IHS Inc. The Source for Critical Information and Insight
Electronics |  Change  

Go
 
home > news > 2005
 

European Commission IDs Biometrics Challenges

April 1, 2005

The European Commission released a major new study on how biometric technologies - including fingerprint, iris and face recognition - will impact daily European citizens' lives. The report was initiated as a result of the European Union's decision to introduce biometrics in passports, visas and residence permits beginning in 2006, and was compiled by the European Commission's Joint Research Centre (JRC) at the request of the European Parliament's Committee on Civil Liberties, Justice and Home Affairs (LIBE).

According to the JRC, biometrics will substantially help in making Europe's borders more secure, facilitating border crossing and enhancing trust in identification documents, thus contributing to the creation of the European area of Justice, Freedom and Security. The development of biometrics technologies can contribute to a secure knowledge-based society, and an approach is needed that brings together different policy areas - security, industrial policy, competitiveness and competition policy - to ensure that Europe reaps the full benefits of government and EU initiatives related to biometric technologies.

The report also attempts to address the current lack of data and research by considering the social, legal, economic and technological challenges and analyzing in-depth four biometric technologies - face, fingerprint, iris and DNA. These challenges include:

  • Economically, the report points out the role EU Member States can play in assisting the emergence of a vibrant European biometrics industry. As the "launch customers" of the first major application of biometrics worldwide, they can push industry towards interoperability and the establishment of common standards that will promote competition and job creation.
  • Legally, the report concludes that Member States will have to provide the appropriate safeguards for privacy and data protection, thus controlling the use and preventing abuse of biometric data.
  • Technologically, the report has identified the lack of independent empirical data. Hence, there is an urgent need to conduct large-scale field trials to ensure the successful deployment of biometric systems.
  • Socially, the report raises the need to focus attention on making biometric applications acceptable to citizens, by clearly setting out their purpose and limitations. At the same time, it cites the risk of creating social exclusion for a small but significant part of the population. This could be because citizens choose not to use the required biometrics or are prevented from doing so by factors such as age or disability. Future systems should endeavour to minimize social exclusion.

Conclusions
The study has identified a number of issues that require further consideration and action so that Europe can benefit from the large-scale deployment of biometric technologies.

Two overriding conclusions provide the basis for the report's recommendations:

  • The "diffusion effect." The use of biometrics can deliver improved convenience and value to individuals. It is expected that once the public becomes accustomed to using biometrics at the borders, their use in commercial applications will follow. The diffusion effect is likely to require the addition of specific provisions on biometrics to the existing legal framework. New legislation will be needed when new applications become widespread and necessary fallback procedures are defined.
  • There is a need to recognize the limitations of biometrics. The main reason for introducing biometric systems is to increase overall security. However, biometric identification is not perfect - it is never 100% certain, it is vulnerable to errors and it can be "spoofed." Decision-makers need to understand the level of security guaranteed through the use of biometric systems and the difference that can exist between the perception and the reality of the sense of security provided. The biometric system is only one part of an overall identification or authentication process, and the other parts of that process will play an equal role in determining its effectiveness.

Recommendations
The above conclusions led to the following recommendations:

  1. The purpose of each biometric application should be clearly defined. The use of biometrics may implicitly challenge the existing trust model between citizen and state since it reduces the scope for privacy and anonymity of citizens. Clarity of purpose is needed to avoid "function creep" and false expectations about what biometrics can achieve. Such clarity is particularly needed to ensure user acceptance.
  2. The use of biometrics to enhance privacy. Biometrics raise fears related to privacy, best expressed by the term "surveillance society," but they also have the potential to enhance privacy as they allow authentication without necessarily revealing a person's identity. In addition, by using multiple biometric features it is possible to maintain related personal information segregated and thus limit the erosion of privacy through the linkage of separate sets of data. The more policy measures are able to encourage the use of biometrics to enhance privacy, the more biometrics will be acceptable to the public at large.
  3. The emergence of a vibrant European biometrics industry. The large-scale introduction of biometric passports in Europe provides Member States with a unique opportunity to ensure that these have a positive impact, and that they enable the creation a vibrant European industry sector. Two conditions would appear to be necessary for this to happen. Firstly, the creation of a demand market based on wide user acceptance, by clearly setting out the purpose and providing appropriate safeguards for privacy and data protection. Secondly, the fostering of a competitive supply market for biometrics. This is unlikely to emerge by itself and will need kick-starting by governments - in their role as launch customers, not as regulators.
  4. Fallback procedures. Since biometric systems are neither completely accurate nor accessible to all, fallback procedures will be needed. In the case of physical access systems (e.g. border control) skilled human operators need to be available to deal with people that are rightly or wrongly rejected. Whatever the application, whether in the private or public domain, the fallback procedures should be balanced - neither less secure, nor stigmatized. People with unreadable fingerprints, for example, have the same need for dignity and security as others.
  5. Areas for future research. The study has revealed several areas where further data and research is needed. These include:
    • Research and Technological development. Biometric technologies provide a strong mechanism for authentication of identity. Biometrics cannot be lost or stolen, although they can be copied, and they cannot be revoked. However, the technology is still under development. Technical interoperability and a lack of widely accepted standards, as well as performance and integrity of biometric data are major challenges that need to be addressed.
    • Multimodal biometric systems. Multimodal systems are those which combine more than one biometric identifier. For example, it is planned to use face and fingerprints in EU border control systems. Research initiatives have been launched on the application of multimodal biometrics in mobile communications (e.g. mobile telephones and other devices). However researchers need more test data to work with and there is still much work to be done.
    • Large-scale field trials. So far, empirical data on the real-time, large-scale implementation of biometric identification involving a heterogeneous population is limited. Field trials will have to be conducted to fill this gap. Such trials could also provide realistic cost-benefit data. Moreover, there is a need to exchange best practice and to harmonize Member State initiatives. The European Commission's Directorate General for Information Society and Media has taken some initiatives in this regard.

The complete report is titled Biometrics at the Frontiers: Assessing the Impact on Society.

Source: European Commission Directorate General Joint Research Centre (JRC).

Selected Biometrics Standards
ANSI INCITS 383
Information Technology - Biometric Profile Interoperability and Data Interchange Biometrics-Based Verification and Identification of Transportation Workers
ANSI INCITS 394
Information Technology - Application Profile for Interoperability, Data Interchange and Data Integrity of Biometric-Based Personal Identification for Border Management
ANSI INCITS 395
Information Technology - Biometric Data Interchange Formats - Signature/Sign Data
ANSI INCITS 398
Information Technology - Common Biometric Exchange Formats Framework (CBEFF)
ANSI INCITS 409.1
Biometric Performance Testing and Reporting Part 1: Principles and Framework
ANSI INCITS 409.2
Biometric Performance Testing and Reporting Part 2: Technology Testing and Reporting
ANSI INCITS 409.3
Biometric Performance Testing and Reporting Part 3: Scenario Testing and Reporting
ANSI INCITS 409.4
Information Technology – Biometric Performance Testing and Reporting – Part 4: Operational Testing Methodologies
ANSI X9.84
Biometric Information Management and Security for the Financial Services Industry
BSI BS ISO/IEC 19784-1
Information Technology - Biometric application programming interface Part 1: BioAPI specification
BSI BS ISO/IEC 19785-1
Information Technology - Common Biometric Exchange Formats Framework Part 1: Data element specification
BSI BS ISO/IEC 19785-2
Information Technology - Common Biometric Exchange Formats Framework Part 2: Procedures for the operation of the Biometric Registration Authority
BSI BS ISO/IEC 19794-1
Information Technology - Biometric data interchange formats Part 1: Framework
BSI BS ISO/IEC 19794-3
Information Technology - Biometric data interchange formats Part 3: Finger pattern spectral data
BSI BS ISO/IEC 19794-4
Information Technology - Biometric data interchange formats Part 4: Finger image data
BSI BS ISO/IEC 19794-5
Information Technology - Biometric data interchange formats Part 5: Face image data
BSI BS ISO/IEC 19794-6
Information Technology - Biometric data interchange formats Part 6: Iris image data
CSA ISO/IEC 7816-11-05
Identification cards Integrated circuit cards Part 11: Personal verification through biometric methods-ISO/IEC 7816-11: 2004
Resources for Electronics Professionals
ELECTRONICS & TELECOM ENGINEERING STANDARDS NEWS
November 18, 2009
Internet Directory Moves Toward Internationalized Domain Names
The Internet Corporation for Assigned Names and Numbers (ICANN), which manages the Internet's core address directory, announced on Nov. 16 that ... more
November 13, 2009
Canada, U.S., Mexico Publish Compact Fluorescent Lamp Standard
The Canadian Standards Association (CSA) teamed with Underwriters Laboratories (UL) Inc. and Mexico's National Association of Standardization ... more
November 9, 2009
Agreement Reached on Far-Reaching EU Telecoms Reform Package
The European Parliament (EP) and European Council of Ministers reached agreement on Nov. 5 regarding the long-anticipated telecoms reform legislation ... more
November 5, 2009
ITU Approves G.hn Standard for Wired Home Networks
The International Telecommunication Union (ITU) approved G.hn, a technical standard for home networking systems and applications. ... more
October 30, 2009
EC Proposes New Uses for Spectrum Freed Up by Digital TV Switch
On Oct. 28, the European Commission (EC) set out plans for a coordinated distribution of newly available radio spectrum to encourage investment ... more
Show All..