Lockstep has long advocated a more critical appraisal of biometric security systems.
Here is a selection of our analyses and commentaries on biometrics.
Biometrics Trust Mark StudyLockstep was engaged by the Biometrics Institute in 2015 to research the market for a new privacy trust mark, and set out a development road map. High level results were presented at public conferences in Austraia and New Zealand through 2015.
Biometrics Trust Mark criteria and pilots
Lockstep was retained by the Biometrics Institute to develop the assessment criteria for the privacy Trust Mark, and a Privacy Impact Assessment template. We went on to commence Trust Mark pilots to trial the criteria and the assessment process (pilots were ongoing as at December 2016).
UK Parliamentary submission
We made a detailed submission on biometrics to the UK Commons Select Committee on Science and Technology, September 2014; PDF available here.
External blog entries
Quote: "[It is] very optimistic to imply ... that biometric ATMs will have false positives of 'one in a million' and false negatives of 'one in ten thousand'. These error rates are not achievable simultaneously, even in the lab. And the FBI tells us these results do not apply outside the lab, where real ATMs operate."
Quote: "Published error rates for biometrics are chronically optimistic. Biometric performance measurement almost always uses the 'zero effort imposter' assumption, which causes systemic over-estimation of their strength. False Match Rates are worked out by counting accidental matches, and do not look at scenarios where someone is trying to get matched falsely ...
"In other words, the stated performance specifications of biometric solutions don’t tell us much about how well they stand up to criminal attack. This failing is nothing short of remarkable. Shouldn’t resistance to would-be robbers be top of mind when commissioning banking system security?"
Quote: "The term 'unique' in the context of biometrics is utter hyperbole. Even if it were true that voice patterns are 'unique', the critical question is whether a biometric mechanism is capable of telling all voices apart. And the truth is that no biometric apparatus is perfect. In fact, most biometrics fall so far short of perfection that I believe use of the word 'unique' constitutes false advertising."
- "Plurality of Identities, and trouble ahead with biometrics" Open Forum blog, Nov 2007.
Quote: "Let's consider the possibility that this singular identity paradigm has enabled, without anyone noticing, the rather too easy acceptance by security experts of biometrics. The idea of biometric authentication plays straight into the orthodox world view that each user has one 'true' identity that underpins multiple authorisations. The strong intuitive attractiveness of biometrics must be based on the idea that what matters in all transactions is the biological organism. But it's not. In most real world transactions, the role is what matters, and it's only under rare conditions of investigating frauds that we go into the forensic exercise of locating the organism.
"There are huge risks if we were to make the actual organism central to routine transactions, by deploying biometrics too expeditiously. It would make everything intrinsically linked, implicitly violating Privacy Principle No. 1: Don't collect personal information that is not required for the transaction at hand. The stakes in biometrics are extremely high. As yet there is no proven way to cancel and re-issue a compromised biometric template (and I worry that fundamentally it can never be done properly without trading off integrity). And despite ... often surprisingly large false match rates, biometrics are still thought of, even promoted, as proving 'unique' identity."
Whitepapers and publications
A number of Stephen's Online Banking Review columns look at biometrics; see archived OBR copies from February 2006 and August 2008, as well as the recent pre-print of the April 2009 column below.