www.freefoto.com
The practical side of biometric security for the Olympics
Much has already been written about the potential role of biometrics in ensuring security at London's 2012 Olympics. Martin George, CEO, Smart Sensors Ltd describes the practical considerations of biometrics and how they contribute to security
A biometric is some quality of a person that can be measured and quantified ("metric"), preferably reliably and consistently, so that a new sample can later be compared against either one original stored sample from the same person (verification) or against a database of all collected original samples (identification).
Facial, fingerprint, and iris recognition have become the top three biometrics, and all use digital imaging technology in some form – for Face and Iris, it is virtually the same as that used in common digital cameras.
The Olympics has several requirements where biometrics can potentially offer benefits.
- Identification of workforce – including permanent staff, and contractors, many of whom will be casual labour.
- Time management and auditing of staff / contractor hours spent on-site, for security, attendance / payment logging, Health and Safety and other reasons.
- Entry and exit logging, and tracking, of competitors and their support team members throughout all locations and facilities used by the Olympics.
- For spectators, VIPS and their guests, entitlement to attend events, or to be in certain places at given times.
In fact one of the major roles of biometrics is its ability to be linked easily to a notion of entitlement, and for entitlement policies to be administered very effectively by an underlying IT system. It also allows a reputation or trust to be built as a usage history is established, rather similar to how we grow to trust people whom we know and see regularly.
This in turn can become a very powerful sales and marketing tool by allowing the development of sales offers tailored to the level of access and privileges that each visitor and attendee might require, in addition to the certainty of entitlement offered.
However, for such a role, biometrics must be non-intrusive and easy to use, while assuring the level of discrimination and security required in a large event in which many unknown people will take part in a wide range of capacities.
Biometrics must also not create pinch-points that are worse than conventional check-point methods.
Iris recognition biometrics (IRB) has emerged as one of the most powerful and discriminating biometric technologies, in many use cases as an alternative to fingerprinting. This is evidenced in its successful deployment in several large scale programs, such as the UAE's expellee programme that screens for unwanted visitors at immigration control checkpoints.
There are still a number of common misperceptions about IRB that need to be put right. For example, it is not "scanning" and does not use lasers (it uses low power LED illuminators). Iris recognition uses digital video photography in near infra red light (very similar to night vision cameras). It offers excellent strategies to resist spoofing (for example: dynamic natural change of pupil size, and the fact that the iris lies protected, just below the corneal surface). The poor overall systems performance reported with current IRB such as that used in the UK IRIS fast track traveller programme, and in the biometric enrolment trials conducted for the Passport Service, is mainly a result of "human factors" issues and a lack of rigorous requirements evaluation in the system design.
One of the chief obstacles to deployment of any biometric identification and authentication scheme is the human factors challenge. Until now, IRB has largely failed to meet human factors requirements or expectations for most installations, yet the potential for IRB is that it can be much more accurate, less invasive, and faster than any other modality.
We should also recognize that each of the other major non-invasive biometrics (face and fingerprint) have their own limitations with regard to key operational performance metrics, including Failure to Enroll (FTE) and Failure to Acquire (FTA) rates, accuracy, stability of the biometric over time, resistance to counter-measures, cultural objections, speed and throughput, etc. Our vision is that each of the three major biometric modalities are, in fact, complementary, and so a properly implemented programme may well embrace appropriate usage of each.
IRB systems need to be very quick, effortless, and non-intrusive. The user need take no action other than to enter a defined space and look at the camera or other target. This has the potential to reduce the FTE and FTA human factors metrics to levels much lower than experienced with fingerprint technologies. Facial recognition technology is also too vulnerable to relatively simple strategies for disguising the individual.
Smart Sensors has been working closely with two providers of such IRB technology:
AOptix Technologies, Inc. has developed an innovative approach to very high quality iris image collection that operates at a nominal 2 meter stand-off distance. This system employs adaptive optics to ensure that the high resolution images are always centered and focused—typical problems associated with conventional iris imagers—and also fully automates the acquisition process so that the subject human factors experience is radically improved. The system finds the person's eyes, rather than the other way round. Consequently, FTE rates in large scale programs will be dramatically lower, and subject acceptance of IRB greatly improved. The AOptix system is also extremely fast, such that the subject experience is truly effortless, and high throughputs of up to 20 subjects per minute are feasible.
Another approach is represented by Sarnoff Corporation's "Iris on the Move" (IOM) technology. Here, users can walk through a portal rather like an airport metal detector, and during this process, a video of their face is captured under special illumination conditions, using high resolution cameras. From this video, iris images can be extracted and recognised against a gallery of pre-enrolled people. IOM is also capable of handling around 20 people per minute, per portal.
Is it safe and secure? People need to be assured that, once their biometric data is captured, it will not somehow leak out and compromise their identity or reputation. An individual's biometric data should normally be stored in an encrypted form so that without the relevant key, the data itself is useless. Even if someone were to obtain the raw biometric data, such static data would not pass a liveness check.
Martin George, CEO – Smart Sensors Ltd
Carpenter House Innovation Centre, Broad Quay, BATH BA1 1UD
