement saying that banning nearly all the uses of biometrics is an inappropriate response to privacy concerns. “The sponsor was concerned about privacy and the protection of individual privacy” not about issues of security, said Erickson. And, he contends, biometrics are actually more secure than other technologies. “With biometrics, you don’t have a password or a key to lose, it’s biometric information so you don’t have to worry about people stealing it,” he said.

Vijay Kumar, marketing manager for Ingersoll Rand Security Technologies, Schlage biometrics, agreed that biometrics pose minimal privacy concerns. “A lot of people don’t understand biometrics and these situations are based on misperceptions,” he said. “I think people confuse it with the systems they see on TV crime shows.” The major distinction, said Kumar, is differentiating between identification and authenticating systems. “Identification compares a person to all the people in the system and matches one to a number of samples,” he said. “Authentication is a one-to-one search, where a live biometric—a hand sample for example—is presented by a person and compared to a stored biometric given by the person by consent.”

He agrees with Erickson that biometrics are actually a very secure form of identification. “Biometrics of authentication is actually a more private situation than what we had when we used numeric codes and password and those types of identities are easy to capture,” he said.

However, industry members aren’t surprised this bill was introduced. Security concerns are not to be taken lightly. In this day and age, with increasing incidents of credit card and identity theft, people have a reason to be concerned about privacy, said Erickson. “The industry has taken steps to control personal identification information and it’s in their interest to,” he said. “End users need to be sensitive to this and spend time doing their homework on exactly how the technology works and privacy guards in place.”

And while this bill is troubling for those involved with biometrics, few think it will make much more progress in New Hampshire.  Erickson said the bill was recently voted down 11-6 in committee and doubts it will be reintroduced.

Uncomfortable questions over biometric ID Cards and national security

Feb 23rd, 2010 | By | Category: News

In the last ten days we have learnt that “persons unknown” stole the identity of British citizens and cloned modern UK passports to enter Dubai to perform an assassination. Last week, the Foreign Secretary got up in the House of Commons to say that his legal action before the Court of Appeal was to protect intelligence vital to national security given to the UK by the USA’s national security agencies.

There are obvious data protection consequences that flow from these events that are not being picked up by journalists as part of the current public discourse.

In relation to biometric passports, the official Government information states that all passports now issued contain ‘biometric’ details “which are unique to you – like your fingerprint, the iris of your eye, and your facial features”. In addition, “the chip inside the passport contains information about the holder’s face – such as the distances between eyes, nose, mouth and ears” which “can then be used to identify the passport-holder”.

Also the chip is protected in four ways:

  • “a ‘digital signature’, which shows that the data is genuine and which country has issued the passport
  • Basic Access Control, a ‘chip protocol’ that prevents the data being read without the passport holder’s knowledge
  • Public Key Infrastructure (PKI), a digital technique that confirms the data on the chip was written by IPS and has not been changed, and
  • the chips can only be read at a few centimetres’ distance from a chip reader – so they cannot be accidentally read”.

So, by implication, either “persons unknown” using the UK Passports in Dubai managed to evade some of the above security checks (including any biometric security) or airport security arrangements at a major international airport has suffered a complete failure. Which one is most culpable? It is a very important question.

For instance, if some or all the biometric features that protect the Passport have been “overcome”, where does this leave the biometric security on the ID Card? If one agency can get round the security, isn’t it rather obvious that others can do so also? Does every significant ID Card check now need a reference to personal data stored on the National Identity Register (and recorded on that infamous audit trail) as the means of making sure an ID Card is not a clone? If so, then the ID Card costs have just increased significantly.

In relation to the intelligence issue, I accept that there are immense difficulties. However, if we start from the position that intelligence is information from which one can deduced or infer a possible action, then the position becomes clearer. For example, if “X has been in contact with Y” then it might be important to put “Y” on a watch list.

However, I do not think that “X has been water-boarded” qualifies as intelligence – it is a description of what has happened to X. It might be confidential to qualify the intelligence by explaining that “intelligence from X has been gained under torture”, but there again, it is the information that is provided that is the “intelligence” and not the means by which it was extracted from the informant.

In other words, the Foreign Secretary’s claim that “The seven paragraphs contain summaries of American intelligence relating to Mr Mohamed’s case held in UK files” cannot possibly be substantiated by the facts. One cannot possibly undermine the principle of protecting intelligence sharing if the information itself does not qualify as intelligence (in this case, it relates to inhuman or degrading treatment).

Reference: In my evidence to the Joint Committee on Human Rights published in 2006, I explore national security in the context of Parliamentary scrutiny, data protection, human rights and terrorism. I explain why the UK system of scrutiny desperately needs an overhaul (

Credit Card Frauds: Chip-and-PIN is broken

Feb 18th, 2010 | By | Category: News

If Simple Credit Cards are cloneable just imagine how ”New ID cards” are supposed to be ‘unforgeable’ – but it took expert minutes to clone one, and program it with false data

By Cory Doctorow at 11:43 PM February 11, 2010

(Chip and PIN is broken via Schneier)

BBC: New flaws in chip and pin system revealed

Noted security researcher Ross Anderson and colleagues have published a paper showing how “Chip-and-PIN” (the European system for verifying credit- and debit-card transactions) has been thoroughly broken and cannot be considered secure any longer. I remember hearing rumbles that this attack was possible even as Chip-and-PIN was being rolled out across Europe, but that didn’t stop the banks from pushing ahead with it, spending a fortune in the process.

The flaw is that when you put a card into a terminal, a negotiation takes place about how the cardholder should be authenticated: using a PIN, using a signature or not at all. This particular subprotocol is not authenticated, so you can trick the card into thinking it’s doing a chip-and-signature transaction while the terminal thinks it’s chip-and-PIN. The upshot is that you can buy stuff using a stolen card and a PIN of 0000 (or anything you want). We did so, on camera, using various journalists’ cards. The transactions went through fine and the receipts say “Verified by PIN”.

It’s no surprise to us or bankers that this attack works offline (when the merchant cannot contact the bank) — in fact Steven blogged about it here last August.

But the real shocker is that it works online too: even when the bank authorisation system has all the transaction data sent back to it for verification. The reason why it works can be quite subtle and convoluted: bank authorisation systems are complex beasts, including cryptographic checks, account checks, database checks, and interfaces with fraud detection systems which might apply a points-scoring system to the output of all the above. In theory all the data you need to spot the wedge attack will be present, but in practice? And most of all, how can you spot it if you’re not even looking? The banks didn’t even realise they needed to check.

FBI Scans DMV Photos for Criminals

Feb 4th, 2010 | By | Category: News

By Jonathan Saupe –

Thursday (Feb. 4th) on KOLD News 13 Live at 10 p.m. “Justice In Sight”: A home invasion, a purse snatching, an armed robbery.. terrifying crimes leaving victims with only blurry details and confused facts for investigators to use in trying to crack the case. Thursday at 10 p.m., Crime Specialist Som Lisaius will have a special Live, Local, & Late Breaking demonstration that will make you a good victim or witness.
(AP) – In its search for fugitives, the FBI has begun using facial-recognition technology on millions of motorists, comparing driver’s license photos with pictures of convicts in a high-tech analysis of chin widths and nose sizes.

The project in North Carolina has already helped nab at least one suspect. Agents are eager to look for more criminals and possibly to expand the effort countrywide. But privacy advocates worry that the method allows authorities to track people who have done nothing wrong.

“Everybody’s participating, essentially, in a virtual lineup by getting a driver’s license,” said Christopher Calabrese, an attorney who focuses on privacy issues at the American Civil Liberties Union.

Earlier this year, investigators learned that a double-homicide suspect named Rodolfo Corrales had moved to North Carolina. The FBI took a 1991 booking photo from California and compared it with 30 million photos stored by the motor vehicle agency in Raleigh.

In seconds, the search returned dozens of drivers who resembled Corrales, and an FBI analyst reviewed a gallery of images before zeroing in on a man who called himself Jose Solis.

A week later, after corroborating Corrales’ identity, agents arrested him in High Point, southwest of Greensboro, where they believe he had built a new life under the assumed name. Corrales is scheduled for a preliminary hearing in Los Angeles later this month.

“Running facial recognition is not very labor-intensive at all,” analyst Michael Garcia said. “If I can probe a hundred fugitives and get one or two, that’s a home run.”

Facial-recognition software is not entirely new, but the North Carolina project is the first major step for the FBI as it considers expanding use of the technology to find fugitives nationwide.

So-called biometric information that is unique to each person also includes fingerprints and DNA. More distant possibilities include iris patterns in the eye, voices, scent and even a person’s gait.

FBI officials have organized a panel of authorities to study how best to increase use of the software. It will take at least a year to establish standards for license photos, and there’s no timetable to roll out the program nationally.

Calabrese said Americans should be concerned about how their driver’s licenses are being used.

Licenses “started as a permission to drive,” he said. “Now you need them to open a bank account. You need them to be identified everywhere. And suddenly they’re becoming the de facto law enforcement database.”

State and federal laws allow driver’s license agencies to release records for law enforcement, and local agencies have access to North Carolina’s database, too. But the FBI is not authorized to collect and store the photos. That means the facial-recognition analysis must be done at the North Carolina Division of Motor Vehicles.

“Unless the person’s a criminal, we would not have a need to have that information in the system,” said Kim Del Greco, who oversees the FBI’s biometrics division. “I think that would be a privacy concern. We’re staying away from that.”

Dan Roberts, assistant director of the FBI’s Criminal Justice Information Services Division, added: “We’re not interested in housing a bunch of photos of people who have done absolutely nothing wrong.”

Gone are the days when states made drivers’ licenses by snapping Polaroid photos and laminating them onto cards without recording copies.

Now states have quality photo machines and rules that prohibit drivers from smiling during the snapshot to improve the accuracy of computer comparisons.

North Carolina’s lab scans an image and, within 10 seconds, compares the likeness with other photos based on an algorithm of factors such as the width of a chin or the structure of cheekbones. The search returns several hundred photos ranked by the similarities.

“We’ll get some close hits, and we’ll get some hits that are right on,” said Stephen Lamm, who oversees the DMV lab.

The technology allowed the DMV to quickly highlight 28 different photos of one man who was apparently using many identities. It also identified one person who, as part of a sex change, came in with plucked eyebrows, long flowing hair and a new name – but the same radiant smile.

The system is not always right. Investigators used one DMV photo of an Associated Press reporter to search for a second DMV photo, but the system first returned dozens of other people, including a North Carolina terrorism suspect who had some similar facial features.

The images from the reporter and terror suspect scored a likeness of 72 percent, below the mid-80s that officials consider a solid hit.

Facial-recognition experts believe the technology has improved drastically since 2002, when extremely high failure rates led authorities to scrap a program planned for the entrances to the Winter Olympics in Salt Lake City.

Lamm said investigators reviewing the galleries can almost always find the right photo, using a combination of the computer and the naked eye.

Marc Rotenberg, executive director of the Electronic Privacy Information Center, questioned whether the facial-recognition systems that were pushed after the Sept. 11 attacks are accurate or even worthwhile.

“We don’t have good photos of terrorists,” Rotenberg said. “Most of the facial-recognition systems today are built on state DMV records because that’s where the good photos are. It’s not where the terrorists are.

Interpol chief: Passport fraud major global threat

Jan 30th, 2010 | By | Category: News

Associated Press Writer – Charlotte Observer

DAVOS, Switzerland The biggest travel threat facing the world now is passport fraud, according to the chief of Interpol – the millions of stolen documents that could be used by terrorists or criminals to travel worldwide.

Airport body scanners, embraced by many in the aftermath of the attempted Christmas Day airplane bombing, are a misguided solution to travel threats, Interpol Secretary-General Ronald K. Noble told The Associated Press in an interview Thursday night.

“The greatest threat in the world is that last year there were 500 million, half a billion, international air arrivals worldwide where travel documents were not compared against Interpol databases,” he said on the sidelines of the World Economic Forum, where 2,500 business and political leaders are gathered in this Alpine resort.

“Right now in our database we have over 11 million stolen or lost passports,” he said. “These passports are being used, fraudulently altered and are being given to terrorists, war criminals, drug traffickers, human traffickers.”

The solution, he said, is better intelligence, and better intelligence sharing, among countries.

“You don’t know the motivation behind the person carrying the passport,” he said. If you’re a terrorist, he said, “Are you going to carry explosives that are going to be detected? No.”

Many U.S. airports use the body-scanning machines and airports in other countries are adopting them after Nigerian Umar Farouk Abdulmutallab allegedly tried to detonate explosives hidden in his underwear Dec. 25 on the Detroit-bound flight.

But Noble questioned “the amount of money and resources that go into these (body-scanning) machines.”

He cited a case two weeks ago in a Caribbean country where five people were arrested carrying European passports, but were caught after they were found to be carrying stolen passports – one stolen back in 2001. The five had “definite links to crime, organized crime, human trafficking but no definite links to terrorism,” he said, though he wouldn’t name the country.

He said U.S. authorities are recognizing the threat of passport fraud – in 2006, U.S. authorities scanned the Interpol database about 2,000 times, while last year they did so 78 million times. They came up with 4,000 people traveling on stolen or lost passports.

Intelligence experts have cast doubt on the usefulness of the so-called no-fly lists of suspects shared among airports worldwide, saying that criminals can change their names or make simple name spelling changes that render them untrackable.

“(The lists) are useful but I don’t believe they are the be-all and end-all,” Noble said, adding he was concerned about governments’ efforts to expand them.

Noble, who has expanded Interpol’s efforts to fight terrorism, cybercrime, corruption and maritime piracy in his nearly 10 years at the helm of international police agency Interpol, also had words of warning for people hoping to donate money to Haiti after its devastating earthquake.

“Be very careful,” he said, citing several cases of fraudsters preying on donors and stealing their money via fake charity Web sites.

“Whenever there’s a tragedy it seems to bring out the best in people and unfortunately the worst,” he said. He said several U.S. sites have been taken down since the earthquake after they were found to represent no known charity.

Interpol has a team helping identify victims in Haiti, a daunting task with an estimated 200,000 dead. Another daunting task will be rebuilding Haiti’s law enforcement.

Policing in Haiti “was a challenge before this happened,” he said.

Euro project to arrest us for what they think we will do

Jan 27th, 2010 | By | Category: Articles

‘Positively chilling’ says Liberty

By John Ozimek • The Register

Radical Think Tank Open Europe has this week exposed a study by the EU that could lead to the creation of a massive cross-Europe database, amassing vast amounts of personal data on every single citizen in the EU.

The scope of this project also reveals a growing governmental preference for systems capable of locking people up not for what they have done, but for what they might do.

Open Europe (OE) researcher, Stephen Booth, has been reviewing projects currently in receipt of EU funding. Last week he identified one of these - Project INDECT – as having potentially far-reaching effects for anyone living or working in Europe. The main objectives of this project, according to its own website, are:

To develop a platform for: the registration and exchange of operational data, acquisition of multimedia content, intelligent processing of all information and automatic detection of threats and recognition of abnormal behaviour or violence, to develop the prototype of an integrated, network-centric system supporting the operational activities of police officers.

In addition, it aims “to develop a set of techniques supporting surveillance of internet resources, analysis of the acquired information, and detection of criminal activities and threats.”

There are two controversial aspects to this research. First is the extent of data collection implied by the project scope. Second, and perhaps far more worrying, is the proposition that law enforcement agencies, in possession of sufficient data, will in future be able to model potentially criminal and anti-social behaviour and therefore focus on individuals before crimes are committed.

In this, it echoes another EU-sponsored piece of research – ADABTS – which is all about Automatic Detection of Abnormal Behaviour and Threats in crowded Spaces. According to the ADABTS prospectus, it “aims to develop models for abnormal and threat behaviours and algorithms for automatic detection of such behaviours as well as deviations from normal behaviour in surveillance data.”

The INDECT project is co-ordinated by Polish academic Professor Andrzej Dziech. Participants include several institutions from Poland – which until recently had its own issues with over-arching state surveillance – as well as the Northern Ireland Police Service.

Shami Chakrabarti, the director of human rights group Liberty, described this approach as a “sinister step” for any country, but “positively chilling” on a European scale.

Stephen Booth added: “The problem with the EU funding these types of projects is the lack of accountability. Citizens are left completely in the dark as to who has approved them and there is no way to ensure that civil liberties are being duly respected.

“The absence of any political debate about the use of these new surveillance technologies in our society is a very dangerous trend, which is especially acute at the EU level.”

However, the idea of punishing potential criminals is not just an EU notion. As El Regreported last year, the Home Office has certainly considered the use of automated profiling to check travellers at points of entry to the UK. This has been controversial, both because of the veiled racism implied by such a policy, as well as evidence provided to the Home Office that it might not actually work.

However, the Vetting Database – which is due to go live later this year – will take decisions on whether people are fit to work in millions of “regulated” positions on the basis of a scoring system, designed to “predict” likelihood to offend.

The introduction of predictive models into society appears to be carrying on apace, with very little public debate as to how desirable they are, or how the state should compensate citizens where mistakes occur. There is also a blurring of the lines between predicting a threat – in which case law enforcement officers can be asked to investigate – and simply predicting criminality and penalising an individual on the basis of something they have not yet done.

OE is interested in seeing less formal integration across Europe, and a return to more issues being resolved at the national level. Their investigation looked at funding provided under the Seventh Framework Programme (FP7). This can be accessed via the Cordis portal, and is a mechanism whereby funds controlled by the EU Commission are made available for research projects.

The existence of an FP7 project is not necessarily an indicator of EU policy in an area, but it is clear evidence of some interest in the approach being investigated.

Project INDECT launched on 1 January this year with a project budget of 14.86 million Euros. It is due to deliver the goods, including a 15-node pilot project, by the end of 2013. ®

Defects in e-Passports allow real-time tracking

Jan 27th, 2010 | By | Category: News

This threat brought to you by RFID

By Dan Goodin in San FranciscoThe Register

Computer scientists in Britain have uncovered weaknesses in electronic passports issued by the US, UK, and some 50 other countries that allow attackers to trace the movements of individuals as they enter or exit buildings.

The so-called traceability attack is not the only exploit of an e-passport that allows attackers to remotely track a given credential in real time without first knowing the cryptographic keys that protect it, the scientists from University of Birmingham said. What’s more, RFID, or radio-frequency identification, data in the passports can’t be turned off, making the threat persistent unless the holder shields the government-mandated identity document in a special pouch.

“A traceability attack does not lead to the compromise of all data on the tag, but it does pose a very real threat to the privacy of anyone that carries such a device,” the authors, Tom Chothia and Vitaliy Smirnov, wrote. “Assuming that the target carried their passport on them, an attacker could place a device in a doorway that would detect when the target entered or left a building.”

To exploit the weakness, attackers would need to observe the targeted passport as it interacted with an authorized RFID reader at a border crossing or other official location. They could then build a special device that detects the credential each time it comes into range. The scientists estimated the device could have a reach of about 20 inches.

“This would make it easy to eavesdrop on the required message from someone as they used their passport at, for instance, a customs post,” the authors wrote.

The attack works by recording the unique message sent between a particular passport and an official RFID reader and later replaying it within range of the special device. By measuring the time it takes the device to respond, attackers can determine whether the targeted passport is within range. In the case of e-passports from France, the process is even easier: electronic credentials from that country will return the error message “6A80: Incorrect parameters” if the targeted person is in range and “6300: no information given” if the person is not.

The research is only the latest to identify the risks of embedding RFID tags into passports and other identification documents. Last year, information-security expert Chris Paget demonstrated a low-cost mobile platform that surreptitiously sniffs the unique digital identifiers in US passport cards and next-generation drivers licenses. Among other things, civil liberties advocates have warned that those identifiers could be recorded at political demonstrations or other gatherings so police or private citizens could later determine whether a given individual attended.

To be sure, the practicality of traceability attacks is more limited because a targeted passport first must be observed within range of a legitimate reader. But once this hurdle is cleared – as would be relatively easy for unscrupulous government bureaucrats to do – the attack becomes a viable way to track a target.

Chothia and Smirnov of the University of Birmingham’s School of Computer Science said the security hole can be closed by standardizing error messages and “padding” response times in future e-passports. But that will do nothing to protect holders of more than 30 million passports from more than 50 countries who are vulnerable now, they said.

And that’s sure to fuel criticism of RFID-enabled identification.

“This is a great example of why e-passports are a bad idea,” Paget wrote in an email to The Register. “It’s simply too expensive to replace vulnerable documents (especially when they have a 10-year lifespan) in response to legitimate security concerns, regardless of their severity. People will continue to poke holes in e-passports; without a mechanism to fix those problems there’s a strong argument that’s we’re better off without the RFID.”

Airport face scanners ‘cannot tell the difference between Osama bin Laden and Winona Ryder’

Jan 16th, 2010 | By | Category: News

By Duncan Gardham, Security Correspondent

Osama bin Laden and Winona Ryder: airport face scanners reportedly cannot tell the difference Photo: GETTY; EPA

Osama bin Laden and Winona Ryder: airport face scanners reportedly cannot tell the difference Photo: GETTY; EPA

In a leaked memo, an official says the machines have been recalibrated to an “unacceptable” level meaning travellers whose faces are shown to have only a 30% (Thirty per cent) likeness to their passport photographs can pass through.

The machines, undergoing trials at Manchester airport, have apparently been questioning so many passengers’ identities that they were creating huge queues.

The technology was designed to help immigration officials spot people traveling under false passports, particularly terrorists, but the multi-million pound scheme now appears to be in jeopardy.

In the email, the official says: “Update on the calibration – the facial recognition booths are letting passengers through at 30%.

“Changes appear to have been made without any explanation [or] giving anyone a reason for the machines [creating] what is in effect a 70% error rate.

“[The fact that] the machines do not operate at 100% is unacceptable. In addition it would be interesting to know why the acceptance level has been allowed to decrease.”

Rob Jenkins, an expert in facial recognition at Glasgow University’s psychology department, said lowering the match level to 30 per cent would make the system almost worthless.

Using facial recognition software from Sydney airport in Australia set at 30 per cent, he found the machines could not tell the difference between Osama bin Laden and the actors Kevin Spacey or even the actress Winona Ryder while Gordon Brown was indistinguishable from Mel Gibson.

Announcing a trial of five of the devices at Manchester airport last August, Jacqui Smith, the Home Secretary, said they would improve security by making it more difficult for terrorists using false passports.

At the moment the technology is only being used on British and European travelers on “high risk” flights but it is planned to extend the technology to almost all non-European Union citizens by the end of 2010.

Patrick Mercer, chairman of the House of Commons subcommittee on counter-terrorism, said he would be asking the UK Borders agency about the warnings.

The Home Office said: “We can categorically confirm that the gates are making the same high level of checks on the British and European passengers using them as they were when the trials began in August last year.

“Previous tests show that they system can reliably pick out imposters and even distinguish between identical twins. An immigration officer supervises the whole process and will intervene where necessary.”