AnalysisIs U.K. ready for biometrics?

Published 28 February 2006

The march of the United Kingdom toward a biometric future appears inevitable. Parliament two weeks ago gave Prime Minister Tony Blair another victory for the national biometric ID program, and a week ago Gordon Brown, Blair’s presumed successor, gave a speech on terrorism in which he strongly endorsed the biometric scheme. The U.K. Foreign Office is already issuing facial recognition biometric passports for its diplomats, and iris scanning pilot schemes are underway at Heathrow Airport.

Still, there are those who raise questions about the plan, its cost, and its effectiveness in fighting terrorism and crime. Bori Toth, head of biometric research for Deloitte and Touche, says: Obviously they are not perfect. They can be forged — you can lift someone’s fingerprint and potentially access a system. The question is whether you are being presented with the real thing or a copy but there are ways to defend against that.

There has been little research done on the effectiveness of biometrics on a national level, though the UK Passport Agency’s one trial of biometrics last year found that facial recognition technology was the most unreliable. The majority — almost 100 percent — of participants managed to register their faces, BUT the rate at which faces could be verified was less good. When it came to verification, the face had the lowest success rate (69 percent) of the three biometrics tested. Changes in appearance such as facial hair caused verification to fail and those more than sixty years of age were harder to recognize than younger people.

Most people (90 percent) in the U.K. passport trial successfully registered for iris scanning, but operators said the camera was difficult to use and, as with facial recognition, success varied according to the participant’s ethnic group and age. People under sixty years had higher success rates than those aged sixty or above, and people who wore glasses had a higher failure rate than those who did not.

Angela Sasse, professor of human-centered technology at University College London, says: “There are problems with people who have eyes which have different focal lengths. The other problem is that dark-skinned people don’t have much contrast in the eye so it can’t be processed. If you have astigmatism, if the eyes move, the camera has problems with them. If you can’t see very well there can be also be problems.”

The most popular biometric is fingerprinting, but the technology is open to spoofing. Last year in Malaysia, a man was robbed of his $75,000 car when thieves cut off his thumb so they could circumnavigate the security controls on the ignition. A Japanese researcher used a gummy bear to copy a print and fool fingerprint scanners. Toth says: “To cut someone’s finger off — it’s possible to do that. Most of today’s systems are not protected against spoofing. For fingerprints it’s quite easy to do.”

There are thus some barriers to usability and security of biometrics, and Toth and Sasse both agree more testing is required before they can be rolled out effectively. Sasse says: “You can only work on a system that’s been implemented. We can only comment on these systems. But in all trials there have been problems. There needs to be more controlled studies with large samples of old, young and people of different ethnic backgrounds. The U.K. passport system only did one verification test.”

-read more in this report