Feeds

EU goes on biometric LSD trip

Consortium considers legal, standardisation and deployment issues

  • alert
  • submit to reddit

High performance access to file storage

In December 2004, the European Commission adopted the biometric passports directive, a regulation that mandates the use of biometric facial images within 18 months and fingerprints within three years for all passports issued.

Biometrics such as fingerprints have long been used as identifiers, albeit mainly for catching criminals. But it is only in recent years that computational devices have come into standard use for companies and individuals that the use of biometrics has become viable everyday applications.

However, investigations conducted in the US and Europe have concluded that there is much work to be done to improve biometric technologies so that their full potential can be reaped. Different types of biometrics have differing levels of accuracy, leaving room for much improvement, and user acceptance still needs further testing.

Notwithstanding this, governments worldwide are demanding that biometrics are used as unique identifiers, with the primary emphasis being on improving security for such things as access control, electronic payments and authenticating travellers. One such scheme that has been raising concern is the US-VISIT scheme unilaterally imposed on international travellers to the US. This requires the transfer of large amounts of personal information on travellers to the US, in contravention of Europe's data protection laws, as well as the provision of fingerprints and facial images when entering the US.

Schemes such as this are driving the EU to develop robust standards for technology and to ensure that they are actually useful in real-life applications. As part of this, BioSec was set up at the end of December 2003 to engender a European-wide approach to the development of biometric technologies for security applications. It comprises a multinational consortium of companies, universities, public institutions and governments from nine European countries, providing a solid base for piloting prototypes and applications.

With a remit covering a very wide area, BioSec's three main objectives are:

  • To enhance biometric technologies: including the refinement of user interfaces, sensors, devices and algorithms, and advancing the usability of biometric devices. Work is being done to improve storage systems, including personal, portable and centralised devices, to improve technology systems such as those that support transactions made over computer networks, and to enhance interoperability of devices and support for public key infrastructures.
  • To ensure that technologies meet the requirements of real-world scenarios: the work that BioSec is doing in this area includes evaluating usability and acceptability of biometric technologies through field tests, including scenarios for physical and remote access, as well as contributing to the definition and adoption of standards and interoperable solutions for biometric-based transactions.
  • To become the reference point for al European research into biometric technologies and to ensure that European experts are central to the development of international standards for biometrics to avoid the imposition of unworkable schemes.

The BioSec consortium was set up to conclude its work by end-2005. At the halfway point, the group has just help its second workshop at the European Commission in Brussels to present achievements to date and outline the challenges that are still to be faced. Progress has been good, with a number of workable prototypes developed and good results in field tests.

But a number of challenges remain in bringing biometrics into everyday use. BioSec has boiled these down into three main areas of concern, known to BioSec members as ‘LSD'. These stand for legal issues, such as concerns about privacy and data protection, standardisation issues, including technical interfaces and interchange formats, and deployment issues, divided into technological and social barriers to use.

Information about the work of BioSec can be found at www.biosec.org.

© IT-analysis.com

Related stories

Plugs to be pulled on EU biometric visa scheme?
EU biometric RFID scheme unworkable, says EU tech report
Europe kicks UK out of biometric passport club
Fingerprints to become compulsory for all EU passports
Everything you never wanted to know about the UK ID card

High performance access to file storage

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
German space centre endures cyber attack
Chinese code retrieved but NSA hack not ruled out
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.