Biometric database – knowledge is power

Biometric database – knowledge is power

This post is also available in: heעברית (Hebrew)

טביעת אצבע ביומטריתFor some time now a wide and passionate debate is conducted in Israel regarding the Biometric databse the country plans to implement on its citizens. On one side, those who side with it claim that establishing such a database will help form a better society since it will be easier to track down criminals on the basis of comparing distinguished means of identification for each person. On the other side, those against it are at an uproar as the establishing of a biometric database will allow anyone with access to it to use the date and, furthermore, despite of growing measure of security the goverment is promising to apply in anything relating to information decrypting, where only those authorized and with proper security clearance can access it, there have been cases where information, though supposedly accessibly to only a few, has been leaked to the public and it’s enough to remind the leak of the civil registry in 2006. There are also known cases of individuals who passed every possible screening and still gone astray.

Without addressing the debate mentioned, there are problems that exist inherently in the biometric identification system. Larry Hamid, an info intelligence personnel, claims in his essay in Biometric Technology Today that the fingerprint identification issue has several flaws: First and foremost – for different reasons, some people have lower quality fingerprint than others. Another problem is the credibility of the identification machines which is sometimes lacking. For example, when Apple issued the iPhone 5, one of the means to identify the owner of the device was a fingerprint. Several months after that, German hackers managerd to break into the system and bypass this security system by duplicating a fingerprint left on a cup and photographed in high resolution.

Another biometric identification technology is based on distinguishing facial features. Hamid mentions the objective difficulties using it as a sole mean of identification: when it comes to identifying a specific person, such as in an entrance to a secured complex, it required an exact match of a number of factors which some are ambiguous and can be changed; there must be a match in the angle, distance from scanner and light as they were on the day of the system registry. Another use for the visual scanner is done by tracking a specific person in a crowd, but this can also fail since artificial change in appearance, like with plastic surgery, can prevent the system from working properly.

However, the biometric identification gives a very high level of security, even if there some problems with the system. Of course, the old familiar method of information security and maintaining access through a password that combines digits and letters isn’t perfectly safe since hacking is always possible – whatever the hacker has to do is run as many passwords as possible through a computer system until they reach the right one. Hamid claims that he best security method will combine the two possibilities – the biometric with the password of digits and letters. Regarding the debate in Israel around the biometric database, he says that one mustn’t rule our the use of a biometric identity, but weak points must be acknowledged and learned to be dealt with by combining several security system, since there’s no such thing as “100% security”.