Biometrics role in national security

Ashwin A. pinto, Shevtank Verma

MSCLIS-09

Since Mumbai attack and series of other terrorist attack in India, biometrics is now used for verification of identity. The interest is particularly sensitive in the areas of visa and immigration certification and government-issued identification card programs. Since biometrics information is so closely related to a person, they are thought to be more trustworthy and not easily forgotten, lost, stolen, fallacious, or guessed. This is because a biometric identifier relies on distinctive biological information about a person. This can be, for example, a 3-D image of the individual's hand, a scan of the person's iris, a fingerprint, or a voice print.Biometrics can be used either: for verification or for identification. When a biometric is used to authenticate whether a person is who he or she claims to be, the verification is referred to as "one-to-one" matching. Almost all systems can determine whether there is a match between the person's presented biometric and biometric templates in a database in fewer than one second.

Identification is named as one-to-many matching. In identification, a person's presented biometric is compared with all of the biometric information within a database. There are two types of identification process: positive and negative. Positive process expect there to be a match between the biometric presented and the stored database information. These systems are intended to make sure that a person details are in database. Negative process is set up to make sure that a person is not in the system. Negative identification also works as a form of a watch list, where a match triggers a notice to the appropriate authority for action.

Neither verification systems nor identification systems generate accurate matches. Instead, the comparison generates a score of how close the presented biometric is to the stored database. The systems compare the score with a predefined number or with algorithms to determine whether the presented biometric and template are sufficiently close to be measured a match.

Most biometric systems require a registration process in which a sample biometric is captured, extracted, and encoded as a biometric template. This template is then stored in a database for future comparisons. When the biometric is used for authentication (e.g., access control), the biometric system confirms the authority of the claimed identity. In applications, the biometric technology compares a specific person's biometric with all of the stored biometric records to see if there is a match. For biometric technology to be effective, the database must be precise and logically wide-ranging.

Functionality and Effectiveness of Biometrics

Biometric technologies appear to be useful tools for identification and verification in security initiatives. Before implementing these technologies, one must consider whether biometric systems really work, whether they are sufficiently advanced to provide their touted capabilities, and their effectiveness. Accuracy, the possibility for deception, and user acceptance issues are also important considerations. It should be noted that the technologies can be difficult to compare--especially their cost--because they are often created for use in very different types of projects.

Emerging new Technologies in biometrics

In addition to the mature technologies such as iris recognition, facial recognition, hand geometry, palm veins reading, researchers are also looking for other useful biometrics. Some of these emerging technologies include vein scans, facial thermography, DNA matching, odor sensing, blood pulse measurements, skin pattern recognition, nail bed identification, gait recognition, and ear shape recognition. Some of this biometrics, like vein scanning, is just becoming commercially available, while others, such as ear shape recognition, are recently started research projects. Any organization interested in biometric safeguards must look carefully at its requirements and then choose the biometric and the relevant safeguards that meet those requirements. The organization must choose the level of security based on the threat. The more security used to prevent people from fooling the system, the greater the potential for false positives. For instance, if an organization wants to use a biometric for time and attendance, it is unlikely to care about whether the sample is alive. The threat is too minor for such security guards.

Security Implications

Biometric technologies have ample prospective to improve national security by providing a means to identify and authenticate people in many contexts. In many situations they will provide a significantly higher level of security beyond current means of identification. This will be of exceptional utility in controlling access to areas where security risks are principally high--airport tarmacs, critical infrastructure facilities, and the like.

At the same time, however, as with any other new technology, there is the possibility for abuse. Thus, there is genuine public concern that biometric technology can be misused to invade or violate personal privacy or other civil liberties. Some of the fears adjoining biometric information include that it will be gathered without consent, knowledge, or clearly defined reasons; used for a multitude of purposes other than the one for which it was initially gathered, spread without open permission; used to help to create a complete picture about people for surveillance or social control purposes. There are also concerns about tracking, which is real-time or near-real-time supervision of an individual, and profiling, where a person's past activities are reconstructed; both of these would destroy a person's anonymity. There are also concerns about identity deception.

In light of these and other similar fears, some say that the technology should not be developed at all. But given the very grave terrorist threat that we face, if biometric technology is proved to enhance security in a particular situation and appropriate safeguards can be put in place, we believe it is worth pursuing. Some critics of biometrics believe that liberty derives from anonymity, while supporters are of the view that proper security is dependent on complete identification and that liberty would in no way be put at risk. In properly shaping how best to develop both liberty and security, it is useful, therefore, to have some basic principles for assessing a particular biometric technology.

The implementation of biometric technologies for enhancing national security raises several practical and policy questions. It is decisive that the right type of technology is chosen to meet the purpose and privacy requirements of a particular use. In order for biometric systems to provide security, it is essential that people not have a false sense of security about them. The weaknesses and flaws of the technologies must be recognized and countermeasures need to be considered. The systems cannot be seen as the definitive security tool, and thus the ideal solution. Rather biometrics is simply another tool in a layered approach to security. They are not a panacea--but they can play an important role in protecting and should not be demonized as improper technology.