The tension in facial recognition

Facial recognition camera

The rise of facial recognition technology and the erosion of privacy

In the 2002 movie Minority Report, Tom Cruise’s character has his eyes surgically replaced so he can avoid being identified by the all-pervasive retina scanning system that the state uses to track people… and of course, uses to show targeted ads to people. This is a rather dystopian view of the broad application of biometrics technology.  However, judging by a lawsuit targeting Macy’s for their use of Clearview AI’s facial recognition technology in their stores, it seems that staying anonymous in the bricks and mortar world is becoming a little more like the movie. Whilst you may not require surgery, you may soon require something akin to glasses and a fake beard to avoid being tracked. The issue here is that Clearview AI has been scraping images from publicly viewable sources on the web for a while, enabling them to create a database of facial biometrics against which to match captured facial images. Amongst the sources of this data are Facebook, Twitter, LinkedIn, YouTube and Vimeo, with some of these companies having sent cease and desist letters to Clearview AI for breach of their terms of service.  The aim it seems is for Clearview AI to create a one-to-many facial recognition solution that can identify an individual from only an image of their face from anyone who is in a photo or video on the web.  Based on a report on Buzzfeed, they were working with over 2000 companies as of February 2020, and they are probably not alone, so perhaps we should be concerned.

Identity in Vegas

Identity, authentication and authorisation are amongst the hottest of hot topics in our world right now. Even if we put Apple and it’s new face recognition technology to one side, there’s no shortage of excitement at the intersection of biometrics and electronic transactions. Remember this from earlier in the year?

A UK supermarket has become the first in the world to let shoppers pay for groceries using just the veins in their fingertips.

From British supermarket offers ‘finger vein’ payment in worldwide first

As I wrote at the time, this came only a few weeks after people forwarded me a link from to Time Out, calling attention to a new payment mechanism using a new biometric identification technology to effect retail payments in a new way. The system, called Fingopay, uses a scanner at POS to recognise customers in pubs and bars by the pattern of veins in their finger and then charges a linked payment account. I did remark on the overuse of “new”, as the first time that Consult Hyperion blogged about this technology was more than a decade ago,  talking about mass market uses of biometrics and looking in the particular case study of Japanese banking, and it wasn’t new then! The technology has reappeared as a “new” solution to these same problems a great many times since then. It seems like every couple of years or so some stories about this new technology and new way to pay reappear. For example…

The BBC were kind enough to invite me on to their lunchtime “You and Yours” magazine programme to discuss this innovation. I think they were a tiny bit surprised, to be honest, when I told them that the technology was eight years old! I also told them, in the spirit of openness and integrity that is associated with the good name of Consult Hyperion throughout the civilised world, that we had been retained by Hitachi some years ago to carry out a study on the security of this product and its suitability for certain financial services applications.

From We’ll be giving Barclays the finger next year | Consult Hyperion

The truth is that the idea of using fingers instead of cards goes back a long way (I can remember Piggly Wiggly exploring it in 2004) and reappears with regularity. So what’s different this time? Well, for one thing, we now have open banking. With strong customer authentication (SCA), risk-based authentication at POS and standard APIs for third-party access to accounts, retailers and other will soon be able to process payments themselves by obtaining payment institution (PI) licences and obtaining consumer consent for access to their bank accounts. Thus, putting your finger on a reader in store and having the retailer instruct an immediate instant payment transfer from your account to the retailer account looks like a more promising model this time around.

It’s the combination of technology (convenient biometric authentication), business (non-bank third party services) and regulation (open access) that means that the payments world is going to see more change in this space in the next year than in the previous ten. Almost every payment conference in that decade has highlighted the “identity problem” yet no-one was going anything about it. Now we have mass market solutions just around the corner.

Anyway, all of this is a roundabout way of saying how excited I am to be chairing the Money2020 workshop “Identity is Fundamental” in Las Vegas next week. We’re going to be talking about the latest trends in identification technology, authentication in the mass market and much more. And we have a detailed case study from Canada, as we have Toronto Dominion and SecureKey talking about the Canadian banks’ ambitious project to fix the identity problem with, amongst other things, the blockchain. You’d be mad to miss it, so look forward to seeing you in the Titian Room on Level 2 of the Venetian next Wednesday at 8.30am. Oh, and if you want to say hi to me or any of the Consult Hyperion team in Las Vegas next week, just email, tweet or message me on LinkedIn.

Finger pay redux

A few people forwarded a link from Time Out to me last week, calling attention to a new payment mechanism using a new biometric identification technology to effect retail payments in a new way.

The latest in contactless payment – called Fingopay – uses a bartop scanner and allows customers to introduce their index finger when they’re ready to settle up. The unique patterns of the veins in each customer’s index finger – which need to be linked to their bank account in advance to make a payment possible – are electronically scanned on the spot in the aim of speeding up transactions at the bar.

From You can now pay for a pint using just your finger at a bar in Camden

I’m not sure if my repeated use of the adjective “new” in the introductory paragraph was entirely appropriate and I don’t want to be like all yeah whatever but… the first time that the technology was mentioned on this blog was almost exactly a decade ago, when I was talking about mass market uses of biometrics and the particular case study of Japanese banking, and it wasn’t new then.

Another group that includes Sumitomo Mitsui Banking Corp., Mizuho Bank and Japan Post use a similar system but it analyses fingertip vein patterns.

From Well, is this the year of biometrics? | Consult Hyperion (April 2007)

In addition to identifying customers at ATMs and Post Office counters the technology that they are referring to here, the Hitachi fingervein technology, has been used as an alternative to payment cards from its earliest incarnation.

Biometrics continue to advance in Japan with the news that Hitachi is teaming with Japanese issuer JCB to develop a biometric payment system based on its finger vein authentication technology that can be used as an alternative to cards and cash at the point of sale.

From Fingering suspects | Consult Hyperion (November 2007)

The technology has reappeared as a new solution to these same problems a great many times since then. It seems like every couple of years or so some stories about this new technology and new way to pay reappear. For example…

The BBC were kind enough to invite me on to their lunchtime “You and Yours” magazine programme to discuss this innovation. I think they were a tiny bit surprised, to be honest, when I told them that the technology was eight years old! I also told them, in the spirit of openness and integrity that is associated with the good name of Consult Hyperion throughout the civilised world, that we had been retained by Hitachi some years ago to carry out a study on the security of this product and its suitability for certain financial services applications.

From We’ll be giving Barclays the finger next year | Consult Hyperion

The truth is that this specific technology has been around for absolutely ages and the idea of using fingerprints as an alternative to payment cards at retail POS has been around for even longer. This from 2004:

The Piggly Wiggly grocery chain has announced it will begin offering a high-tech payment feature allowing customers in several stores to pay using their fingerprints.

From Grocery store goes to fingerprint payments

You can’t help but wonder what is different this time. Well, for one thing, we have PSD2. My memory of some earlier attempts may well be imperfect, but I have a vague recollection that these previous attempts at finger-based payments worked by tying the stored template to a card-on-file and then processing a card-not-present (CNP) transaction at POS (even though the cardholder was self-evidently present). Since the costs associated with CNP processing were much greater for the merchants, and the US was moving to no-signature stripe programs anyway because all of the terminals were online, the finger payments were slower and more expensive than stripe payments. Hence neither the merchants nor the consumers were greatly interested. Systems like this did make progress in closed environments (such as schools and prisons) but made no inroads into the mass market.

However, things are changing. We have strong customer authentication (SCA) and risk-based authentication at POS, we have interchange regulation and interchange plus acquiring in Europe and soon the retailers will be able to process payments themselves by obtaining payment institution (PI) licences and obtaining consumer consent for direct access to their bank accounts. Thus, putting your finger on a reader in store and having the retailer instruct an immediate instant payment transfer from your account to the retailer account looks like a more promising model this time around (but I have to say I am sceptical about traction in a world where consumers have mobile phones with them all the time and can obtain Internet connectivity even in Camden).

The decision to try out the new system in a pub, by the way, did bring on a wave of nostalgia. Here I am with my CHYP colleague Kate Hughes, my fellow Visa Business School instructor Joe Di Vanna and my old friend Mark Burgess testing out some early contactless products  in the bar at Robinson College, Cambridge. Joe claimed that he could do a cash transaction faster than contactless…

 

On a related topic, it is important to note that while fingerprints are unique, and all that, they are not without issue. For one thing, you leave your fingerprints everywhere you go. For another, you do not always have complete control over your fingers…

Wife exposed diplomat’s affair by using his thumb to unlock his iPhone while he was sleeping 

From Foreign office official ‘assaulted wife when she used thumb print to unlock iPhone’ exposing affair | Daily Mail Online

This is why those of us who understand security use Wickr or Signal to communicate with confidantes and always set a passcode for the application!  The point is that fingerprint security has failure modes and those could be exploited by any seven year old. Paging Groucho Marx: someone get me a seven year old…

7-year-old Harrison Green waited for his dad to fall asleep and then hovered his finger over the sensor, thus defeating his strong fingerprint encryption choice.

From 7-Year-Old Boy Uses Sleeping Dad’s Finger To Unlock iPhone

Having had a look through the Fingopay website, I notice a clever use of this particular feature (that is, the ability to use the biometric identifier without the consent of the owner).

We have developed an “in-case-of-emergency” ICE system that can be used to assist in identifying you even if you are unconscious

From – FAQs –

This might be more of a use case in Camden on a Friday night than a new payment mechanism! I suggest they also try my alternative solution which is to store a revocable token in tamper-resistant hardware and use the biometric for strong local authentication of that token. If people in Camden really don’t want to take even a card down the boozer, and are worried about waving a phone around because it’ll get half-inched at chucking out time, well, our friends on the continent have a tried and tested alternative.

everyone’s current favourite case study for this sort of thing is the Baja Beach nightclub in Barcelona, where patrons were offered the choice between a card and a chip and some of them chose the chip… The chips are the size of a grain of rice  (1.2 millimetres wide and 12 millimetres long) and injected (by a “medically trained” person, according to the New Scientist) under the skin in the upper left arm. 

From Chip ’em all | Consult Hyperion

One of my favourite conference jokes a decade ago (first used in a presentation to the International Association for Biometrics in September 2004) was that the chip is better than a card because you really can’t leave home without it. Now, to be honest, I’d prefer an implanted chip like that to biometric identification. Why? Well, the chip contains an ID number and no personally-identifiable information (PII). If some unauthorised person scans the chip, all they get is an ID number. If I use an app on my phone to allow a particular retailer the ability to charge against that ID number at specific times, or only with strong authentication (e.g., a PIN or a fingerprint or whatever), that seems both convenient and secure.

If you’re too squeamish to have a chip implanted (I’m not – in fact I begged them to implant one on stage at a Consult Hyperion Forum but they wouldn’t do it because the chips were not licensed for use on people in the UK) then there’s an alternative I can suggest. One of my favourite conference jokes right now is that you can always have a QR code tattooed on to some part of your body. Private key vs. privates key* (geddit!).

 biometric payments

* If you know a better PKI-related joke I am literally all ears.

Facing the facts

I always have a lovely time in Sydney, one of my favourite places in the whole world, and I had a particularly lovely time down there last month at the Biometrics Institute Asia-Pacific conference at their invitation.

 Biometrics Institute Asia Pacific

I was asked there to talk about biometric authentication for digital identities, but most of the other talks were about biometric identification. These included a superb talk by Patrick Nemeth, Director of the Identity Operations Division, Office of Biometric Identity Management (OBIM) at the Department of Homeland Security (DHS), who was talking about the practicalities of their work and their plans for the future. 

Patrick mentioned in passing that in future they will start storing DNA, not for identification but for the purpose of “familial matching”. So if somebody turns up at an airport with a child and claims to be a parent or sibling, the new technology means that it will only take around two hours to determine whether there is a familial match, which I thought was pretty cool. I could not, however, resist the mischief of pointing out that in the UK, around one in 25 children are not related to their presumed biological father. In the US it is approximately around one in 20 and according to some web reports that I found, in some parts of Florida it is supposedly a third!

You can just imagine the embarrassment of JFK can’t you? When you filled in that customs form?

“How many members in your family group?”

“Three.”

“Please guess again”…

Oh well. Interestingly, and more relevantly, Patrick said that OBIM would not be going any further with fingerprint technology would be exploring voice recognition for immigration services and face recognition at points of entry. This technology used to be absolutely hopeless, but I am sure that it has improved considerably.

A system installed a Keflavik airport in Iceland — not primarily aimed at terrorists but at drug dealers, missing children and so on — never matched a single wanted person

From Home biometric fun | Consult Hyperion

Actually, I know that it has, because one of our recent projects involved due diligence on a face recognition system installed in Latin America. Patrick went on to say that he expected the private sector rather than the government to make the next technological breakthrough in face recognition. I wondered if he was referring to recent Russian breakthroughs in automated stalking:

FindFace, an app launched by a Russian startup two months ago, lets its users identify strangers from pictures of their faces. It does so by matching the photos against profile pictures from VK—also known as VKontakte—a Russian social networking website similar to Facebook.

From How Russia’s New Facial Recognition App Could End Anonymity – The Atlantic

The genie is well and truly out of this bottle and I can only see two long-term outcomes. Either we become socially attuned to tracking at all times in all non-private spaces or we become socially attuned to hiding our faces using some form of burkha. In fact, burkhas might become the norm in public places because the biometrics guys are not just trying to do face recognition, there are also looking at body recognition (there was a very good presentation about this as well, by the way).

How life will change! It will be a quasi religious experience I suppose when you only take off the burkha and reveal your face when at home and in the company of family or close friends. It looks as if my plan to make my fortune by manufacturing Facebook-blue burkhas in a variety of sizes is looking better all the time.

Time to get rid of my dongle

I just had to quickly log in to my online banking service to transfer some money to someone who doesn’t have PingIt, yawn. So I had to enter my sort code, account number and name and then use my bank’s 2FA dongle with my chip and PIN card to get a security code to enter in to the web site to log in to create a new payee and then send the money. I have to say that it all worked OK, but in an age of touchID it’s beginning to feel a little tired. While I was doing it, I started to think about the way that I could log in to my USAA account just by looking at my phone.

Biometric log-on is the latest effort by USAA to offer novel solutions to its members. The app is designed to heighten security as well as to improve the overall member experience.

[From Biometrics in Banking – PaymentsJournal]

Logging in by looking at your phone is, just as touchID is, about convenience before it is about security but it  certainly does enhance the latter. The way in which different biometrics are combining with the smartphone to create a new security landscape is starting to shape the mass market and it is really interesting to be working with our clients on bringing the technology to market and exploiting it effectively in different sectors.

Voice biometrics, fingerprints, iris scans, and other authentication options are beginning to replace passwords as a means to verify a user’s identity and simplify the login process when banking online or via a mobile device. The key is to provide enhanced security against hackers while improving the overall user experience.

[From Biometrics: Fighting Fraud and Protecting Identity In Banking]

If you are interested in this sort of thing, there’s a terrific lunchtime roundtable on biometrics in banking coming up. It’s organised by the Centre for the Study of Financial Innovation at SWIFT in the City on 11th May. The panelists will be:

  • Rick Swenson, the USAA Executive responsible for Fraud Operational Excellence and Strategic Initiative who will share USAA’s experiences with biometrics and explain why their approach has been so successful.
  • Oran Cummings from MasterCard, who will give an international perspective on the use of biometrics in the financial sector.
  • Keith Gold, formerly with IBM Banking and Financial Services Europe, who has been helping the CSFI to understand the requirements of an ageing population, will talk about the importance of biometrics in the useability toolkit needed to this key segment of bank customers (or, why looking at a mobile phone is easier than remember a PIN for most of us!).

The usual well-informed and wide-ranging discussion will ensue, with wine and sandwiches for all. Don’t miss this opportunity to learn from Rick while he is visiting the UK. There may be a few places left at this free event, so if you’re interested in seeing how the biometric state of the art is advancing in banking, contact anna@csfi.org for further details and to reserve your place.

Biometrics are already mass-market for banking

Dgwb blog white border

Biometrics aren’t really futuristic any more, and even in as conservative a sector as banking they are being deployed in the mass market. I’ve helped to organise a CSFI roundtable on the topic to share some practical experiences. (Revised 22nd April 2015 with updated roundtable details.)

We’ll be giving Barclays the finger next year

Dgwb blog white border

Biometric authentication against a device with tamper-resistant hardware is a good general-purpose solution for mass-market online login. For the foreseeable future, that device will be the mobile phone and that biometrics will be the fingerprint, but Barclays use of finger vein scanning is still interesting.


Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.