Posts Tagged ‘ e-passports ’

Big Brother: National Biometrics in Israel

Dec 30th, 2009 | By | Category: News

The Knesset has passed Israel’s Biometric Database Law, expected to provide the statutory basis for introduction of ‘smart’ identification documents for all Israelis.

Interior Ministry officials will be authorized to collect the Biometric data – fingerprints and facial contours – of all residents for the purpose of issuing identity cards, passports or other official documents.

As with similar identity regimes in Australia and elsewhere (eg the latest generation of Australian passports), those documents will feature a microprocessor (ie a chip similar to those used in some credit cards and perimeter access cards) that will contain data based on the individual’s fingerprints (two fingers) and facial geometry, eg a unique hash generated from an image of the person’s face rather than the image itself. Biometric and other information on the databases will be matched with registration information on national databases. That would permit an official to determine, for example, that the photo on an identity document corresponds to the bearer’s face but that the individual is using another name and therefore is engaging in an identity offence.

As yet I haven’t sighted the legislation. From media reports it appears that the government has mollified some critics through a statutory commitment to establish two discrete databases: one including the card-bearer’s name and the other featuring data from the individual’s fingerprints and the face. The databases will be established and maintained in two separate ministries and “will be linked by a code”. There seem to be no official statements about sharing data with the private sector.

The ‘splitting’ of initial plans for a central database was an addition to the draft legislation in November, promoted as a safety measure -

so that anyone managing to penetrate one data bank would have only part of the information and it would be meaningless without the information from the other data bank.

The Chair of the Knesset Science & Technology Committee claimed -

The protection provided for this data bank is among the best in the world. It is protected at a level of 11 on a scale of one to 10

… which sounds impressive but is arguably meaningless. (What’s an ’11′ when the scale ends at ’10′? The Bill’s sponsor subsequently explained that “if the databases of the Mossad, the Shin Bet and the Prime Minister’s Office are currently protected at a level of 10, then this one will be protected at a level of 11″.)

Debate about development of the new regime featured the usual claims. A government spokesperson claimed that “there are 350,000 people living in Israel with fraudulent documents including tens of thousands with forged passports” and that forgery of the ‘smart’ documents will be impossible.

One former police executive offered an exceptionalist argument, commenting that -

in a normal state that does not face the enemies we face, there is no need for such a system. But here we are in an intolerable situation, facing internal and external enemies. The ease with which current Israeli documents can be forged is an enormous problem.

[Identity documents] are so easily faked. For us, this is an existential issue. There are thousands of people walking around with fake IDs or with no IDs whatsoever. Some are criminals, and others are hostile elements. You would not believe how many suspects we have found who changed their identities to hide previous convictions. Many identities have also been stolen.

He noted that the danger of official misuse of information is present with existing databases.

Critics expressed concern that information will be leaked or misused, eg “Criminals could steal fingerprint information and use it to incriminate innocent people”. Likud Minister Michael Eitan indicated that -

Not only will the system threaten the privacy of all Israelis, but even worse, it will create an atmosphere in which everyone will feel their privacy is being invaded….

Eitan was not however planning to vote against the law. (???!!!)

Implementation of the law involves a two year trial period, during which participation in the biometric database/s will be voluntary. Three months prior to the end of trial, the government will formally re-assess the regime’s effectiveness, with the Prime Minister and Interior minister reporting to a special ministerial committee and to a Knesset committee. If the trial is deemed successful, Interior Ministry officials will be mandated to collect the biometric information without consent. The legislation allows some wriggle room: the Interior Minister will be empowered to extend the trial by an additional two years after provision of the reports, with a requirement that a ‘final decision’ must be made within four years after initiation of the databases.

Posted by Bruce Arnold at 2:03 PM

Letter: By December 31, 2009 – Citizens will not be able to use their driver’s licenses as identification to board commercial aircraft

Dec 14th, 2009 | By | Category: Evidence


Executive Committee Home

November 18, 2009

The Honorable Nancy Pelosi
U.S. House of Representatives
Washington, DC  20515

The Honorable Harry Reid
Majority Leader
United States Senate
Washington, DC  20510

The Honorable John Boehner
Minority Leader
U.S. House of Representatives
Washington, DC  20515

The Honorable Mitch McConnell
Minority Leader
United States Senate
Washington, DC  20510

Dear Speaker Pelosi, Senator Reid, Senator McConnell, and Representative Boehner:

By December 31, 2009, states must be materially compliant with the REAL ID Act of 2005 (REAL ID) or their citizens will not be able to use their driver’s licenses as identification to board commercial aircraft.  Based on a survey of our states, we believe that as many as 36 states will not meet the requirements of REAL ID by the end of the year.  To avoid this disruption to our citizens, especially during the holiday travel period, Congress must pass S. 1261, the “Providing for Additional Security in States’ Identification Act” (PASS ID), this year.

Since REAL ID was enacted, states have maintained that its timelines and requirements are unrealistic and constitute a huge unfunded mandate with costs far outpacing federal funding.  For these reasons, and as a result of privacy concerns, 13 states have enacted legislation prohibiting full compliance with the requirements of REAL ID, and several others have passed anti-REAL ID resolutions or have similar legislation pending. Without state participation, REAL ID falls far short of its promises, and the uncertainty of its future leaves us less secure.

PASS ID offers better, more secure and less costly standards for driver’s licenses than REAL ID.  It would alter REAL ID to allow state innovation in meeting security requirements and reduce costs by eliminating unnecessary requirements that do not increase the security and integrity of driver’s licenses and identification cards.  It also addresses privacy concerns by protecting individuals’ personal information and takes the first step toward covering the cost of compliance by authorizing funds for all states to implement the law.

The Senate Homeland Security and Governmental Affairs Committee unanimously approved S. 1261 in July.  The bill enjoys bipartisan support and the endorsement of the Secretary of the U.S. Department of Homeland Security as a practical solution that builds on the strengths of REAL ID, fixes its weaknesses and represents the best way to fulfill an important recommendation of the 9/11 Commission.

Our citizens should not be punished for the failures of REAL ID.  We therefore ask that you work with us to pass S. 1261 before the end of the year.


Governor James H. Douglas

Governor Joe Manchin III

Black Day for Democracy: Knesset Approves ‘Biometric Law’

Dec 9th, 2009 | By | Category: News

ISRAEL at Risk of Not Being a Democracy Anymore: Knesset Approves INVASIVE ‘Biometric Law’

Anyone who follows the news has no doubt come across the claim that “Israel is the only democracy in the Middle East.” Usually, this claim is followed by its logical inference: “As an island of freedom located in a region controlled by military dictators, feudal kings and religious leaders” - Not any more – Israel democracy is now controlled by superficial politicians…

Black Day for Democracy

By Gil Ronen and Nissan Ratzlav-Katz

( The Knesset plenum approved Monday evening the ‘Biometric Law’ in the final readings. Forty Knesset members voted in favor of the law, 11 against and three abstained. The purpose of the law is the creation of a biometric database that would hold the fingerprints and facial photos of all of the country’s citizens. The data would be stored in the Interior Ministry computers.

MK Nitzan Horowitz (Meretz), who led the opposition to the law, said after its approval that the vote was “a serious mistake which causes grave harm to freedom of the individual in Israel.”

“I hope that we do not pay too heavy a price for it,” Horowitz said. “In any case, it has been proven that an unrelenting public struggle by idealists can have influence and make a difference. The proof is that the law in its final wording is completely different from the original version.”

During the Knesset debate about the law, MK Horowitz stood at the podium and held up printouts of information from the Ministry of Interior’s database which contained information about Knesset members and which reached the Internet. He said that he would not show the contents so as not to invade the MKs’ privacy. “The leaked data which reached my hands prove how easy it is to break into government databases,” he said. “I hope that this will not be the fate of the biometric database.”

MK Dov Henin (Hadash) said that despite the government’s statements that it would not force Israeli citizens to join the database, “in fact, whoever does not do so would be punished – he will not be able to leave the country’s borders, since he would not receive a passport at the level required in developed countries.” The database is not truly a voluntary one, he said.

Faked fingerprints
On the same day that the Knesset approved the law, there news from Tokyo that appeared to show that this system, too, was not foolproof. Police in the Japanese capital said that they arrested a 27-year-old Chinese woman suspected of illegally entering the country after surgically altering her fingerprints to deceive a biometric recognition system operated by immigration officials.

Private Eyes Are Watching You

Oct 18th, 2009 | By | Category: Articles

United Kingdom is Leading Pack in Face Recognition; Is U.S. Next?


A 17-year-old walks into a liquor store, carries a 12-pack of beer up to the counter and hands the clerk a flawless fake ID. Unbeknown to him, the clerk need not even glance at the ID before turning him down. His face gave him away. A facial recognition system placed behind the store counter analyzes the teen’s 17-year-old features and informs the clerk of his illegal age. It’s just one of a litany of uses for the fast-evolving surveillance technology, a field that has security experts salivating and privacy advocates bracing for a battle.

biometric recognition

(Getty / ABC News)

Computers that can pick out fugitives in a crowd, video cameras that scold people for littering, eyes in the sky that detect crimes as they’re being committed. While these scenarios may sound straight out of George Orwell’s “1984,” they are becoming reality and could be headed for your corner store sooner than you think.

Although still being researched across the globe, facial recognition technology has already taking hold, particularly in Great Britain.

Last week, Budgens, a U.K. grocery story chain, announced that it would use facial recognition technology to prevent its clerks from selling alcohol and cigarettes to underage customers. The photos of customers who were refused previously will be stored in a database, and then if the offenders come in to buy similar products again, the clerk will be alerted.

Similarly, the British government plans to roll out a facial recognition pilot program in London airports this summer. People who hold biometric U.K. and EU passports can pass through unmanned gates. At the gate, their faces will be scanned to match them to their passport records.

Though the technology has been around for years and the British are embracing it and moving forward, technology experts say facial recognition — and the cameras needed to support it — wouldn’t fly with privacy-obsessed Americans, at least not yet.

“[Facial recognition] really has picked up steam in the last 10 years,” said Vijayakumar Bhagavatula, who teaches electrical and computer engineering at Carnegie Mellon. “The principle has been around for 25 years, but it started getting put into commercial systems five to 10 years ago.”

Bhagavatula describes the technology simply.

“Let’s say a digital camera is taking a picture of someone’s face. So now it gets represented in computers as a bunch of numbers,” he said. “Humans have no problem [saying] that’s someone I know. The computer has to look at those numbers and say, ‘Are these the same set of numbers corresponding to a person I took a photo of a year ago?’”

It’s a complex process, and it is not flawless. For computers, those numbers representing human features can change based on the person’s expression, lighting and overall quality of the image, according to Bhagavatula.

To combat this, researchers are constantly looking for new algorithms to analyze facial features. Currently, many researchers are looking at features that don’t change, such as the distance between the eyes, the angle made by the tip of the nose or the length of an eyebrow, he said.

“Many methods try to capture these kinds of things that are unique to people’s faces,” he said. “You hope that these numbers stay the same when a person smiles or frowns.”

The U.S. Privacy Police

The kind of monitoring that would enable facial recognition to work well has not caught on in the United States, at least not yet, according to Paul Saffo, a technology forecaster in Silicon Valley.

“The English have always had a slightly different attitude toward privacy,” Saffo said. “They’ve never had a strong a privacy culture as America has had. The English do not have a constitution. Their protections are in common law. It is easier for the government to overstep notions of privacy than it would be here, because you have people invoking the Bill of Rights.”

But Saffo believes that given the right crisis, the United States would eventually accept the technology.

“Do not underestimate the psychic shock of the London subway bombings,” he said. “We bleat and cry about privacy, but we happily surrender our privacy for the cheapest of coin.”

So far, most legislative pushes for video monitoring by city governments have been thwarted.

This week in Washington, D.C., a bill pushed by the city’s mayor calling for nearly $1 million in funding for citywide public cameras was voted down by the city council.

“People sometimes talk about video surveillance systems as moving forward inexorably in the United States, but we’ve seen quite a few successful protests,” said Mark Rotenberg, the director of the Electronic Privacy Information Center. “I think there are a lot of questions that need to be asked about video surveillance. The most obvious one is: what is the purpose?”

“[Britains] have embraced a really extraordinary amount of monitoring by the government that I don’t think the U.S. would accept,” he said.

Yeah, but Does It Work?

Some critics also take issue with the accuracy (or lack thereof) of facial recognition technology.

In perfect conditions, facial recognition can be fairly effective, according to experts, but in less than perfect conditions it can be wildly inaccurate. For example, it is difficult for a computer to identify a person who is walking on a city street or in an airport where his face might be blurred, obscured or shadowed.

“We have gotten a long way from where we were 10 years ago,” says Carnegie Mellon’s Bhagavatula. “But good algorithms have an 80 percent accept rate. It’s pretty good, but not perfect.”

Rob Jenkins, a psychology professor at the University of Glasgow in Scotland, may have found at least one way around the technology’s inaccuracies. Jenkins and his colleague Mike Burton published a study in the journal Science in January that outlined a method to get 100 percent accuracy from computers by using what the researchers called an “averaged” face image, made up of 20 photos.

“The great thing about this averaging process is it just washes out all these differences of single photographs. The lighting and the pose all kind of becomes neutralized,” Jenkins told in January. “And what you’re just left with is the core of the face. The aspects of the image are consistent from one photo to the next.”

Since that study, police, governments and companies have shown interest in his research, Jenkins said. And although he is interested more in how the mind recognizes faces than how the technology is used, as a citizen, he finds the ubiquity of CCTV troubling.

“New technologies that are being unveiled as being the solution to problems — often they’re just a better key to locking and unlocking something, but that doesn’t mean that you shouldn’t think about what’s behind the door,” he said. “Because if you put all this trust in a new technology, … you can find yourself in quite a hairy situation.”

Jenkins points out that sometimes even humans can’t recognize familiar faces.

“The human brain is the most sophisticated computer we know of,” he said. “Engineers are setting themselves [up] with a very difficult problem by demanding accurate performance. Even humans can’t do this reliably and should give us pause. … Is the goal a realistic goal? Are we ever going to build a machine that can do that? And maybe we will, but I think it’s a question that’s worth asking.”

Unique ID for Indians – Boon or Bane?

Oct 7th, 2009 | By | Category: News

INDIA NEWS – Wall Street Journal – USA

[Editor's note: The Business Case Faceoff is a feature exclusive to in collaboration with students at the Indian School of Business in Hyderabad. It is designed to delve into the most important business and economic issues facing the country and to assess them through the lens of an MBA case study. We welcome your comments and suggestions – please register for free and use the Comment tab.]

THIS WEEK: Debate on whether India’s Unique Identity card project will provide a basis for a positive and accurate identification of its citizens or infringe their privacy and human rights.

INTRODUCTION: Nandan Nilekani was recently handpicked by Prime Minister Manmohan Singh to head the newly created Unique Identification Authority of India. No one doubts the immense potential of the project nor does one doubt the impeccable credentials of the man chosen to lead it. But given the powerful nexus of entrenched politicians and bureaucrats who stand to lose their power and influence, will this project really see the light of the day? Mr. Nilekani’s bold endeavor may mark the beginning of a new era where distinguished private citizens take on challenges of national importance or he may end up becoming a disillusioned man. We look at the underlying dynamics that may make or mar this project. Is this the right project at the right time in the history of our nation or should we scale back our ambitions to focus more on what is achievable rather than merely aspirational?

Krishna Chilukuri: UIAI and India’s First Steps Towards e-Governance

India has finally taken on a bold challenge to create a unique identification for all Indians and appointed IT business leader and visionary, Nandan Nilekani to head the task. This is a big vision project through which government services can be provided, tracked and accounted for along with enabling a multitude of private sector products and services that rely on accurate and positive identification of consumers.

Krishna Chilukuri

In order to enable the next phase of growth, India has to tackle domestic issues of corruption, inefficiencies, lack of strong enforcement of the rule of law and internal security. There is a strong correlation between countries that are on the top of the United Nations e-Government Readiness Index with their success in lowering corruption and having a high quality of life as measured by the Human Development Index. Most e-Government implementations rely on positive and accurate identification of their citizens and the interconnection of databases and information across government bodies and services. The unique identification program is the first step towards creating the infrastructure for e-Government services in India. The goal should be no less than aiming to be in the top 10 countries on the UN e-Government readiness index which will have a positive effect on not only the economy but also on human development in India.

The core task for the Unique Identification Authority of India is to assign a unique identification number to each resident in the country and to eliminate the need for multiple identification mechanisms. This unique number will be the basis for a positive and accurate identification of citizens on which e-Governance platforms and services can be built around. One such project is the Citizens Smart Card Project, which will enable citizens to avail subsidies on food, energy, education, etc. depending on their entitlements, according to the 11th report of the Second Administrative Reforms Commission.

e-Governance also has the potential to tackle corruption which is at the root of the problems that currently are a drag on our economic growth. Our government departments work in isolation, each having its own database with no linkage to other government databases. These databases are usually not in good shape with problems of data entry, duplicate entries, dead entries, and more which make data reconciliation difficult. Most recently India was ranked 74th in the International Corruption Index and international companies often cite corruption and government inefficiency as reasons for not investing in India. It is imperative for India to tackle this issue and e-Governance built on unique identification is the right strategy for India.

A project of such magnitude is inherently challenging and difficult to implement. It will require tremendous resources and effort and success is not always guaranteed. There are many challenges to overcome in its implementation, specifically issues related to privacy, misuse of data, excessive government oversight and possibility for discrimination and bias. The sensitive nature of some of these challenges call for impartial leaders and managers who are not politically motivated or biased and who have high integrity and public trust. The current government of India could not have chosen a more appropriate leader than Nandan Nilekani to lead this project.

Nandan Nilekani has proven himself in the corporate sector, building one of the most admired companies in India and earned public appreciation with his book “Imagining India – Ideas for the new century.” He is a Padma Bhushan award winner and was named among the ‘World’s most respected business leaders’ in 2002 and 2003, according to a global survey by Financial Times and PricewaterhouseCoopers. Nandan Nilekani has both the passion and dedication for India’s future as well as the technical expertise and managerial skills to tackle a problem of such magnitude and is the right person to lead this effort.

As Mr. Nilekani has said in an interview with Knowledge@Whatron, “The other important thing, I felt, was that India had a very small window of opportunity. It has this huge demographic dividend and this young population, but that demographic dividend could well become a demographic disaster if we did not make the right investments in our human capital.”

The time has never been more critical for India to break out of its shackles and strive towards a better future for all its citizens. The unique identification project is only the first step in the right direction – we need many more.

Vignesh Nandakumar: Unique ID Scheme – More Politics Than IT

One of the UPA government’s biggest announcements after a landmark electoral victory was that of appointing Nandan Nilekani as the head of the Unique Identification Authority of India. The Unique ID opens up enormous possibilities for India at this stage of its growth. However, the real challenges of implementing such a project in India need to be addressed credibly so that this project fulfills its objectives.

Vignesh Nandakumar

The project plans to use state-of-the-art biometric and Information Technology on a phenomenal scale, and will have its share of technological challenges. However, the project itself is less about technology, and more about the politics and processes of providing every Indian with a Unique ID.

The biggest stumbling block to national IDs in many advanced countries has been the violation of privacy rights guaranteed under their respective constitutions. Two of the largest populated countries in the EU, Germany and Hungary, have not implemented one for these reasons. The USA Patriot Act, enacted by the U.S. Congress, to vastly increase powers of surveillance and implement a biometric identification system, faced enormous opposition and has since been scaled back. Biometric identification systems have been rejected in advanced countries due to concerns over efficacy in enhancing security and high implementation costs. The Unique ID scheme could potentially lead to large scale abuse in a country like India in the absence of effective legislation providing adequate safeguards to prevent misuse.

Though originally mooted to address our security needs, the scope of the ID has been expanded to aid delivery of social sector schemes to deserving citizens. This complicates the implementation because it combines both authentication and identification with the same ID.

There are systemic challenges germane to India. The legislative and delivery control over social sectors is divided between the states and the center, making the ID effective only through agreement from all the state governments. The citizen service centers at the district level have to be equipped with technical and manpower capability to use the ID while administering services such as birth and death registrations, land records and employment insurance. This is a Herculean task considering the level of granularity that needs to be achieved. The lack of stable 24 hour power supply across the country will hinder access to the central databases for authentication. It is unclear if these systemic issues have been addressed, failing which the ID scheme will be ineffective.

Aligned to the issue of privacy is the issue of saliency that arises when certain aspects of a person’s identity are publicly highlighted. Identifiers such as caste, religion and place of birth will be required for social sector schemes. Numerous social studies show that knowledge of these identifiers adversely impacts delivery of services such as education and health care to disadvantaged citizens, defeating the very purpose of the ID. These contradictions, which is unique to India, have to be reconciled to prevent selection bias.

However, these challenges do not take away the high impact of this idea, if well executed. With a person of Mr. Nilekani’s capability and stature heading this project, one expects some of these issues to be already tabled for action. While his appointment is a welcome step, the current organizational structure of the UIDAI, headed by Cabinet Minister rank Chairman, reporting to the Vice-Chairman of the Planning Commission, also of Cabinet rank is politically unsustainable. The country also lacks a legal framework permitting the involvement of a person from neither the political spectrum nor the administrative services in what is essentially a political scheme. Continuity of this structure beyond Mr. Nilekani’s involvement could be a problem. The government of India should enact clear processes for capable private citizens to hold office, perhaps through the amendment of the IAS system, so that the government and the country can benefit from these talented leaders.

The Unique ID is a critical piece of information infrastructure that India needs to boost its growth. However, the above issues need to be addressed satisfactorily to ensure it doesn’t create more problems than it solves. The central and state governments must enact legislation for adequate safeguards and operating processes for sharing of the databases amongst states, before the Unique IDs are issued. Failing this, there will be few users and takers for the scheme.


Krishna K Chilukuri is currently pursuing the post graduate program in management at ISB. He has over 15 years of work experience in the corporate world encompassing stints around the world and in many different roles. Mr. Krishna’s interests include Strategic thinking, marketing 2.0 as well as game theory and its practical applications in decision making.

Vignesh Nandakumar is currently pursuing the post graduate program in management at ISB. He has over eight years of experience in the high-tech industry in various parts of the world. He is passionate about the prospects universal education and renewable energy offer for empowering growth in India. He holds a keen interest in the role of technology in public policy and governance.

The opinions expressed in this article are entirely the personal opinions of the students which were formed on the basis of an interpretation of facts and data available in the public domain. The ISB, as an institution, does not subscribe to these views in whole or in part.

Related Stories:

FBI migrating from IAFIS to a multi-modal NGI biometrics database system will hold DNA records

Oct 1st, 2009 | By | Category: News

Posted by IreneLoss of Privacy

October  1, 2009

An expansion is currently underway that will develop the FBI’s current fingerprint collection database into a new biometrics system that includes DNA, facial recognition, palm prints and voice scans.

The plan is to share this data with authorized U.S. and international investigative partners, as the agency does today.

The FBI’s current IAFIS database remains a workhorse; it processes about 200,000 daily transactions from its 370 million 10-fingerprint records, and it just crossed the 250 million transaction mark

The next-generation FBI database system is under design by Lockheed Martin, with MorphoTrak and others, and is expected to include DNA, iris scans, advanced 3-D facial imaging and voice scans among its multi-modal biometrics. Lower turnaround times for delivering information over wide-area networks are planned. The goal is to drop from a roughly two-hour response time for IAFIS urgent requests to less than 10 minutes.

The FBI is already moving into new areas, including setting up a palm-print repository and searchable databases for scars, marks and tattoos that it will be collecting.

The FBI, under the DNA Fingerprint Act of 2005, is now allowed to collect reference-sample DNA material for biometrics analysis purposes at the time of booking, Grever said. “DNA has become a powerful and timely tool,” said Grever, adding there are no “privacy or civil liberties issues beyond those associated with fingerprints.”

Given that DNA can be fabricated, how accurate is this new biometric database going to be?  Given that they’re tracking everything else about you, it won’t be long before whatever makes you “you” is in a database somewhere.

FBI building system that blows away fingerprinting

Sep 25th, 2009 | By | Category: News

Multi-modal biometrics targeted for new system

By Ellen Messmer Framingham – Computerworld | Thursday, 24 September, 2009

The Federal Bureau of Investigation is expanding beyond its traditional fingerprint-focused collection practices to develop a newbiometrics system that will include DNA records, 3-D facial imaging, palm prints and voice scans, blended to create what’s known as “multi-modal biometrics”.
“The FBI today is announcing a rapid DNA initiative,” said Louis Grever, executive assistant director of the FBI’s science and technology branch, during his keynote presentation at the Biometric Consortium Conference in Tampa.

The FBI plans to begin migrating from its IAFIS database, established in the mid-1990s to hold its vast fingerprint data, to a next-generation system that’s expected to be in prototype early next year. This multi-modal NGI biometrics database system will hold DNA records and more.

Grever said that fingerprints and DNA appear to be the most mature and searchable biometrics possibilities, but the FBI is working to include iris-scan records among newer biometrics technologies to identify criminals and terrorists. The plan is to share this data with authorised US and international investigative partners, as the agency does today.

The FBI’s current IAFIS database remains a workhouse; it processes about 200,000 daily transactions from its 370 million 10-fingerprint records, and it just crossed the 250 million transaction mark.

The next-generation FBI database system is under design by MorphoTrak and is expected to include DNA, iris scans, advanced 3-D facial imaging and voice scans among its multi-modal biometrics. Lower turnaround times for delivering information over wide-area networks are planned. The goal is to drop from a roughly two-hour response time for IAFIS urgent requests to less than 10 minutes.

But FBI officials acknowledged there’s still a lot of research and development that needs to be done to reach its NGI goals. One goal is to develop a rapid DNA analysis method that would provide DNA analysis in less than an hour, as opposed to several hours or even days. The FBI is cosponsoring research with the Department of Defense, which has a similar goal.

Kevin Reid, section chief for the biometrics service section at the FBI, said the FBI also wants to establish a service-oriented architecture for NGI, but it’s not clear when this would be in place to provide services related to biometrics information-sharing.

The FBI is already moving into new areas, including setting up apalm-print repository and searchable databases for scars, marks and tattoos that it will be collecting.

The FBI, under the DNA Fingerprint Act of 2005, is now allowed to collect reference-sample DNA material for biometrics analysis purposes at the time of booking, Grever said. “DNA has become a powerful and timely tool,” said Grever, adding there are no “privacy or civil liberties issues beyond those associated with fingerprints.”

Concern over govt plans for biometric data

Sep 22nd, 2009 | By | Category: News

Published: 6:44PM Monday September 21, 2009
Source: ONE News

New technology designed to prevent identity fraud is sparking “big brother”-like concerns.
Legislation being debated in parliament will allow Immigration New Zealand to use biometric checking to stop those who are not who they claim they are from crossing borders illegally.
But there are fears these new powers will be extended to other arms of the state.

ONE NewsAn example of biometric testing

ONE NewsAn example of biometric testing

The shape of your face, the width of your nose, iris patterns, fingerprints, the way you walk, even the way you type are unique characteristics.
It is information governments around the world are keen to collect, says Michael Bott from the Council for Civil Liberties.
“The more information the state has about you, the more they can track your movements and control you. Knowledge is power,” he says.
From the end of 2009, New Zealanders and Australians with electronic passports will have the option of using SmartGate to get through customs quickly. Your image is checked against the biometric identity data chip in your e-passport.
“This technology will actually pinpoint multiple points on cheekbones, nose and eye and if the distance is fractionally out it will go ‘this is not the person’,” says Customs Minister Maurice Williamson.
Under new immigration legislation making its way through parliament on Tuesday, anyone arriving in New Zealand will be required to provide biometric data.
Immigration New Zealand says biometrics could have prevented a man allegedly linked to the September 11 attackers from crossing the border. He spent four months in New Zealand before being deported.
“We, along with every other country, have been the victim of identity fraud and identity crime,” says Immigration Identity Programme Manager Aaron Baker .
ONE News has been told New Zealand has joined Canada, Britain, Australia and the United States to work more closely on managing entry visas.
Three of those countries have agreed to share biometric information. New Zealand has not yet, but is likely to do so.
Privacy concerns
A report obtained by ONE News has highlighted some of the potential threats to privacy if biometric information is shared too widely.
The new legislation allows immigration to share data with other departments if a migrant or visitor applies for a taxpayer funded service like hospital treatment.
Privacy Commissioner Marie Schroff would like to see more details around how there will be protections around that information.
There are also concerns a law that allows one government agency to collect biometric data will allow others to follow.
Overseas, the technology is already used to check the identities of drivers, prison visitors and welfare beneficiaries.
Biometric technology is becoming more sophisticated. However, there are genuine fears that the rights of citizens to privacy will be left behind as technology advances.

1.2bn population of India to be given biometric ID cards

Sep 17th, 2009 | By | Category: Featured Posts, News

Randeep Ramesh in Delhi, Wednesday 16 September 2009 20.33 BST
In India, Big Brother just wants to help. The country’s 1.2 billion citizens are to be issued with a biometric identity card in an attempt to improve the delivery of India’s inefficient public services – a move civil liberties’ activists are condemning as the act of a “surveillance society”.

This month, the country began the ambitious scheme of issuing everyone with a unique identity number. Within the first five years of the scheme, giant computer servers will hold the personal details of at least 600 million people. The introduction of what will be one of the world’s most ambitious IT projects will cost an estimated £1.5bn.

The scheme is the brainchild of Nandan Nilekani, one of India’s best-known software tycoons and now head of the government’s Unique Identification Authority. “We are going to have to build something on the scale of Google but it will change the country … every person for first time [will] be able to prove who he or she was.”

The country’s red tape is legendary: Indians have dozens of types of identity verification, ranging from electoral rolls to ration cards, yet almost none can be used universally. The new system will be a national proof of identity, effective for everything, from welfare benefits to updating land records.

Nilekani said the scheme would help the poor especially. Moving from one state to another – a regular occurrence for poor villagers in search of work – often meant benefits were withdrawn because proof of residence was lacking. “This will mean maids and labourers … a hundred or two hundred million people – will be able to access welfare benefits for the first time without any questioning who they are.”

Eventually, cards will hold the person’s name, age, and birth date, as well as fingerprint or iris scans, though no caste or religious identification. “We are not profiling a billion people. This will provide an ID database which government can access online. There will be checks and balances to protect identities,” said Nilekani, who has also been in talks to create a personalised carbon account so that all Indians might buy “green technologies” using a government subsidy.

Doubts have been raised over privacy and the complex security needed to police such the system, as well as concerns that the project is just too ambitious. “We could have a hacking Olympics,” said Guru Malladi, a partner at Ernst & Young.

Civil liberty campaigners fear the card could be a tool of repression.

Nandita Haskar, a human rights lawyer, said: “There’s already no accountability in regard to violations of human and civil rights. In this atmosphere what are the oversight mechanisms for this kind of surveillance?”

'There is no dispute that we are going into uncharted territories …but the benefits make it worth it'

Sep 15th, 2009 | By | Category: News
Business Standard / New Delhi September 14, 2009, 0:55 IST

There are concerns on technology, cost and privacy in the decision to allot a unique identification number to every Indian. In a talk with Karan Thapar on the CNN-IBN television channel’s Devil’s Advocate programme, NANDAN NILEKANI, who has agreed to head the newly-created Authority to plan and implement this project, concedes these are legitimate concerns. And, that these can be addressed and the project is worthwhile. Edited excerpts:

Eighty per cent of Indians have Election Commission identity cards, others have ration cards, some people have BPL cards, others have driving licences and passports, there are even PAN cards. Why on top of this do we need a unique identification number?

We need one single, non-duplicate way of identifying a person and we need a mechanism by which we can authenticate that online anywhere, because that can have huge benefits and impact on public services and also on making the poor more inclusive in what is happening in India today.

In addition to name, age, sex, date of birth and address, you actually have the biometrics which are unique to that individual?

Absolutely. It is a combination of, most probably, fingerprints and picture and a biometrics committee will finalise that, but finally that makes it unique. And we will make sure there are no duplicates.

The London School of Economics (LSE) did an analysis of a similar project being considered by the British government and this is their conclusion: “The technology envisioned for this scheme is, to a large extent, untested and unreliable. No scheme on this scale has been undertaken anywhere in the world. Smaller and less ambitious systems have encountered substantial technological and operational problems that are likely to be amplified in a largescale national system.” IIf that is true of Britain, it has to be true of India in spades.
There is no question that we are going into uncharted territories, the technological challenges are immense and one of the risks is the technology.

Not just uncharted territory, this could end up being a case of India’s ambition outstripping its ability. Even today, we can’t issue identity cards with a guarantee that the name is correct or the address isn’t misspelt. We could end by making a complete hash of biometric details.
There are risks but, given the enormous opportunity and developmental benefits it can give, it’s worth taking on so that we get the outcomes we want.

You accept the technology is not just uncharted but not actually fully known?
There is no other country where a billion peoples’ biometrics have been captured and stored in an online database. We don’t have to invent the technology; we have to scale up the existing technology to work at this scale.

The second problem inherent is cost. Once again, the LSE did an analysis of a similar project the British government was thinking of and that is a country one-twentieth the size of India. The LSE concluded the probable cost for Britain would be between 10 and 20 billion pounds. Frontline magazine believes the government in India has a guesstimate of somewhere around Rs 1.5 lakh crore. Is it worth it at that cost?
I don’t know what the exact figure is, but it is much less than that by a factor of 10.

If you don’t know the exact figure, how can you say it is lesser by a factor of 10?
The bulk part is certainly going to be lesser than that.

But it’s a guess?
An informed and educated guess.

So, we don’t know what the exact cost will be?
We don’t know, but I am very confident that whatever the cost, the social, economic and efficiency benefits would make it well worth it.

India is a poor country. This order of money could be better spent if you expand education, health and sanitation, or if you use it to feed the 40 per cent of Indian children who are chronically malnourished.
We don’t want to take away money from important social programmes. But, as we expand our social programmes, their efficiency depends on their reaching the right people and that there are no duplicates taking away the benefits. You need the infrastructure at the bottom to make that happen.

You can only target better those actually availing the benefits but not receiving these fully. Take BPL. The real problem is not leakage, but that there is a vast number who qualify and are not included in the BPL threshold at all. How will you be addressing the second problem?
Today, in a particular state, there may be more BPL cards than the population of the state, because there are multiple cards issued to an individual. With the UID, you will be able to actually trim that down to one card per individual and therefore we will actually know who is not getting this now.

But you can’t identify those who should have BPL cards and do not because they are outside the system, they have been ignored. Technology won’t improve that.
This (UID) is not a panacea for all the problems. This is an enabler which will allow more effective public delivery.

Which is why the order of money involved could be better spent in targeting education, sanitation and health, not to mention child malnutrition, because you would actually then get real benefits rather than what I am describing as notional benefits.
In a country where we are spending Rs 1,00,000-2,00,000 crore a year on different kinds of subsidies and social benefits, to make investment which is a part of that, one-time, to make those investments more efficient, is definitely well worth it.

Is it a one-time investment? Frontline magazine says the government’s estimate of Rs 1.5 lakh crore does not include recurring cost. And we don’t know by how much.
On the scale of money that we spend on public programmes and the ability of the project to deliver better public programmes, it will be well worth it.

I put it to you again, there are so many imponderables about technology, size and cost, that is it wise for a poor country like ours, where there are huge levels of poverty (the Arjun Sen Gupta Committee report says 80 per cent of India live under Rs 20 a day), to be spending this sort of money on this project?
The government has come to the conclusion that this project is strategic and worth it. I have been invited to lead this project. I believe it is viable and I will do my best to make it viable.

How can you ensure the database you are creating will be secure, that it won’t be misused and won’t result in an invasion of privacy?
A very legitimate concern. We are looking at how to make it secure. We are saying nobody can read this database. All they can do is verify the authenticity of an identity. You can ask a question like, is X, X? and the only answer we will give is yes or no. But there is no question that once the UID is implemented and becomes ubiquitous in many applications, then there are challenges of privacy. And, with this project, we have to put in other checks and balances, including laws.

Professor Ian Angle of the LSE, a world renowned authority on precisely the creation of such a database, says with relevance to England, and it will apply even more to India, that what you are going to end up with is the “Olympic games of hacking”. You are going to provide people the biggest challenge to hack through. No one believes in the perfectability of computers, so hackers will hack and succeed.
A legitimate concern and we will have to design it as good as possible. The important thing is — is the risk of hacking and privacy large enough not to do this project? And the view is that the project has so many significant benefits for the poor, in making it inclusive and in giving them a chance to participate in the country’s progress, that it is worth it and we have to mitigate those risks.

You are creating a system which, in the wrong hands, would be a powerful tool for either religious or caste profiling. How can you ensure unscrupulous politicians won’t misuse it?
We are not keeping any profiling attributes in our database. No details of people’s caste?
No. In which case, how can you say to me that you will better target benefits at BPL and other categories? If you don’t know someone is SC or ST, if you don’t know they are OBC, how can you ensure better targetting?
That is the responsibility of the applicant that provides those services.

So, then they will add in that feature into your detail?
That is outside our system. Our system has only basic attributes like the name, address, date of birth. You are creating a weapon which you may not misuse but others could?
Today, we have electronic databases in the country which potentially can be used the way you are suggesting. We are not doing something different from what already exists.

In the UK, the US and in Australia, because the authorities couldn’t respond to public concerns about misuse, they have effectively put on the backburner consideration of similar schemes. If developed countries cannot tackle misuse, how can India, where 35 per cent of the people are illiterate and 22 per cent live below the poverty line?
What these developed countries have put on hold is giving national ID cards to people. But both the US and UK, have a number. In the US, you have the social security number; in the UK, there is the national insurance number. They already have a numbering system, which is what we are going to propose.

Except that it is nowhere near as extensive or as complete in terms of the biometeric details as what you are proposing in India. The national insurance in Britain has been around and developing slowly but it doesn’t have any details that could lead to an invasion of privacy. It doesn’t have any details that can be misused for profiling. Yours could have both.
These are legitimate concerns and we have to address them. But the social benefit, the inclusivity, this project will provide for the 700 million people in this country who are outside the system is immense enough to justify doing this project.

How will you handle the inevitable problems of internal migration or illegal immigration? How will you ensure the wrong people aren’t captured in your system and given an identity and made Indian?
Having this number does not confer any rights, benefits or any entitlements. All it does is confirm that X is X.

There are 100 ways of doing that. Why are we spending close to Rs 1.5 lakh crore just to be able to claim X is X?
To have a system which uses a unique identifier like biometrics, having a system which ensures there are no duplicates and having a system that provides online authentication is, we believe, something that can have a lot of social benefits for the poor.

The LSE conclusion, when they reviewed a potential British concept along the lines of what you are doing in India, was: “The success of a national identity system depends on a sensitive cautious and cooperative approach involving all key stakeholders, including an independent and rolling assessment and regular review of management practices”, and the LSE concluded that did not exist in the UK. If it does not exist there, that environment certainly doesn’t exist in India.
We are trying to make sure all the checks and balances are there. We will have a very wide consultative process. We will involve everybody. We will make it public. All these are legitimate concerns and we have an obligation to meet these concerns

Governor Kaine's Reception at USA Ambassador Residence In Israel

Sep 12th, 2009 | By | Category: News

Governor Kaine and CTO Innovya Michael [Micha] Shafir

Governor Kaine and CTO Innovya Michael [Micha

Michael (Micha) Shafir the Founder & Inventor of Innovya
Traceless Biometric technology, is demonstrating to Governor
, how easy, stored information can be leaked out without
connection to any public network, and why it is so dangerous
to collect sensitive Biometric Information about innocent citizens.
Proving that there is no better security for sensitive data
than not collecting it in the first place.

SmartCards 2009 Expo debates on UID project

Sep 12th, 2009 | By | Category: News

12 Sep 2009, 1824 hrs IST, ET Bureau

NEW DELHI: In view of the National Unique ID project initiated by the government, and its bearing on the smartcards, RFID, biometrics, e-Security

sectors in India, SmartCards Expo 2009 has been organised in the capital from September 11-12.

The government may use biometric features like iris scan and hand geometry for recording secondary details for the National UID project, said officials at the SmartCard Expo 2009. Face readers which can scan even the face of a hijab clad woman, or a man wearing a beard from his or her original face, new smart cards, iris scanners and printing technology, were showcased at the event in this regard.

Technology majors like NXP, ST Microelectronics, Texas Instruments, Sagem, Base Systems, Bartronics, Lipi Data Systems Ltd, HiTi Digital, Infineon participated in the event. However the absence of any representative of the UIDAI (Unique ID Authority of India) was severely felt at the event, inspite of the importance of this Conference, which was fully devoted to the subject of UID.

Greg Pote, Chairman, Asia Pacific Smart Cards Association mentioned the in his view, various governments are still searching for what they can do with the national ID cards beyond ID. But most governments have a privacy commissioners and monitors, and they limit what the government can do with the details. He said that the registration number is the key driver for the card. That creates problems, with resistance from privacy bodies. His estimate is that smart cards in India are 5 years behind Europe.

Dr B K Gairola, Director General, National Informatics Centre touched upon the role of the government and the importance of the UID Project to India as a whole. He mentioned the it is like a 16 lane highway on which all applications could ride. He talked about the earlier experience of the MNIC – Multi Application National ID Project and also the importance of the creation, operation and maintenance of a Unique ID Database and the challenges associated with it.

Accenture’s Ravinder Pal Singh mentioned that Bluecasting might be a better alternative to start with because people have mobile phones, especially in villages in north India. Mobile phone is much more authentic and secure, according to him.

Biometrics involving fingerprints and other biometrics feature such as face recognition, DNA shape identification, etc were also extensively discussed.

Gemini Ramamurthy, Chairman of Cyber Society of India said that a set of 12 parameters has been issue by the UID, but the only parameter that cannot be duplicated is the biometric one. While it is important to achieve uniqueness in identification of persons, it is equally or more important to be able to establish secure identification. This means the identification of a person has to protected against misuse.
The challenges to the ID project are many. Mere possession of a unique identification number belongs to that person. It has to be established beyond doubt that the particular unique identification number belongs to the particular person and no one else. In other words, there should be a secure way to ensure that no other person can carry that identification number.

And then, if these security features have to be matched with the database contents of a particular individual, it requires a very efficient and robust facility of data base storage and retrieval with a highly reliable remote connectivity.

A more plausible is to provide a smart card, which will carry the unique identification number and the various additional security features that can be checked to further establish the uniqueness of identification of the individual. Many countries have already implemented smart card based identification programmers emphasizing the unparallel security provided by smart cards.

The government is thus considering splitting the UID database into two sets of paramters – the primary database will be accessible on the Internet and used for access purposes and verification, while the secondly database is likely to be kept offline, and in multiple formats, and be used only if the primary data is in dispute. Secondary data could have multiple biometric features including Iris scan, hand geometry, and additional data including names of grandparents and great grandparents, because the hacker may not be aware of these things, Mr Ramamurthy added. Since the UID data is in digital form, it may be useful to include an email ID as an additional data parameter.

“The appropriate audit trail, and what was the value of the data before and after the access needs to be stored, as well as the mode of access to that data. These should be available for judicial scrutiny, and certified for integrity. Companies from countries suspected of cyberwarfare against India should be avoided in case of this project.” Mr Ramamurthy said adding that a pilot project for the UID is being planned in Bangalore.

An eminent panel of experts debated with a sizable audience about the UID andtechnologies of relevance to India. The Panel was chaired by Pradeep Kumar, Vice President, Asia Pacific, STMicroelectronics. Panelists were from Sagem Securite, WYSE Biometrics, UNISYS, Bartronics, NXP Semiconductors, Barnes International, and ASK France.

Prof. Peter Heinzmann warns e-passports are open to abuse

Sep 8th, 2009 | By | Category: Evidence, News

swissinfo-interview: Urs Geiser

Plans for a new passport have sparked debate over the inclusion of an electronic chip containing biometric details, and the creation of a central fingerprint database.

Prof. Peter Heinzmann

Prof. Peter Heinzmann

Peter Heinzmann, a professor of internet technologies and applications at Rapperswil Technical College outside Zurich, tells swissinfo of the risks posed by the project.

Supporters, including the government and a majority in parliament, argue a European single border treaty, known as the Schengen accord, obliges Switzerland to introduce biometric passports by March next year.

However, a central fingerprint register is not a requirement for participation in the Schengen agreement.

The government says the new travel document will ensure travel freedom and allow visa-free entry into the United States.

But opponents argue that data protection is at stake.

Voters have the final say on the introduction of the new passports on May 17.

swissinfo: What are the specific features of a central database storing fingerprints?

Peter Heinzmann: A central register with passport information, including fingerprints, has advantages for data administration. It facilitates the identification procedure when replacing missing passports.

But such a record could be used in investigations and it could be an attractive target for hackers and criminals.

Third parties might also want to use the data for their own means. Access to personal details could appeal to credit card companies or airport shops for instance.

swissinfo: Why is a fingerprint register more risky than a database with photos and other personal information?

P.H.: Fingerprints are increasingly used to identify a person, and the possession of such data would allow identity theft, so to speak.

They are the most common means for biometric identification of a person.

An increasing number of systems are equipped with fingerprint readers to identify people. There are buildings and rooms only accessible with the correct fingerprints.

Login to notebooks and other computers might be controlled via fingerprints and customers in department stores could trigger a payment from their accounts using this technique.

swissinfo: How can abuse be prevented?

P.H.: Information security management measures must be applied on several levels. Organisational methods, including a clear policy, the definition of the aim and purpose of the database and a risk assessment are a starting point.

The selection and training of personnel with access to a database is another issue, as well as the control of access to the database and the cryptographic protection of the stored information.

Reviews and checks of security measures, and perhaps even a certification of the achieved security level, might be necessary.

swissinfo: How credible are allegations by opponents of the planned new travel documents that electronic passports can easily be read?

P.H.: There is enough evidence to prove it is relatively easy to read data from the electronic chip in a passport. Videos showing how it is done and information on how to do this are not difficult to find.

I strongly suspect that it will be possible to crack the security barrier of the chips within a short space of time. But admittedly the safety standards of the biometric passports of different countries vary.

To prevent abuse I think the whole system should be thoroughly reviewed.

swissinfo: Some experts tell us that the new passport improves security, others warn it is less secure. How can the citizen decide what’s right?

P.H.: It depends what they mean by security. For some it means ‘counterfeit proof’ so that no other person can copy my passport.

Or that it is not possible to hide another person behind my personal details, for instance inserting other fingerprints, and using a different photo.

For others security is the crucial element in the debate over terrorism in the context of travelling and air transport.

Then there is also the data protection aspect, and whether an unauthorised party could secure possession of personal data and specifically, fingerprint specimens.

Finally, time is a crucial element in discussions about information security. Things that are fairly secure today may become insecure in a few years’ time.

Just consider the possibilities and costs of a personal computer ten years ago, and where we are now.

swissinfo: To what extent are the specialists biased and their perspectives limited?

P.H.: Obviously experts on either side defend their own interests. It is up to every individual to consider the technical and political issues at stake and draw the conclusions.

I’m not sure that the federal authorities have taken into account all the elements on a technical level. It is for instance dangerous to argue a technical system is absolutely secure.

swissinfo: Even more reason to be sceptical?

P.H.: A degree of scepticism is necessary, but not only towards the authorities. Their technical insight might appear limited, but they are highly competent in political and legal matters.

It’s precisely the opposite with technical experts who take part in the worldwide debate on biometric passports.

swissinfo: But scepticism specifically towards the state?

P.H.: I don’t consider myself a hardliner on data protection despite my post as vice- president of the Swiss Data Protection Forum.

As a frequent internet user for years, I’m pretty sure that my personal details can be traced to a large extent. Many of us must blame ourselves because we make the data so easily accessible simply by taking part in commercial campaigns, using search engine forums or by participating in internet communities.

I understand the doubts and mistrust of the state. There is plenty of evidence in the recent past to show that regulations have been violated or changed.

Only in February for instance the Swiss government gave in to pressure and ordered a leading bank to hand out confidential client data to the US justice authorities.

BT chief security-technology officer Bruce Schneier slams US border biometrics

Jul 23rd, 2009 | By | Category: Evidence, News, Opinions

By Tom Espiner

Posted on ZDNet News

Security expert and BT chief security-technology officer Bruce Schneier has attacked the US-Visit border-biometrics program, saying it has had “zero benefit” in terms of security.

Speaking to ZDNet UK last week, Schneier said that there was little evidence that the US-Visit program, which takes fingerprints and retinal scans from all visitors to the United States, had made any impact on reducing the threat from criminals and terrorists.

“If the Department of Homeland Security had apprehended any terrorists [through US-Visit], they would have kicked up a huge press stink,” said Schneier. “There has been zero benefit from the program.”

A long-time critic of the US-Visit program, Schneier first questioned the cost-effectiveness of the scheme in 2006. At the time, just under 1,000 people had been apprehended for criminal or immigration violations, yet the program had cost $15 billion (£9.4bn) up to that point.

“Take that $15 billion number,” wrote Schneier in a 2006 blog post. “One thousand bad guys, most of them not very bad, caught through US-Visit. That’s $15 million per bad guy caught. Surely there’s a more cost-effective way to catch bad guys?”

However, Robert Jamison, undersecretary at the US Department of Homeland Security’s National Protection and Programs Directorate, which oversees US-Visit, told ZDNet UK at the RSA Conference Europe 2008 on Wednesday that the border-biometrics program had been effective.

“There have been several instances of someone applying for entry under one name, being denied, applying under another name, and again being denied [due to biometrics records],” said Jamison. “In a few cases, criminal activity and, in some cases, terrorist activity have been prevented.”

Jamison declined to say exactly how many terrorists had been caught as a direct result of the program, saying the information was “classified”. However, Department of Homeland Security figures show that more than 2,400 immigration “violators” and criminals have been identified since the inception of the program in January 2004.

In February, US-Visit was claimed to have helped identify two terrorist suspects, now being held in Iraq, from fingerprints lifted from an improvised explosive device.