Feeds

EU goes on biometric LSD trip

Consortium considers legal, standardisation and deployment issues

  • alert
  • submit to reddit

The Essential Guide to IT Transformation

In December 2004, the European Commission adopted the biometric passports directive, a regulation that mandates the use of biometric facial images within 18 months and fingerprints within three years for all passports issued.

Biometrics such as fingerprints have long been used as identifiers, albeit mainly for catching criminals. But it is only in recent years that computational devices have come into standard use for companies and individuals that the use of biometrics has become viable everyday applications.

However, investigations conducted in the US and Europe have concluded that there is much work to be done to improve biometric technologies so that their full potential can be reaped. Different types of biometrics have differing levels of accuracy, leaving room for much improvement, and user acceptance still needs further testing.

Notwithstanding this, governments worldwide are demanding that biometrics are used as unique identifiers, with the primary emphasis being on improving security for such things as access control, electronic payments and authenticating travellers. One such scheme that has been raising concern is the US-VISIT scheme unilaterally imposed on international travellers to the US. This requires the transfer of large amounts of personal information on travellers to the US, in contravention of Europe's data protection laws, as well as the provision of fingerprints and facial images when entering the US.

Schemes such as this are driving the EU to develop robust standards for technology and to ensure that they are actually useful in real-life applications. As part of this, BioSec was set up at the end of December 2003 to engender a European-wide approach to the development of biometric technologies for security applications. It comprises a multinational consortium of companies, universities, public institutions and governments from nine European countries, providing a solid base for piloting prototypes and applications.

With a remit covering a very wide area, BioSec's three main objectives are:

  • To enhance biometric technologies: including the refinement of user interfaces, sensors, devices and algorithms, and advancing the usability of biometric devices. Work is being done to improve storage systems, including personal, portable and centralised devices, to improve technology systems such as those that support transactions made over computer networks, and to enhance interoperability of devices and support for public key infrastructures.
  • To ensure that technologies meet the requirements of real-world scenarios: the work that BioSec is doing in this area includes evaluating usability and acceptability of biometric technologies through field tests, including scenarios for physical and remote access, as well as contributing to the definition and adoption of standards and interoperable solutions for biometric-based transactions.
  • To become the reference point for al European research into biometric technologies and to ensure that European experts are central to the development of international standards for biometrics to avoid the imposition of unworkable schemes.

The BioSec consortium was set up to conclude its work by end-2005. At the halfway point, the group has just help its second workshop at the European Commission in Brussels to present achievements to date and outline the challenges that are still to be faced. Progress has been good, with a number of workable prototypes developed and good results in field tests.

But a number of challenges remain in bringing biometrics into everyday use. BioSec has boiled these down into three main areas of concern, known to BioSec members as ‘LSD'. These stand for legal issues, such as concerns about privacy and data protection, standardisation issues, including technical interfaces and interchange formats, and deployment issues, divided into technological and social barriers to use.

Information about the work of BioSec can be found at www.biosec.org.

© IT-analysis.com

Related stories

Plugs to be pulled on EU biometric visa scheme?
EU biometric RFID scheme unworkable, says EU tech report
Europe kicks UK out of biometric passport club
Fingerprints to become compulsory for all EU passports
Everything you never wanted to know about the UK ID card

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Tor attack nodes RIPPED MASKS off users for 6 MONTHS
Traffic confirmation attack bared users' privates - but to whom?
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.