Title: Challenges and Threats in Large Scale Biometrics Deployment in Europe Findings and recommendations f
1Challenges and Threats in Large Scale Biometrics
Deployment in EuropeFindings and
recommendations from results of IPTS Biometrics
Deployment Study
James GoldsteinStudy manager, Cybion Srl
2Agenda
- Objectives
- Study Phases Target
- Mapping
- Questionnaire
- Survey results
- Findings/Conclusions
3Objectives of our study
- Collect information on and summarize the present
state of biometric deployment in Europe. - Identify the main challenges for biometric
deployment in Europe - technical (e.g. false rejection rate, failure to
enrol, ) - related to standards and interoperability
- economical
- social (e.g. low acceptance)
- legislative
- Propose areas that should be explored in order to
solve or alleviate existing or potential problems
- Put together results and options for policy
making
4Expected results
- Contribute to a better understanding of the
existing challenges affecting large-scale
deployment of biometric systems in public use - Help the consistent adoption of biometric
technologies, taking into consideration
advantages and threats. - Provide a European deployment map of all relevant
large-scale biometrics solutions
5Study Phases
Conference
Survey Status of biometric deployment
Biometric Expert Group
Decision makers at EU level
Testing and Evaluation
Security and Privacy
Expert meeting
Challenges
Deployment status
In the project
After the project
6Target
- Size of applications
- 10.000 users enrolled
- Deployers involved
- Public sector (government, border control)
- Secondary target Commercial
- Geographical
- Developed only in EU Member States
7Mapping
- Detailed European map of biometrics systems,
including names and contact addresses of the
institutions involved - Browseable by country, technology, application
8Mapping
9Profile page example
10Questionnaire
- Distributed to 60 participants
- Addressing overall project target
- Provided by e-mail, telephone, personal visits
- 12 returned
11Basic Information (1)
12Basic Information (2)
13Basic Information (3)
14Basic Information Analysis
- Main application domains ID and travelling
documents (e-passport, ID-cards,VISA), law
enforcement (AFIS, DNA), access control (incl.
registered passengers) - Number of users ID and travelling documents are
the largest - Types of biometrics
- Finger most-widely spread, used in all domains,
used for identification and verification - Face ID/travelling, law enforcement (plans to
include face-recognition), used for verification - Iris registered passengers, used for
verification - DNA law enforcement, used for identification
- Palmprint law enforcement, used for
identification - Trend towards multi-modality
15The main driversWhy the system has been
developed
Rank from 0 (not relevant) to 5 (very relevant)
16The main drivers Analysis
- Security most important driver for all domains
except registered passengers - Convenience most important driver for registered
passengers - Save costs important for AFIS, less important
for ID/travelling registered passangers - Fulfill agreements important for ID/travelling
17Performance data claimed by manufacturer
18Performance data based on practical observations
and comments (1)
19Performance data based on practical observations
and comments (2)
20Performance dataAnalysis
- Error rates not enough data for meaningful
comparisons available - No reported execution of standardised tests
- Problem Definition of error rates within AFIS
(i.e police enrols all arrestees, manual
verification of matches by human expert), very
different transaction times between
tenprint/tenprint latent/tenprint searches - Time Transaction times satisfying
21Standards and interoperability (1)
22Standards and interoperability (2)
23Standards and interoperabilityAnalysis
- Referred standards are well-known
- New ISO SC37 standards are not referred
- Technical information is in large part
confidential - Information exchange is intended especially
within law enforcement systems
24Token, if applicable
25Token, if applicableAnalysis
- Answers are from access systems
- No answers form e-Passport systems
26Biometric database, if applicable (1)
27Biometric database, if applicable (2)
28Biometric databaseAnalysis
- Database Available data is from manufacturer of
access system, no data disclosed by large scale
deployers (e.g. AFIS) - Encryption of transmitted data Is used by AFIS
(e.g. TESTA network within Prüm-Treaty)
29Biometric sensor
Biometric sensor 2, if applicable (in multimodal
systems)
30Costs (all fields are optional)
31Legal, organizational and data protection issues
) (1)
32Legal, organizational and data protection issues
) (2)
33Legal, organizational and data protection
issuesAnalysis
- Owner of biometric data depends on application
area (e.g. AFIS police, card based access
systems / reg. Pass. customer) - User access to data sometimes possible (e.g.
reg. Passengers), sometimes must be prevented
(AFIS) - Data sharing within law inforcement systems is
mostly possible (in consideration of nat. laws)
34Challenges and Future Plans
35Survey Results
- Survey achieved only a snapshot
- Stakeholders are not forced to provide reliable
information to Commission and EU Member States - Experts' opinions and other sources (interviews)
contributed to a broader picture
36Findings/Conclusions
- Applications of interest
- Law enforcement, passports, access control
- Preferences of biometric data
- Fingerprint, face, iris and DNA
- Performance and error rates
- Must be seen in context with user environment
- Europe-wide integration
- On right path with law enforcement and passports,
but not yet completed
37Next steps
- Publication of Deployment Status Report
- Publication of Final Report that incorporates all
relevant results from - Questionnaire
- Expert Group
- Seminar
- Priority list of challenges/threats to large
scale biometrics deployment to be revealed in
Final Report
38THANK YOU!
CONTACT INFORMATION James GoldsteinCybion
SrlVia Della Scrofa, 117Rome, Italy 00186 TEL
39 06-6865975FAX 39 06-68806997E-mail
goldstein_at_cybion.it