The science of biometric security “is filled with promise” but still has a long way to go before it can effectively counter the threats of terrorism and identity theft, according to an eminent U.S. scientist.
Anil Jain, a distinguished professor of computer science and engineering at Michigan State University, told the American Association for the Advancement of Science annual meeting on "Strengthening the Scientific Basis of Biometric Identification and Authentication" that science is developing better sensors to gather the data that pinpoint an individual's identity.
"Biometrics is not necessarily proposed to replace the existing methods of identification, but to strengthen them. Having said that, there always are practical problems in deployment," Jain said.
He went on to note that biometrics has come a long way from its origins in the world of fingerprinting criminals to enter the world of hi-tech scanners – now popping up at airports and grocery store cash registers. And it is not just fingers – the iris of the eye also holds unique, and highly accurate, identifying traits. Even faces – susceptible as they can be to age, weight and fashion – are succumbing to the algorithms and data fusion that science offers, he pointed out.
The precision of biometrics is impressive, according to Jain. While the performance depends on the testing protocol and environmental conditions, it can exceed 99-percent accuracy. Yet the academic notes that as the technology becomes more pervasive, even small margins of errors can have consequences that range from "inconvenient and embarrassing to tragic."
He cited one highly publicized example as the case of Brandon Mayfield, a Portland, Ore., resident and U.S. citizen held for two weeks as a suspect in the Madrid train bombings in 2004. The FBI fingerprint system matched prints at the scene to Mayfield, and an independent examiner verified the match. But Spanish National Police examiners eventually identified another man who matched the prints. The FBI acknowledged the error and Mayfield was released.
Jain noted that many of the problems with biometrics come from scans being noisy and distorted. Fingerprints, for example, can be smudged or hard to read. But he added that better sensors are being developed that can differentiate between a live finger and a fake one. New methods also are being developed to gather fingerprint information below the skin surface, charting even pores.
As a way of better using current data, researchers should step up work on ways to sharpen existing scans and improve the millions of prints in the legacy databases, Jain said.
To improve accuracy, he argued that some applications should demand fingerprints and iris scans and facial identification – for added security or simply for convenience. He also believes it will become more important to understand performance on a large scale. Jain pointed out that even a 1-percent failure rate of false positives and false negatives could be disastrous if used at a major airport with high volume traffic.
As commercial uses become more popular, Jain added that science will have a greater role not only in improving biometrics, but also accurately representing the strengths and weaknesses of systems.
"Until recently, vendors were providing the performance data, but numbers were not realistic," Jain said. "In the field of biometrics, the academic community has started playing a role only recently. Vendors don't always have the best interests of science, but are more interested in selling the system and making a profit. Scientists have to tell the honest story and provide realistic performance – and that is not foolproof. That it is not foolproof no matter what people say."