Biometrics

Debate about biometric ATMs on Chris Skinner’s Financial Services Club blog

Quote: “[It is] very optimistic to imply … that biometric ATMs will have false positives of ‘one in a million’ and false negatives of ‘one in ten thousand’. These error rates are not achievable simultaneously, even in the lab. And the FBI tells us these results do not apply outside the lab, where real ATMs operate.”

Finextra blog comment on voice biometrics 29 Jan 2009

Quote: “Published error rates for biometrics are chronically optimistic. Biometric performance measurement almost always uses the ‘zero effort imposter’ assumption, which causes systemic over-estimation of their strength. False Match Rates are worked out by counting accidental matches, and do not look at scenarios where someone is trying to get matched falsely …

“In other words, the stated performance specifications of biometric solutions don’t tell us much about how well they stand up to criminal attack. This failing is nothing short of remarkable. Shouldn’t resistance to would-be robbers be top of mind when commissioning banking system security?”

Finextra follow up comment on voice biometrics 1 Feb 2009

Quote: “The term ‘unique’ in the context of biometrics is utter hyperbole. Even if it were true that voice patterns are ‘unique’, the critical question is whether a biometric mechanism is capable of telling all voices apart. And the truth is that no biometric apparatus is perfect. In fact, most biometrics fall so far short of perfection that I believe use of the word ‘unique’ constitutes false advertising.”

“Plurality of Identities, and trouble ahead with biometrics” Open Forum blog, Nov 2007.

Quote: “Let’s consider the possibility that this singular identity paradigm has enabled, without anyone noticing, the rather too easy acceptance by security experts of biometrics. The idea of biometric authentication plays straight into the orthodox world view that each user has one ‘true’ identity that underpins multiple authorisations. The strong intuitive attractiveness of biometrics must be based on the idea that what matters in all transactions is the biological organism. But it’s not. In most real world transactions, the role is what matters, and it’s only under rare conditions of investigating frauds that we go into the forensic exercise of locating the organism.

“There are huge risks if we were to make the actual organism central to routine transactions, by deploying biometrics too expeditiously. It would make everything intrinsically linked, implicitly violating Privacy Principle No. 1: Don’t collect personal information that is not required for the transaction at hand. The stakes in biometrics are extremely high. As yet there is no proven way to cancel and re-issue a compromised biometric template (and I worry that fundamentally it can never be done properly without trading off integrity). And despite … often surprisingly large false match rates, biometrics are still thought of, even promoted, as proving ‘unique’ identity.”

Whitepapers and publications

A number of Stephen’s Online Banking Review columns look at biometrics; see archived OBR copies from February 2006 and August 2008, as well as the recent pre-print of the April 2009 column below.