In my field, one of the holy grails of proper authentication is finding a unique identifier for each and every user in a data processing system. While the term ‘user’ is generally seen as applying to a person, it could also be more broadly applied; to a server, an application, et cetera. While this search (for the Grail) is, generally, appropriate, I want to talk about the dangers that should be considered. This ‘blog entry is not meant as a technical guide. If you have more technical questions, ask me to help. I would be delighted.
The most common way to access data systems is the password. Regardless of us calling it a password, a pin, or a secret, we use some sort of password everyday. We all change our passwords from time to time (and not nearly as often as we should). And sometimes we change these passwords because we have to.
One of the reasons we may have to change our passwords is formally known as "unauthorized disclosure". When we know of an unauthorized disclosure, we typically call our help desk, our bank, or our credit bureau This sometimes involves a degree of panic, an sometimes endangers our privacy, our work product, or our very safety.
Over the last few decades, and with rapid acceleration these last few years, biometric technology has been developed and introduced to augment, and in some cases replace, our password-based authentication mechanisms. While quite a bit has been written and shown in movies, biometric technology has typically remained out of the main-stream. The slow adoption of biometric technology has been mostly due to cost issues. For example, a decent biometric reader used to cost upwards of a $1,000 to install, with one or two needed per door. Imagine that cost for an entire building…
Biometric technology today exists in many forms. Some of these forms are easily understood, some are complex, and some simply sound far-fetched Let’s review some of these briefly:
- Thumb (or finger) print recognition
- Hand geometry analysis
- Face recognition
- Eye blood-vessel pattern recognition
- Voice recognition
- Facial bone-structure recognition
- Keyboard typing speed analysis
- Scent (smell) recognition, and
- DNA analysis.
Items 1-5 above are favorites of many science fiction or thriller type TV and movie shows, and are thus the most familiar to the public. They are not, however, the only ones used. The list above is not meant to be comprehensive. There are quite a few other technologies out there.
Developments in Security
Partially prodded by terrorist attacks, the legislatures of some countries are pursuing the idea that biometrics can guarantee uniqueness and heal all their authentication ills. They want to use a positive, one of a kind, biometric identification as a means to perfectly and uniquely identify a perpetrator of a crime – or of an innocent bystander. While most countries do not have privacy laws preventing such a use (see my Privacy Law Collection from around the world at International or USA Privacy Laws)
), they also do not have laws regulating such use.
While the goals stated above are worthy, the recent efforts I have seen around the world to adopt and utilize further these technologies constitutes a not fully-thought-out rush.
In Britain, the law mandating a National ID Card created the notion of a national database to store biometric information. While a national biometric repository includes in less-than-fully-democratic countries such as Malaysia and Thailand, Britain would have been the first to allow it to exist in an open-debate country. Similar measures to Britain’s have been tried in the US, Canada, Australia, Israel and others. In Israel, where the debate still rages, some of the security issues are obvious and even that is not enough to persuade a public to agree to the collection and storage of their most personal of data.
“Spam” mail is the manifest of the power of data processing system to automate a process (of collecting email addresses and then sending virtually-free ‘garbage’ to these addresses) that would have been very difficult to perform manually. Imagine the threat to our identity and to the services we could access if that same processing power was applied successfully to a database, whether owned by a government or a commercial entity, which contained truly uniquely-identifying data.
Passwords are easily changed. Could you change your face that easily?
Google, a company whose motto is “Don’t be evil!” has a problem.
This problem is that has a self-made conflict of interest. One the one hand, it buys companies, frees technologies, and allows us to do things (mostly for free!) that we could never have done otherwise. On the other… well, they make money knowing what it is we want to see, where we want to be, and what we want to do. If they could assure an advertiser that his ad is more likely to be seen or clicked by a factor of 10%, that would be worth at least 10% to their bottom line (and probably 50% to their stock price).
One of the manifestations (yes, one of my favorite words) is their implementation of Picasa. Most especially in their online albums.
As you can see here, Picasa has for sometime now allowed its users to upload pictures and analyze faces (using facial recognition technology) in these pictures to identify these to unique individuals. All that is done, of course, without the knowledge or approval of the identified individual. I don’t know just how many individuals are identified, but we can safely assume it is in the tens- or hundreds-of millions.
And now… an Israeli company by the name of Face.com is offering a similar service to the users of Facebook. Once again, it is not required that you will have knowledge, give your approval, or even be a Facebook member for your pictures to be analyzed, recorded and stored on Facebook servers. Imagine if you are seen with that guy or were doing that in those pictures. Imagine if these are shared, or sold. Wouldn’t you like to know? To have approval rights? To block it?
We, as a society, must control who, why, and when has access to our unique attributes. This is one quest worth fighting for.