Interesting People mailing list archives
Biometric Innovation Breakthrough answers UK ID Card Security Fears
From: David Farber <dave () farber net>
Date: Thu, 30 Jun 2005 11:30:08 -0400
Begin forwarded message: From: Benjamin Kuipers <kuipers () cs utexas edu> Date: June 30, 2005 11:23:57 AM EDT To: dave () farber netCc: Ip ip <ip () v2 listbox com>, Brian Randell <Brian.Randell () newcastle ac uk>, John.g.fisher () btinternet com, Benjamin Kuipers <kuipers () cs utexas edu> Subject: Re: [IP] Biometric Innovation Breakthrough answers UK ID Card Security Fears
Dave,This is a nice idea, and undoubtedly helpful, but it's just the cross- product of fingerprints (unchangeable, but hard to forge or guess) and a numeric PIN (changeable, but in a small searchable space).
However, if I can tap your computer or card-reader (or even swipe some of your drinking glasses), and get a collection of your fingerprints, then I have an "alphabet" to use while searching for the numeric PIN.
If I have to do this individually for each victim, then it raises the cost of "retail" identity theft while making "wholesale" theft prohibitively expensive, which is certainly a big step forward.
Unless and until someone steals a large fingerprint database. Then this is just as vulnerable to wholesale identity theft as before. It will cost more cycles, but Moore's Law will take care of that.
Have a nice day! Ben Kuipers At 4:41 AM -0400 6/30/05, David Farber wrote:
Begin forwarded message: From: Brian Randell <Brian.Randell () newcastle ac uk> Date: June 28, 2005 5:27:28 PM EDT To: dave () farber netSubject: Biometric Innovation Breakthrough answers UK ID Card Security FearsDave:This "understated" commercial press release has been issued the very day that the UK Parliament is debating the Government's controversial ID Card proposals.I look forward to reading IPers reactions! cheers Brian RandellPRESS RELEASE June 29th 2005 Further information: 02476 236644 Press Office: John Fisher - 01785 840978 M: 07808 171 664 John.g.fisher () btinternet com jfisher () senselect com http://www.senselect.com Biometric Innovation Breakthrough answers UK ID Card Security FearsA biometric identity card system that is hacker and thief-proof and puts the missing privacy and security into the UK ID project - has been unveiled today (Wednesday).The British inventors of the BiometricPIN system say the system can be used in the new UK ID cards, overcoming all security fears and objections and putting control on the use of biometrics in the hands of the user. Instead of using a single, easily lifted or stolen fingerprint, BiometricPIN will allow any sequence of finger prints determined by the user. No one has been able to achieve this so far and the implications will be global as spin-off projects emerge.The sequence creates a digital pattern that can only be recreated by the user. When it is stored on a Government or central database it simply becomes an unidentifiable "blob" that cannot be stolen.Behind the world-first breakthrough is West Midlands biometric company, Senselect Limited, which has been working on the hush- hush software-based system for five years. John Topping, Managing Director of Senselect, said BiometricPIN would have implications for everyday life across the world, but the company has concentrated so far on the ID card security problem and the "big brother" fears it instills in people."This is totally secure, fast and "hacker-proof", said Mr Topping. "The sequence simply cannot be replicated by anyone other than by the user. It also allows the user to determine just how much information others can see about them. A doctor, for example, could be restricted to medical history whilst a bartender will only get confirmation that the customer is over 18."With BionetricPIN there will be no "big brother", said John Topping and identities stored on Government databases are safe from theft. With single finger biometrics everyone has a right to be scared because, while you can change a pin number if you are compromised, fingerprints are for life.Biometrics using single fingerprints as an identifier have been used for some years, and despite them being capable of being "lifted", their use has grown. Their use in government ID cards - even with the backup of iris and facial biometrics - is considered a step backwards by many."With BiometricPIN there would be total security as the pattern decided on uniquely by the user cannot be lifted from a single finger reader or hacked from a database", said John Topping. "BiometricPIN produces a unique biometric print that just cannot be copied. It also needs live fingers."Mr Topping said BiometricPIN would solve a huge worldwide problem. Anyone concerned that their ID could be copied can rest assured that this will allay all their fears. Protecting peoples ID is already written into our law but with BiometricPIN it will be in the hands of the user. Senselect says BiometricPIN, because it is software-based, can be used in conjunction with all existing technology, along with iris and facial biometric systems.The company says it already has several European governments interested in implementing BiometricPIN and Senselect has produced a set of security standards for cross border biometric identification. This is now being considered by the European Union for adoption.Added John Topping: "We believe we have solved a huge problem for the world and are ready to share our knowledge. This is the biggest breakthrough in computer technology for many years and will have a huge impact on everyday commerce as further applications for BiometricPIN emerge".Ends Senselect Limited Coventry University Technology Park The Innovation Centre Puma Way Coventry, UK, CV1 2TT http://www.senselect.comFor further information, please reply to <mailto:john.g.fisher () btinternet com>john.g.fisher () btinternet com--School of Computing Science, University of Newcastle, Newcastle upon Tyne,NE1 7RU, UK EMAIL = Brian.Randell () ncl ac uk PHONE = +44 191 222 7923 FAX = +44 191 222 8232 URL = http://www.cs.ncl.ac.uk/~brian.randell/ ------------------------------------- You are subscribed as kuipers () cs utexas edu To manage your subscription, go to http://v2.listbox.com/member/?listname=ipArchives at: http://www.interesting-people.org/archives/interesting- people/
-- Benjamin Kuipers, Professor email: kuipers () cs utexas edu Computer Sciences Department tel: 1-512-471-9561 University of Texas at Austin fax: 1-512-471-8885 Austin, Texas 78712 USA http://www.cs.utexas.edu/~kuipers ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- Biometric Innovation Breakthrough answers UK ID Card Security Fears David Farber (Jun 30)
- <Possible follow-ups>
- Biometric Innovation Breakthrough answers UK ID Card Security Fears David Farber (Jun 30)