Wednesday, February 15, 2017

India moving to a biometric payment system by 2020?

Graphic representing Indian currency

India’s people and economy are still adjusting to the Nov. 8, 2016 ban on 500 and 1000 rupee notes (apx. $7.50 and $15.00 value in U.S. currency). At that time 95% or more of all transactions in India were cash transactions, 90% of vendors were only able to accept cash payment, and 85% of workers were paid exclusively in cash.

This bold economic move was meant to encourage a swift transition from a cash economy to a system of digital electronic payments. It was also intended to curb to corruption such as black markets, tax evasion, money laundering and counterfeiting. It is rumored that Pakistan was a source of counterfeit currency intended to fund terrorism.

Amitabh Kant, a leader of India’s top economic development agency, speaking recently at the World Economic Forum, told listeners that India could introduce a biometric payment system within three years that would render cash, as well as credit cards, obsolete.

Nearly 1.1 billion of India’s 1.3 billion people have already registered their biometric data with the government's biometric identification system. India is currently testing a biometric payment app that works with portable fingerprint scanners. Digital payments have indeed received a massive boost from the cash ban, but as less than 30% of Indians own a smart phone, there is much more work to be done.

First cash, now India could ditch card payments by 2020 

Rishi Iyengar for CNNtech,, January 19, 2017 

After Day 50: The Results From India's Demonetization Campaign Are In

Wade Shepard, Contributor, Asia #​ForeignAffairs,, January 3, 2017

Thursday, February 2, 2017

Brain waves too revealing for biometric authentication?

Artist imagining of brain waves

As researchers explore more secure ways of authenticating user identity to protect cyber security, one goal is to monitor user identity throughout a session, not just once at user log-in. Measuring brain waves for behavioral authentication (keeping track of a confidence metric throughout a user session) is a hot field of study. However Abdul Serwadda, a cybersecurity expert and assistant professor at Texas Tech University, warns that brain waves can do more than identity someone, they can reveal information most people want keep private.

Brain waves are read with an electroencephalogram (EEG). EEG reading devices are now a commodity item; for $100 you can buy an EEG device to wear on your head similar to a set of headphones. There are already video game apps that can operate using the player’s brain signals. Essentially any bright determined person can now write an app that interprets and operates using brain signals.

The study at Texas Tech, recently presented to the IEEE* International Conference on Biometrics, focused on determining if sensitive personal information such as medical, behavioral or emotional traits could be revealed from a person’s brain waves.

In the study, alcoholism was the trait used for testing. Diagnosed alcoholics and non-alcoholics comprised the test subjects. The result was that researchers reading brain waves were able to identify the trait of alcoholism about 75% of the time. They also determined they could greatly reduce the ability to detect alcoholism with only a slight reduction in the ability to accurately identity an individual.

Currently, the focus of research is to obtain accurate information with the lowest possible error rates. Serwadda would like to see the goal of research refined to be able to access enough information for accurate biometric authentication, while revealing minimal information about a user’s sensitive personal traits.

* Institute of Electrical and Electronics Engineers

Brain waves can be used to detect potentially harmful personal information

Texas Tech University, ScienceDaily Science News article, October 3, 2016

Public Domain Image, source: Christopher S. Baird

Thursday, January 26, 2017

Soon your heartbeat may be used to authenticate your health care records

Heartbeat graphic

Fingerprint are the most widely used form of biometric authentication, sometimes layered with iris scan or voice recognition for extra security. A future is not far away where your electrocardiogram (ECG) signals will be encrypted, and then decrypted for authentication and access to your medical records.

Heart ECG signals are received as wave patterns. They are unique to a person, based on one’s heart size, shape, and the orientation of the heart valves. The wave signals stay the same, regardless of how fast the heart is beating. ECG authentication is simpler than other techniques that rely on complex mathematical calculations and access key generation. 

There is one limitation however – one’s ECG signals change as one ages, or if one develops heart disease. Scientists are working to take these changes into account, and in the process advance the use of the ECG as a primary authentication method.

Many people use fitness monitors to keep track of their steps and heart rate. The next evolution may be wearing a device that monitors body data for diagnosis or overall health and sends ECG signals to a doctor’s office. The wearer’s EGC signals would also be used to authenticate and allow access to their records online. It’s easy to imagine that knowing their doctor’s awareness and attention is that much closer could give someone with heart disease a feeling of security, and possibly a little more freedom.

By Tarun Mittal, Christian Post Contributor, January 24, 2017

Wednesday, January 18, 2017

Can your fingerprints really be stolen from your Facebook photos?

Photo of young women taking a selfie photo

With the improved resolution of digital photography, the answer is… possibly. A researcher from the National Institute of Informatics has successfully obtained fingerprints from a photograph taken 3 meters (almost 10 feet) away from the subject. That peace sign you flash at the high pixel cell phone camera for your Facebook selfie might allow a thief to steal your identity, especially with a good photo of your face and the personal information you’ve entered into Facebook.

In 2014, hacker Jan Krissler recreated the fingerprints of the German defense minister Ursula von der Leyen. He used high resolution photos, including one from a press release from her own office, and one he snapped himself at close range. With the photos and a commercial fingerprint software he was able to reverse engineer an identifiable fingerprint.

While you may not be a high value target for thieves, your fingerprint information is static, so it’s worth protecting. If stolen, it could potentially be used fraudulently against you for the rest of your lifetime. It's good to know fingerprints are often used with passwords for an extra layer of security in biometric authentication. It's also a good idea to keep learning about changing technology. That way you’ll know what to do – or in this case what not to do to protect yourself.

Protect yourself from fingerprint theft in selfies, says Professor. No, really!

Sheetal Kumbhar for VanillaPlus, January 16, 2017 

Hacker fakes German minister's fingerprints using photos of her hands 

Alex Hern for The Guardian, December 30, 2014

Wednesday, January 11, 2017

New Study: Make TSA PreCheck free to save time and money

Long security line at NYC airport

A new study from the University of Illinois at Urbana-Champaign suggests making TSA PreCheck registration free would save the agency millions of dollars a year. TSA PreCheck enrollment allows travelers entry to expedited security lines and freedom from shedding shoes, belts and light jackets, and fussing with laptops.

Signing up with the TSA PreCheck program requires fingerprinting, an FBI background check, and an $85 processing fee. As of December 2016, there were 12 million enrolled in the program. The TSA has a goal of 25 million travelers enrolled by 2019. The U of I study recommends making enrollment free – at least for frequent flyers – to save millions of dollars, and help the TSA reach their goal. 

The study finds that it’s 4 times more efficient to screen passengers though PreCheck than the usual slow airport security lines. Twenty-five million people enrolled in the Precheck program would result in 300 million faster screenings per year, with an estimated $459 million savings. Allowing frequent travelers to enroll for free would cost an estimated $425 million a year, resulting in a net savings of $34 million.

The fee is not the only barrier to enrollment. Some might find fingerprinting and an FBI check intrusive. Some might not like the hassle of the time and the special trip to an enrollment facility. However, a recent Airlines for America survey found that significantly more people reported a better travel experience with the use of expedited screening programs: 49% for PreCheck, and 67% for the Global Entry program (expedited clearance for entry into the US), as compared to 35% of travelers overall.

Making airport PreCheck free could save TSA millions: report 

Mary Wisniewski, Contact Reporter for the Chicago Tribune, December 5, 2016

Thursday, December 15, 2016

How banks are using behavioral fingerprinting to help prevent fraud

Photo of woman using a tablet mobile device

Behavioral biometric “fingerprinting” software watches and learns a user’s typical behavior and then raises a flag when it sees use that doesn’t align with previous behavior patterns. Behavioral analytic software is catching on in banking, worldwide.

Behavioral biometric software is embedded in a bank's apps and online banking website. As an example, with a mobile app, the analytic software can capture the angle at which a user holds their phone, the amount of pressure used on the keypad, the speed of the typing and the typographical errors the user tends to make. A unique biometric profile is built for the user. If it looks like another user is trying to access the account, the software sends an alert to the bank which may bar access to the account. Even when a new user is setting up an account, the software will compare the user to a fraudulent behavior profile.

One key benefit of behavioral biometric software is that it can catch fraud as it is taking place, stopping it before it succeeds. Another advantage is that the protection is seamless; it takes place without any effort required from the customer. The software is also very effective at stopping automated fraud – automated behavior is very different from and easy to detect compared to human behavior.

A main concern of behavioral biometric software is false positives. Companies interviewed for the article below said that most of the alerts they receive genuinely turn out to be fraud, and with the success rate of fraud prevention, the software has more than proven its worth. However, if a person has an injury to their hand or wrist, or tries to access a banking account while inebriated, they may very well have trouble accessing their account.

Next-Gen Biometrics: Using the Force of Habit

Penny Crosman for American Banker, November 17, 2016

Thursday, December 8, 2016

Scientists have found a way to “fingerprint” the human brain

Tractographic reconstruction of neural connections via DTI
Thomas Schultz, Wikipedia

With advances in technology, scientists from Carnegie Mellon University have found a way to map the patterns of the brain in the finest detail, going beyond the mapping of larger region-to-region connections to mapping the patterns of point-to-point connections.

The non-invasive technology used is diffusion MRI. It’s used to track the movement of water molecules in the brain’s white matter pathways, called local connectome. No two brains have the exact same pattern, not even twins. In the study, scientists were able to determine if two imaged patterns were from the same person, or two different people, 100% of the time.

Also fascinating is that the brain's patterns shift and change over time, about 13% every 100 days. This supports current brain theory that beyond disease and genetics, one’s brain is changed by one’s environment, and by one’s life experiences.

This breakthrough is sure have great implications in other fields of study, but the first and most urgent application will be in the field of medicine. The changes in the brain’s connectivity patterns can be studied for markers for mental disorders and psychiatric illnesses. It’s possible that we’ll eventually be able to stop diseases before they have a chance to develop in the brain. Exciting prospects, indeed.

It’s Now Possible To Fingerprint Our Brain 

Staff Writer, The Wall Street Pit, November 27, 2016

Scientists Fingerprint the Brain

By Ben Andrew Henry | The Scientist, November 17, 2016