Following 9/11, the newly established US Department of Homeland Security (DHS) designed US-VISIT, a biometrics-based scheme to protect the US border from infiltration by malevolent aliens. NIST conducted a computer-based trial of flat print fingerprinting to predict the success of US-VISIT. They estimated that the technology would successfully verify identity 99.5 per cent of the time. That is equivalent to a false non-match rate of 0.5 per cent, well within IPS’s one per cent limit.
It may not be immediately obvious how outrageous NIST's forecast is. In the 2004 international fingerprint verification competition, FVC2004, the best algorithm achieved a false non-match rate of 6.21 per cent at a false match rate of approximately zero per cent. Even with a false match rate of one per cent, the best false non-match rate was 2.54 per cent, and IBM promptly formed a partnership with the winning company, Bioscrypt, Inc. No-one in 2004 had ever seen a flat print fingerprint algorithm capable of IPS's one per cent false non-match rate, let alone NIST's 0.5 per cent, and they still haven't.
In December 2004, the US Office of the Inspector General (OIG) reviewed the statistics for the first year of operation of US-VISIT. On average, 118,000 people a day presented themselves to primary inspection at the borders. Primary inspection is largely a biometrics check. If the false non-match rate is 0.5 per cent, you would expect 590 of them to fail and to be referred to secondary inspection by human beings. The actual figure was 22,350 failures or 19 per cent. Just like in the UKPS biometrics enrolment trial.
Round up more fingers
NIST had argued that a true accept rate of 99.5 per cent could be achieved using only two fingerprints. Once US-VISIT had demonstrated that the figure was more like 81 per cent, they teamed up with the US Department of Justice to lobby DHS and the State Department to use 10 fingerprints instead of two.
Would that help? It sounds as though it should but, as Tony Mansfield will tell you, increasing the number of fingers sampled will not lead to an exponential improvement in reliability. Your fingers are not independent events, there are correlations, and if the minutiae on your index fingers are poorly defined they are likely to be poorly defined on your other fingers, too.
Some researchers note that it is hardly worth printing ring fingers and little fingers. NIST found that right index fingers are inexplicably "better" than left index fingers (para.3.1.1).
Moving from two prints to 10 may not help much after all.
NIST provides no support for IPS and the idea that the methodology used in their May 2004 report is a reliable way of forecasting the outcome in the field is thoroughly discredited.*
* Messrs Mansfield and Rejman-Greene note in their report that there are exceptional problems with flat print fingerprinting (Appendix B, p.34). It is obviously hard to enrol people onto the population register if they are missing fingers and/or entire hands. It can also be hard to register older people, they say, manual labourers, East Asians and – that other unimportant minority group – women.
IPS have never explained what alternative arrangements will be made for these cases and the NIST report doesn't consider them. We remain in the dark, therefore, but IPS can't stay silent on the issue forever and when they do propose their alternative arrangements, the question will arise why we can't all use those alternatives and forget about biometrics altogether.
One Error In The Article
The author has confused 'Indentification' (the searching of the database for a given probe image) with de-duping (checking each database biometric is only on the database once).
@D Moss Esq
I'll pick up my copy of the Homer Simpson award on the way out.
Anonymous reader @ Sun 23-08-2009 14:21
A reader who wishes to remain anonymous emails:
"Thanks, it's a good article - but...
"Have you looked at the worldwide perspective on this?
"Already, about 2.2 billion people have 'smart' ID cards. Over 900 million are biometric with fingerprints (China's only has digital facial images, not fingerprints)
"By 2012, over 85% of the world's population will have smart ID cards.
"If it isn't working, why haven't we heard the screams?
"Incidentally, I should point out that I am an opponent of ID cards and fear what they will mean to ordinary people.
"What worries me is that exaggerating the problems will convince most people not to worry or oppose the project, because 'it isn't going to happen'.
"I have written an article on this subject, but it's under consideration, waiting to be published.
1. Thank you for your email.
2. I look forward to seeing your article.
3. The problem I consider is the unreliability of the biometrics chosen for the National Identity Scheme (NIS) and for its cousins, like eBorders. I have not exaggerated that problem. I have reported it and cited public domain sources in each case.
4. The NIS and eBorders explicitly rely on biometrics. Bringing attention to the laughable unreliability of the biometrics chosen is an economical way of demonstrating that the NIS and eBorders must fail. It confronts those two initiatives with quantitative evidence, no theological or political or social or ethical arguments required, it's not a matter of judgement, it's nothing more than arithmetic, there's no "wriggle room", within their own terms of reference, these initiatives must fail. The Identity & Passport Service (IPS) and the UK Border Agency (UKBA) are an embarrassment to any self-respecting Big Brother, they wouldn't even get a GCSE in mass surveillance.
5. The big arguments against putting state-controlled identity management at the centre of social interaction are not even mentioned, let alone exaggerated.
6. If readers think my point is that there is no need to campaign against the NIS and eBorders because they won't work, then I have failed abysmally.
7. It had not occurred to me that anyone would interpret this article as a call to cease campaigning but if that is a valid inference then I thank you for opening my eyes to it and for creating the opportunity to reiterate my belief that the NIS and eBorders poison the political ecology of the UK and need to be energetically resisted and terminated as soon as possible in the interests of the good government that we want, need, deserve and pay for. The intention of the article is precisely to equip people with simple arguments to campaign with.
8. "Why haven't we heard the screams?", you ask. In the UK, with its typically gentle demeanour, criticism of the NIS and eBorders started slowly and quietly, but it's in fourth gear now and you can hear the screams, notably on the exemplary forum of No2ID (http://forum.no2id.net) and radiating out from there in the press and the broadcast media, local and national, and in Parliament and the devolved assemblies and local authorities.
9. Spain has compulsory ID cards. Spain suffered the horror of the Madrid railway bombings. They may not have made the connection but, point that out to people, and you'll hear the screams. By 2005, Pakistan had issued 64 million biometric ID cards to citizens at home and abroad to help combat terrorism. Two years later, the unfortunate Benazir Bhutto was still nevertheless assassinated and even now Pakistan still remains some distance away from the orderly, efficient and safe state promised by the advocates of ID cards. They may not have made the connection but, point that out to people, and you'll hear the screams.
10. Why don't you hear screams from US-VISIT? Because US-VISIT doesn't apply to US citizens. It applies to Mexicans trying to cross the Rio Grande. They can scream all they like, they won't be heard. And it applies to tourists and businessmen. They can scream all they like, but they don't have a vote. If the rumoured plans of DHS to apply US-VISIT to the Canadian border ever come to fruition, then you might hear some screams.
11. Let me ask you in return -- why don't you hear screams of success? Where are the well-argued cases with supporting evidence for the success of biometric ID cards?
12. I look forward to seeing your sources for the 2.2 billion, 900 million, 85% figures. In the case of the 900 million people with flat print fingerprint ID cards, has identity theft been reduced, has other crime been reduced, has terrorism been countered, have government services become more efficient? If not, why waste money on these identity management systems?
13. "Global mobile penetration to reach 75% by 2011". That's what it says in The Register, http://www.theregister.co.uk/2007/10/26/mobile_pentration_research/. That's 4 billion people enrolled in a global identity management system that works. At the same time as heading off an identity management system for 900 million people that doesn't work, I really think we should all pay a bit of attention to mobile phones, http://DematerialisedID.com.
14. Have I looked at the worldwide perspective? For mobile phones, I tried to. For IPS-style ID card systems, no. I have looked at the NIS in depth. I have looked at the EU's OSCIE specification (http://dematerialisedid.com/Mobiles.html#nothing) and Project STORK (http://dematerialisedid.com/BCSL/Hall.html and http://dematerialisedid.com/BCSL/Festival.html). I have looked at US-VISIT in some depth (http://dematerialisedid.com/Biometrics.html#usvisit) and at NADRA in Pakistan (http://dematerialisedid.com/BCSL/Risk.html para.10). Also Operation Golden Shield in China. But not at the whole world.
15. It seems to me that an awful lot of countries, the UK included, are labouring under the delusion that governing means operating identity management systems and that they will work because biometrics work. And it seems to me as a result that the first country to point out that the biometrics emperor has no clothes will cause consternation, bring the whole house of cards down and ultimately help to restore reason to government.