NPC
homeAboutProductsPurchaseEducationNewsSupportContact
spacer
Home > News
divider

arrow NPC in the News

arrow Press Releases

spacer






 

Interview with Ann Cavoukian - Privacy Commissioner

Subject: Biometric Encryption
divider

June 1st, 2008
Source: Nymity.com
logo

Nymity: What is Biometric Encryption?

Dr. Cavoukian: Biometric Encryption (“BE”) is a class of technology that allows you to use your biometric to generate or to encrypt a PIN, a password, or any alphanumeric string, that you may use for potentially numerous applications – to gain access to computers, to enter buildings, and to privately and securely prove identity. The PINs can be hundreds of bits in length – the length doesn’t matter because you don’t need to remember it!

Nymity: What are privacy issues associated with the use of biometrics that Biometric Encryption will address?

Dr. Cavoukian: Biometric data, such as fingerprints and facial images, are unique and permanent identifiers that are widely understood to be private and personal information, worthy of legal protection. But biometric data is also semi-public information too – our faces can be viewed everywhere we go, and our fingerprints left behind on everything we touch.

This dual nature of biometric data makes it ill-suited for use as secret passwords (e.g. access control) and for storage in centralized, networked databases, where it can be misused in many ways that can profoundly impact the individual. Yet identification and verification are the primary purposes for which biometric data are being used today. Both depend on storage and routine matching of biometric data.

As the use of biometrics becomes more widespread across society, so will the privacy and security risks associated with the growing collection, use, disclosure and retention of personal biometric data. These risks include: loss of individual control over one’s personal information; unauthorized cross-matching, secondary uses, surveillance, profiling and discrimination based upon biometric data; and the loss, theft, misuse and abuse of this personal data resulting in identity fraud and theft and other negative impacts on the individual. At stake is the trustworthiness of biometric systems and the behaviour of organizations that collect biometric data.

Biometric Encryption techniques can directly address most of these risks at the source, simply because an individual’s biometric data need never be disclosed, collected or retained in the first place! Instead of presenting biometric data that can be lost or misused, BE techniques transform the individual’s primary biometric image data into a virtually unlimited —and non-reversible— range of unique single-purpose alphanumeric data strings that can be used without fear of loss, correlation or misuse. These alphanumeric strings can then serve as passwords, encryption keys, or as anonymous identifier for use anywhere traditional biometric-enabled systems are used (e.g. authentication, access control).

Better still, if for some reason one’s unique BE identifier becomes compromised in some way, BE techniques allow it to be easily revoked and a completely new identifier to be generated from the same biometric, much like a new credit card number is issued when an old card is lost or stolen. With traditional biometrics, it is impossible to change one’s fingerprints or face if the biometric data is compromised. Using Biometric Encryption techniques, this problem is resovled because the original biometric data is only used to generate (or encrypt) other identifiers. Security is vastly improved!

As our paper describes in more detail, Biometric Encryption is a true privacy-enhancing technology (PET) that embodies three fundamental and universal privacy impulses: (1) data minimization, (2) enhanced user participation and control, and (3) strengthened security.

Nymity: For our non-technical readers, how does Biometric Encryption work?

Dr. Cavoukian: Let’s begin with what Biometric Encryption is NOT. It is not a technique to encrypt biometric images (or template) data. Nor is BE like conventional biometric systems that carry out a simple local match / no match (“yes/no” result) against a stored sample, which then unlocks the computer or door or reveals a longer password for further processing (and which is susceptible to tampering).

Rather, in BE one’s biometric is used only as an input, much like a long password, to generate unique data strings that bear no resemblance to the original input or to conventional biometric templates (so no biometric data is ever revealed, or revealable). The output of the BE process is computationally bound to the biometric input, not merely linked to it, so it is also more secure.

This is convenient, strong local password management! The original biometric data need never be disclosed or collected but instead, using BE techniques the same biometric can generate unique and unlinkable identifiers for different purposes and uses. Because BE techniques are configurable, new identifiers can be generated from the same biometric to replace existing ones if they are lost, stolen or compromised by the organization. BE helps defeat the possibility of cross-matching, surveillance and profiling on the basis of a single unique identifier. The possibility of identity fraud and theft arising from stolen identifiers is also sharply reduced by BE technology.

Because Biometric Encryption generates alphanumeric text strings, this output can be easily reproduced anywhere on disposable media, such as bar codes on boarding passes, for example, or on pill bottles or any sensitive document or product over which ownership or authenticity may need to be demonstrated. The privacy-enhanced uses and applications for Biometric Encryption techniques are unlimited (see below for suggestions)

Nymity: Please provide an example of how Biometric Encryption could be deployed in an employee situation.

Dr. Cavoukian: Let me ask first how biometrics are currently deployed in the workplace? Mostly, to record attendance and to control access to physical spaces and electronic resources. Around the world, there has been considerable angst and even confrontation surrounding collection and use of employees’ biometric data for corporate purposes. In such cases, the tendency of data protection commissioners the world over is to favour systems that: narrowly restrict the purposes for using biometric data; minimize the disclosure and collection of biometric data to the extent possible (e.g., hand geometry vs. thumbprints); and which are voluntary or discretionary in nature (meaningful consent option).

Biometric Encryption can achieve the same workplace objectives while obviating the risks, concerns and mistrust about data use that often accompanies biometric deployment. Biometric Encryption can go further, by permitting employees to easily and quickly encrypt and digitally sign electronic documents or messages without fear of unnecessarily revealing personal data, paradoxically helping to strengthen information security and accountability.

Nymity: Are there any private-sector customer related applications of biometrics being used where Biometric Encryption would be beneficial?

Dr. Cavoukian: BE can potentially achieve the same objectives of most private-sector customer-related biometric applications in use today, and enable new and innovative ones. This, without the need to create central databases and information systems filled with personal biometric data. Privacy-enhanced biometric systems promise enhanced consumer confidence and use if people can credibly believe that their personal data cannot be misused or abused, and that they are in control. Some possible applications for BE include:

  • biometric ticketing for events;
  • biometric boarding cards for travel;
  • identification, credit and loyalty card systems;
  • “Anonymous” labelling of sensitive records and files (medical, criminal);
  • consumer biometric payment systems;
  • access control to personal computing devices;
  • personal encryption products;
  • local or remote authentication to access dossiers held by organizations.

Nymity: Could Biometric Encryption be easily added to current deployment of biometric applications, or should organization ask their biometric solutions providers to add this feature to the application?

Dr. Cavoukian: Good question. As you know, biometrics can be deployed for many different purposes and in many different ways. The suitability of biometric encryption for any given application or use will depend on many different variables. We have provided three case scenarios to lead the way. Still more exciting new scenarios are possible, such as personal encryption products, and biometric ticketing, for which there is no current parallel. At the end of the day, however, Biometric Encryption is a young science that is very close to being operational and market-ready, but not quite yet. Expect this to change in the coming years as BE products and services begin to hit the market.

Nymity: In closing, were can an individual learn more about Biometric Encryption?

Dr. Cavoukian: Some excellent information resources are contained in the paper’s appendix. Since publication, we have been contacted by numerous BE researchers and vendors demonstrating their wares. We are very encouraging to learn of the extensive and wide scope of activity currently underway in this young field. Stay tuned for more announcements!


divider

 

 spacer
spacer btl bt btr
  bl
PRODUCTS
arrow The NPC™ Notebook
spacerComputer

spacerdownload info
spacer
spacerdownload buy		 NPC 8530p
spacer
divider
arrow NPC DataGuard™
spacerBackup & Encryption

spacer
spacerdownload info
spacer
spacerdownload buy		 NPC 8530p
divider
NEWS
arrow No Panic Computing®
spacerin the news
spacer
arrow Industry News
divider
CUSTOMER SUPPORT
arrow Contact Customer Support
br
  bbl bb bbr
 
border
footer

Privacy Policy | Terms of Use


Bookmark and Share

©2008 No Panic Computing Inc. NPC name and NPC logo are trademarks and/or registered trademarks of No Panic Computing Inc. All rights reserved.