Friday, October 20, 2017

How a convicted murderer slipped past group home background checks

Cropped photo of a criminal background check form

In New Jersey, nearly 8% of workers hired to care for the developmentally disabled evaded a state law requiring they undergo a criminal background check. Some applicants who were flagged with a criminal record got hired anyway.

New Jersey state law leaves the hiring decisions up to the group home or supervised housing provider, who can decide if an applicant has demonstrated “clear and convincing evidence of… rehabilitation.” This practice allowed one housing provider to hire a paroled convicted murderer. When auditors pointed out the worker’s criminal record, the employer called it an “oversight” and fired the worker. 

A recent report submitted by State Auditor Stephen M. Eells and Asst. Auditor John Termyna says that legislative changes may be needed. 

Among the report findings, 

  • 175 of 2,340 employees (7.5%) did not have a record of a background check in their file
  • Of 47,700 workers in group homes, supervised apartments and community care facilites, 4,087 (8.5%) had committed a state crime. 
  • In a random check of the files of 147 active employees, 19 were found to have criminal histories that could be disqualifying, including drug and assault offenses. 40 of the files didn’t contain enough information to make a determination.
  • In a review of Federal background checks, 72 of 53,200 had a serious disqualifying offense such as armed robbery or murder. One of 72 was the convicted murderer hired as an oversight, above. 

People with developmental disabilities may rely on staff for everything from basic care – help with feeding, dressing and bathing – to transportation to and back from jobs and social programs. The pay is low and the turnover is high. Advocacy groups have made it a goal to have the starting wage raised to attract more qualified workers.

The report from the State Auditor’s Office states that better monitoring of residential programs is needed to prevent employment of workers with disqualifying criminal background histories. It’s important that state and federal background checks to be done on those who work with disabled individuals, and that the residential programs are in compliance with the handling of background checks when hiring employees.

How a convicted murderer (and others) slipped past group home background checks

By Susan K. Livio, posted on Oct. 18, 2017,

Report: Department of Human Services Licensed Residential Programs Serving Individuals with Developmental Disabilities

New Jersey State Legislature Office of Legislative Services Office of the State Auditor,
July 1, 2012 to April 30, 2017

Thursday, October 12, 2017

New fingerprint test reveals surprising details

Photo of mass spectrometry fingerprint test
Photo Credit: BBC News

A new fingerprint test using mass spectrometry can detect a wealth of surprising new information from a fingerprint, including...

  • The sex of the person that left the print
  • What food or drink they may have consumed
  • Whether they’ve taken drugs
  • Whether they’ve touched blood
  • Whether they’ve touched cleaning products or cosmetics
  • Whether they’ve touched a condom – and even what brand

Your fingerprint contains molecules from your body and molecules from what you’ve touched. In mass spectrometry, a sample from a fingerprint is vaporized and fired through electric and magnetic fields. The particles of different mass react differently. The results are compared to known substances, and the team is able to identify the molecules within the print.  

This technology has been able to detect blood in 30 year old fingerprints which means it could be valuable in helping to solve cold cases. The research by teams from Sheffield Hallam University working with the West Yorkshire, UK Police has been ongoing since 2012. The new testing is expensive, but is expected to start being used in high profile cases within months.

October 10, 2017 published by BBC News | Sheffield & South Yorkshire

Thursday, October 5, 2017

US reviewing alternate solutions to using Social Security Number as ID

Photo of old Social Security cards

Photo credit: zimmytws/Bigstock

Rob Joyce, White House cybersecurity coordinator, has confirmed recently that the White House administration is consulting with officials from outside agencies to work out a better system for identifying Americans. The recent breach at Equifax, one of the nation’s top 3 firms collecting data for credit card applications, underscores the need for change.

When the Social Security Number system was created by the Social Security Administration in 1936, it was intended solely for keeping track of individual earnings. Due to convenience, SSNs were quickly adopted by the private sector. Now they’re used for everything from loans and purchases, to marriage licenses, job applications, medical forms and more. They are so widely distributed, they can hardly be considered private, and are highly susceptible to hacking.

Social Security Numbers are not hard for a determined hacker to decode. The first 3 digits are a geographical code for the area you lived when you registered. Your birth date is also used when creating your number. If there’s one piece of information that is more widely distributed than your SSN, it’s your birthday. With your location and birthday, your SSN becomes relatively easy to figure out.

Social Security numbers are difficult to get replaced. To replace it you would have to show proof of continued harassment, and have documentation to prove your identity You can’t have it changed just as a precaution. Actual biometric scan data also can’t be changed. Many are concerned that this information could also be stolen from the agency storing it.

So what’s the best solution? Rob Joyce told a forum at the Washington Post that the administration is considering “modern cryptographic identifiers.” This may involve “a public and private key,” and the ability to get a new identifier if one has been compromised. In addition, we may end up having more than one identifier, specific customer ID’s for different purposes, which would allow Americans more control over their data.

By AFP on Oct. 03, 2017, Security Week

By Hayley Tsukayama, Sept. 20, 2017, The Washington Post

Friday, September 29, 2017

UK supermarket first to accept finger vein pay

Photo showing payment by finger vein scan

Customers of the Costcutter store at Brunel University in London don’t need cash or a credit card to pay for purchases. No PIN number or password to remember. They can now pay with a quick scan of the unique vein pattern in their fingertip. Their biometric data is linked to their bank card for payment.

In the store, a small scanner uses infrared light to read the shopper’s finger vein pattern. When you put a finger in the scanner, it checks for a pulse, and for the presence of hemoglobin (a protein molecule in red blood cells). This is a secure method of biometric authentication. To date there have been no reports of this type of biometric security being hacked.

The retailer does not keep the biometric data. The data is stored in an encrypted form, as binary numbers, by the financial institution – here Worldpay UK. This is similar to the way personal and credit card information can be saved by a financial institution for an online retailer to provide shoppers a convenient payment method.

Students appreciate the convenience of being able to shop on the go without carrying a wallet or handbag. The store expects to have 3,000 of 13,000 students signed up by November. Sthaler, the finger pay technology company, hopes to bring the technology to more retail stores, as well as nightclubs, gyms, football clubs and more. Vein pay technology is already being used in some countries – Poland, Turkey and Japan – for cash withdrawal at ATMs.

British supermarket offers 'finger vein' payment in worldwide first  

By Katie Morley, The Telegraph UK, September 20,2017 

Monday, September 18, 2017

Biometric Security for Mobile Banking

Photo representing biometric security for mobile devices

Over 120 million consumers used biometric authentication for mobile banking in 2015, according to a report from Goode Intelligence. That number is expected to reach over a billion by the year 2020. The huge growth of biometric security is not surprising when considering the many benefits to consumers and banks.

For consumers, passwords are hard to remember and easy to steal. One way passwords are stolen is through phishing emails, purporting to be from your bank, asking you to change your password. If you enter your username and password, and some credentials, you’ve just given a fraudster a means of entering your account. Using biometric security as a second means of authentication to access your account would help protect you against this fraud.

It's good to know there are protections in place for your biometric data:

  • Biometric data doesn’t have to be centrally stored. If you use a fingerprint or facial scan to log into a bank account, the image itself resides on your device. It is not stored on a server at your bank.
  • Biometrics are generally used as a second layer of ID. Your authenticated smart phone or computer is the first layer. A thief would need to steal and establish control over your mobile device to access your account.
  • Liveness detection helps prevent spoofing. Liveness detection assures that the fingerprint or face being scanned is from an actual person, not a photo, video or model. 

Given the ease of using biometric authentication versus the difficulty of remembering and constantly changing passwords, biometric security is gaining acceptance among consumers. Biometric security also helps protect banks from billions of dollars of losses due to fraud. It’s becoming standard for mobile banking. 

Banks may only allow their customers to use mobile banking for low value transactions such as purchases or online bill paying. Loans and other services, for example adding a new beneficiary, may require more security precautions.

Mobile Biometric Security in Digital Banking

By Aware, Inc., July 25, 2017

Over 1.1 Billion Users of Mobile Biometrics for Financial Services by 2020

Goode Intelligence research report, December 4, 2015 

Friday, September 8, 2017

Researchers able to model facial features from DNA data

Comparison of 3D Facial Imaging and Human Faces
Image Credit: PNAS

Researchers from Human Longevity, Inc., have used machine learning to link DNA genome data to facial and physical traits and are now able to use facial modeling and other physical trait predictions to identity people. 

In a study with over 1,000 ethnically diverse participants ranging in age from 18 to 82, researchers were able to correctly identify about 80% of ethnically mixed participants and 50% of African American or European participants.

DNA genome information is used to create a facial image predicting face shape and features, including eye and skin color. It also is used predict sex, age, height and weight. Eye color, skin color and sex were predicted with the greatest accuracy. 

Researchers would like to expand their study to hundreds of thousands of participants to refine their algorithms, but are also highlighting the need for better safeguards of participants’ privacy. While most would probably agree that using new facial imaging technology to create realistic mugshots of criminals is a good thing, privacy issues and possible future uses need consideration.

If your DNA can predict your personality traits, could this information potentially be tapped into by possible employers? If your possible health problems can be predicted, would health insurance companies have access to this information and be able to use it against you? The research team advocates, “more public deliberation is needed as more and more genomes are generated and placed in public databases.”

Researchers from Human Longevity, Inc. Use Whole Genome Sequence Data and Machine Learning to Identify Individuals Through Face and Other Physical Trait Prediction

Human Longevity, Inc. Press Release, Sept. 5, 2017

Identification of individuals by trait prediction using whole-genome sequencing data

Authors Info

Article published on, June 28, 2017

Thursday, August 31, 2017

The fight against synthetic identity fraud

Photo collage portraying a computer hacker

Most people think of identity fraud as the theft of one person’s information. A widespread, fast growing threat is synthetic identity fraud. In synthetic identity fraud, a criminal might take the name of one person, the social security number of another and mix in some phony details to create a new fraudulent persona. The new personas, called “fullz” are then sold on the black market. Criminals use the fullz as they attempt account takeovers (ATOs) of legitimate existing accounts. 

In a 2017 report by Javelin Strategy & Research, a record 15.4 million Americans were affected financial fraud in 2016, a 16% increase from 2015. Losses amounted to $16 billion dollars. Consumers pay for this loss in the form of higher prices and interest rates.

It's hard for consumers to spot this type of fraud in a credit report because some of the information resides in sub files, not visible in the parts of the report that consumers see. A consumer concerned about fraud will want to check their credit report several times a year. The social security numbers of children are prime targets, because the fraud may remain undetected for years.

One significant way financial institutions are fighting back against ATO fraud is with behavioral biometric authentication. With behavioral biometrics, a computer algorithm is used to learn the way you enter data, the speed of your typing, the pauses, the accuracy, even the pressure on a keyboard. If someone tries to open an account in your name, behavioral biometric authentication can identify the profile mismatch and shut the application down.

For consumers, good advice about protecting oneself against identity theft can be found on Identity Theft. How to protect yourself against identity theft and respond if it happens. An identity theft recovery plan is also downloadable.

How biometrics can fight synthetic identity fraud

By Kayla Matthews, August 28, 2017, on

Identity Fraud Hits Record Number of Americans in 2016

By Herb Weisbaum, Feb 2 2017, on