Indian Slumdwellers Protest Biometric Scanning of Impersonators. I Think

Who says that privacy is only an issue in the First World? According to The Times of India residents of Palsora and Lal Bahadur Shastri colonies have demonstrated against “alleged irregularities in the biometric test, which is being carried out in the slum areas to check “impersonation at any level.” The problem, it seems, is that people have been impersonating other people, sometimes twice, to register or occupy property.

A couple of interesting things about this. First off, this is not just any old biometric test. The administration, the story says, plans to test “all those living in slums [who] will have to furnish details of their fingerprints, photographs, face recognition, voice recognition, signature, shape of the hand, and other such details.” This sounds quite advanced. (Shape of the hand? Is this a first? ) Slumdwellers would also be asked to submit the usual stuff, such as “personal details, including date and place of birth, father’s name, number of family members, present address, et al.” All in all, that’s quite a survey. The government is going to have more data on the slumdwellers of Chandigarh than probably anyone else on the planet.

Slumdwellers are now protesting outside the regional government offices, probably as we speak. Well, not today, as it’s the Hindu New Year, I believe. However, they are not up in arms about this apparent invasion of their privacy (voice recognition?), but that “genuine people were being ignored in the survey.” I take this to mean (and I could be wrong) that the survey teams seem to be focusing mainly on impersonators. (Can that be right? – Ed) If true, this might be the first recorded Protest Against A Survey of Slumdweller Impersonators.

Biometrics Close To The Bone

Further to my column about fingerprint biometric scanners (subscription only ), I’ve heard from  a company working on a different kind of biometric security: Via the bone.

Last week, Mass.-based RSA Security Inc. (the guys who make the SecurID number tag, called ‘a two-factor user authentication system’ in the jargon) announced a joint research collaboration with Israel’s i-Mature, specialists in ‘online age recognition’. The two vow to bring together RSA Security’s cryptographic expertise and i-Mature’s Age-Group Recognition (AGR) technology to “work towards a unique solution that would genuinely improve the safety of the Internet for children, by enabling both adult and children’s sites to restrict their content more reliably to their appropriate audience”:

i-Mature has developed an innovative technology that can determine, through a simple biometric bone-scanning test, whether a user is a child or an adult – and thereby control access to Internet sites and content. AGR technology could help prevent children from accessing adult Internet sites and prevents adults from accessing children’s sites and chat rooms.

As far as I understand it, users wanting to visit a website would be required to press their fist against a small scanner, which would work out whether they are 18 or above, or 13 or younger, and then determine, based on software installed at the website itself, whether they are old enough to visit it:

Although the i-Mature website focuses not on confirming the identity of the user but his/her age group, the press release suggests that RSA’s involvement would fact bring some verification: The project would bring a “unique combination of technologies verifying that the person accessing the age-appropriate site is in fact who they claim to be,” the release says.

Obvious benefits? No need for the website itself to know who the user is or keep any data on them, since the scan is simply confirming age-group. Users can’t transfer their passwords or authentication tag to someone else (unless, I guess, if they happen to be around and ‘fist’ themselves into the computer for another user). Also not much work for the parent or teacher to set things up. It might prove popular with public Internet access, since providers might be able to use to limit underage surfing to a select number of websites.

Downsides? The website the person visits needs to have software installed to match the fist-tag. While some pornographic sites, for example, are going to be delighted to conform and limit access, I can’t imagine all of them are. And how many porn websites are there out there at any given point?

I assume RSA and (the rather oddly named) i-Mature are going to limit their targets to chat-rooms and more general websites, rather than the pornographic web. Indeed, the press release suggests as much: “The collaboration will include joint research as well as joint marketing activities around age-group recognition, including market education and engagement with government policy makers.”

Indeed, i-Mature has set its sights more broadly than the net: The press release says:

The protection and safety of children is also required outside the Internet arena. The AGR system complies with this since it is also compatible with mobile phones, television, video and DVD systems that can use AGR technology to prevent children from viewing harmful content. i-Mature can also partner with developers of computer games, online games and video games to block extremely violent and un-educational materials.

Sounds like something worth watching.

More On Fingerprint Readers

This week’s WSJ.com/AWSJ column (subscription only, I’m afraid) is about biometric fingerprint readers. Microsoft’s new offering seems to have reinjected some vigour into an otherwise obscure corner of the market.

As I say in the column, I’m not convinced that fingerprint scanners are the way to go, not least because of tested methods of fooling them, not least with Gummi Bears.

Anyway, beyond the products reviewed in the column, I’ve found a couple more:

  • The USB Fingerprint Reader from Taiwan’s Billionton, which seems to do what the others do, at around the same price (I saw on in Singapore’s Sim Lim Square for S$98, or about $60);
  • The Targus DEFCON Authenticator which includes OmniPass software, the same interface that is used by the APC model mentioned in the column. This I saw selling for about S$80, or about $50; integrated with the reader is a two-port USB hub which is a nice tweak.

I’ve found the one I’m using most is the Sony Micro Vault USM-C, which does a pretty good job of keeping nosey folk out of my computer, but can also store important files, encrypted and accessible only to people with my fingers, and/or Gummi Bears.

Fingerprint Readers And Baths

Something I’ve noticed about biometric fingerprint readers. They don’t work well after a bath. Why is that? Are our fingers different after a bath? I mean, they look different — all wrinkly, for one thing — but why does that mess up the fingerprint reader? I do my best thinking in the bath, and it’s getting frustrating to have to wait five minutes while my fingers return to normal before I can gain access to my computer. That’s the sort of warning they should put on the box.