SURVEY - FT-IT REVIEW: Human traits will provide additional
security: BIOMETRICS by Fiona Harvey: Despite the inevitable
cost, biometric systems - which use fingerprint recognition, as
well as faces, handprints, irises and voices - are bringing
security to new levels
Financial Times; Dec 5, 2001
By FIONA HARVEY
Turn up to Schiphol airport in Amsterdam and you may be invited to
gaze deeply into a small machine to have your iris examined. At
Keflavik in Iceland and Toronto in Canada, air passengers are having
their faces scanned before they embark. Staff at San Francisco
airport will soon have their fingerprints taken each time they turn up
to work to check their identities.
In the wake of the terrorist attacks on the US, biometric security has
become the new technological obsession. Terrorists are scary
because they look just like other people - they do not identify
themselves as enemies on a battlefield, but infiltrate societies and
wreak havoc from within. Biometrics, which rely on people's unique
physical characteristics to identify them, seem to offer a way to
ensure people are who they say they are and to weed out terrorist
suspects from the crowd.
"The terrorist attacks have focused people's attitudes on security.
Biometric technology adds a valuable extra layer of security, as it
depends on something you are physically that is very difficult to
change," explains Andrew Kellet, senior analyst at the Butler Group,
a technology research company.
Airports were the first to look to biometrics after the attacks. There
are two approaches: some are using "mass" biometrics to examine
crowds of people and check for terrorist suspects; others are asking
frequent flyers to adopt smart cards that will carry biometric data in
order to separate out those who are not suspect and so speed up
the security process.
In the first case, closed circuit television cameras overlook the crowd
and feed their pictures through a database holding the faces of
suspected terrorists. When the system finds a match, it alerts
security. A face recognition system like this has been in use in the
London borough of Newham since 1998, and throws up only a few
false matches a week.
A Harris Poll conducted in the US shortly after the September 11
attacks found that 86 per cent of people favoured using face
recognition to scan crowds for suspected terrorists. Of course, this
system is only as good as the information fed to it - some known
suspected terrorists may be missed out if they are sufficiently careful,
and in many more cases the police will not have good enough
pictures of the terrorist to be much use in finding him.
In the case of frequent fliers, some airports are offering smart cards
as a supplement to passport security. These passengers agree to
have their fingerprints or irises scanned and the results held on
smart cards. When they turn up at the airport, their fingerprints or
irises will be checked to ensure they are who they say they are.
Immigration checks
It is the electronic equivalent of the immigration officer checking a
face with the photograph on a passport, though safer as passports
can be forged but no one can forge their iris. Such a system would
enable passengers to fast-track security, as it is much quicker to
pass people through a digital scanning system than to check their
faces and passports manually.
Passengers may also be subjected to background security vetting
before being allowed to join the scheme. Of course, the danger
remains that an unknown and careful terrorist could sign up for such
a scheme and use it to fast track security.
It has taken years of development to make biometrics ready for such
widespread usage. Early systems could not achieve the kind of
accuracy levels of today's products.
The main biometrics being used today are faces, fingerprints,
handprints, irises and voices. All are unique to each person, and can
easily be measured. Other less well-known and less favoured
techniques include using the shape of people's ears, their retinas,
the way they write their signatures and even their body odour.
The more usual techniques all follow a similar methodology. The
subject's fingerprint or iris is scanned in a digital scanner, or his voice
recorded, and the pattern of each is stored in a database or on a
smart card as a digital "map". In the case of faces, photos can be
used where the person involved cannot be scanned directly, but the
accuracy of the result will vary according to the quality of the picture.
When the subject is to be identified, he must undergo a similar
scanning process and the resulting digital map is compared to the
database or smart card to obtain a match.
The choice of which biometric to use does not depend on the
accuracy of each method, though fingerprints and irises are
reckoned to be the most accurate, followed by voices, with faces as
the least accurate. As the technology is now at a point where all
these methods are of good enough accuracy to give false readings
only in a few per cent of cases, there are more important
considerations. "It's not fair to say fingerprints are better than irises,
or vice versa. It all depends on the particular application you have in
mind," argues Piers Wilson, senior consultant at Insight Consulting,
which advises on security.
Fingerprints, for instance, are slightly invasive, requiring people to
touch a screen for a few seconds. But iris scans these days only
require people to walk through a special apparatus a bit like an
airport metal detector, and can even work through veils. Voice
recognition is also rather invasive, normally requiring people to speak
certain words or phrases into a microphone, and while face scanning
has the advantage that it can be used on crowds, the trade-off is that
it produces a false reading more often than other biometrics.
It is not only airports who are worried about the prospects of terrorist
attacks. Companies are also investigating using biometrics instead of
the common swipe card to ensure that their staff and buildings are
protected from terrorism. And such systems can carry ancillary
benefits. At TK Maxx, the UK clothing retailer, staff no longer use a
card for clocking in and out, which allowed them to swipe cards for
colleagues who were not actually there. Now they have to pass their
hands over a biometric scanner to clock on.
Banks are likewise interested, but for their customers' sake.
LloydsTSB recently announced a scheme to allow phone banking
customers to use voice verification for extra security.
Now that biometric systems are as easy to use as swipe card
systems, the main factor prohibiting their use is cost. Kitting out a
small office block could cost Dollars 20,000. However, companies
must weigh this up against the benefits of added security. Mr Wilson
of Insight asks: "What price security when lives are involved?"
globalarchive.ft.com
steve |
