Traceless Biometric Technology - Enabling Secure Transactions without Storage of Unique Biometric Information

                                                                                         

As with many rapidly expanding technologies that affect social life, biometrics has in a justifiable manner come under attack by civil libertarians. Privacy advocates argue that biometrics will lead to an even deeper erosion of personal privacy in both the real world and cyber-space. In this paper we study the many privacy concerns which have emerged following the increase in use and the popularity of biometric systems for identification and authentication purposes in digital and physical environments. We will argue that contrary to critics' arguments, Innovya’s traceless biometrics solution is in fact completely traceless and noninvasive with regard to personal privacy. Further, we hold that if these new traceless biometric systems are used in conjunction with existing security mechanisms (such as public-key algorithms), they can provide almost foolproof protection for electronic transactions and other operations in smart environments. The key element however, is that government intervention, in the form of a set of standards for how the new traceless biometric solution will be adopted, is an absolute necessity for complete privacy protection.

Our goal is to demonstrate how traceless non-unique biometric systems can themselves be advocates of privacy. We do so by answering the following questions:
1) How can traceless biometric systems be designed so as not to intrude into personal data sets?
2) How can government intervention through legislation guarantee privacy protection of users by adopting and enforcing the new traceless biometric authentication and identification systems?
3) In the absence of government regulation, how much reliance can users of biometric systems have on self-regulation for privacy protection?

We start off by examining the authentication and identification requirements of networked digital environments, as well as the privacy requirements of such environments. This is followed by a review of how traceless biometric systems are compatible with privacy requirements. We will close by looking at how the possible implications of regulation of the biometrics industry, both from government and the technical community may affect today's digital world.

Innovya Research & Development, an Israeli startup, has developed a new Traceless Biometrics Solution that clearly authenticates users’ identity without requiring the storage of any unique biometric information. Furthermore, the solution does not need to link, write, or bind any unique information to an external device, smart card, or network of any kind. The solution’s method is able to positively recognize and identify biometric identity in real-time without violating the user’s privacy and without leaving any intrinsic traces. The company was founded in 2006 by Michael (Micha) Shafir and Ronen Blecher, both experienced entrepreneurs from the network security devices industry. The company owns a revolutionary patented platform and method for Traceless Biometric Identification.

Innovya is in the process of developing and providing a method for identifying an individual through a biometric identifier that is designed to be non-unique. Innovya has created an amorphous biometric identifier agent, or ‘BIdToken’ (Non-unique Biometric Identifier Token), which is designed to be biometrically traceless, so that an exact image or copy of the biometric information is not maintained. Instead, the one directional BIdToken refers to an incomplete identifier obtained from biometric information, which is non-unique. By ‘incomplete’ we mean that the biometric information itself cannot be reconstructed from the BIdToken even with the device that originally allocated the biometric token identifier. Using this method, the individual has to be present during the identification process since the (secret) token identifier itself has no true value except in a particular biometric identification transaction. This is important in order to avoid an association with recorded values or any other unique characteristic.

Systems cannot determine the identity of actual user:

News stories of Internet privacy threats are commonplace these days. The Internet was designed as an inherently insecure communications vehicle.
• Hackers have easily penetrated the most secure facilities of the military and financial institutions.
• Internet companies have designed numerous ways to track Web users as they travel and shop throughout cyberspace. ‘Cookie’ is no longer a word associated solely with sweets. It is now associated with cyber-snooping.
• Identity thieves are able to shop online anonymously using the credit-identities of others.
• Web-based ‘information brokers’ sell sensitive personal data, including Social Security numbers, relatively cheaply.

A long-time goal of computer scientists, specifically those specializing in Artificial Intelligence, has been to create computer systems that are able to simulate human intelligence. At the same time, researchers have continually been concerned with improving the identification and authentication methods used for access to computer systems and networks. Biometric authentication systems are a natural extension (to computers) of the recognition methods that humans have used since the beginning of time. In these systems, physical or behavioral characteristics of the person to be authenticated determine whether he is indeed who he declared himself to be - this is analogous to how people recognize each other (i.e. how they identify others and verify that the person is who he appears to be) by examining physical features that are essentially unique to the other person, like his face.

Security is a fundamental requirement of any digital environment:

One key security principle that must be included in any security policy of a system in such an environment is accountability - someone must be responsible for each action that takes place in the digital space. Accountability therefore, necessitates identification. Furthermore, the system must be able to verify a user's claim to Identity X. In other words, identification necessitates authentication.

Knowledge-based authentication is the most commonly used method for verifying a user's identity to a computer system. Indeed, authentication by knowledge has several advantages: it is easy to implement, users can protect their knowledge - typically a password - easily, the knowledge is portable, and it can be simply changed if it is compromised. At the same time however, authentication based on knowledge of a password is often insufficient in preventing unauthorized access to computer systems. Password-based authentication systems are vulnerable to offline dictionary attacks, and exhaustive-search attacks. In an offline dictionary attack, the attacker will steal a password file which stores a number of encrypted passwords, and then encrypt each word in a dictionary to see if any of them match the encrypted password(s) on the file. In an exhaustive-search attack, all possible passwords of the minimum length are encrypted and compared against the encrypted password in the system. Another problem with password-based authentication schemes is that it is difficult for users to come up with strong passwords. "A good password is easy to remember and hard to guess ... Something is easy to remember if it is meaningfully related to other things one knows. These same relationships make it easy to guess." The prevailing techniques of user authentication, which involve the use of either passwords and user IDs (identifiers), or identification cards and PINs (Personal Identification Numbers), have several limitations. Passwords and PINs can be illicitly acquired by direct covert observation. Once an intruder acquires a user ID and password, the intruder has total access to the user's resources. In addition, there is no way to positively link the usage of the system or service to the actual user; that is, there is no protection against repudiation by the real ID owner. For example, when a user ID and password is shared with another individual such as a friend, family member or colleague, the system cannot determine the identity of the actual user, which can be particularly problematic in case of fraud or other criminal acts, or when payment may be made.

Credit card fraud:
A similar situation arises when a transaction involving a credit card number is conducted on the Web. Even though the data are sent over the Web using secure encryption methods, current systems are not capable of assuring that the transaction was initiated by the rightful owner of the credit card, since both the real owner and the counterfeiter are using the same transaction initiation process which is, the entry of a credit card number and expiration date to the payment system. Indeed, for such transactions even the card itself does not need to be physically present, further increasing the potential scope of fraud and deceptive use of credit card information.

Biometrics contradictions:
Fortunately, automated biometrics in general and fingerprint technology in particular, can provide a much more accurate and reliable user authentication method. There are three classic bases for authentication: (1) something the user knows (a password), (2) something the user has (a key, a smartcard), (3) something the user is or does (biometrics). Biometrics is a rapidly advancing field that is concerned with identifying a person based on his or her physiological or behavioral characteristics. Examples of automated biometrics include fingerprint, face, iris, and speech recognition.

However, deploying biometric systems without sufficient attention to their dangers makes them likely to be used in a way that is dangerous to civil liberties because of the inherent property of biometric data, which is that it forms part of the person. There are two main phases in biometric authentication. In the enrollment phase, the user's intrinsic characteristic is measured. This may be a physical characteristic such as his fingerprint, hand geometry, retina vein configuration, iris pattern, face, or DNA, or a behavioral characteristic like his voice or signature dynamics. The main problem is; the data that is being collected in the enrollment phase is then analyzed to build a unique template. To authenticate a person with identity X, the characteristic must be measured again in the same manner, and then compared with the so called ‘trusted’ stored template. The person is then authenticated depending on how closely the freshly measured characteristic compares with the retrieved template. Turning the human body into the ultimate identification card is extremely dangerous. A fingerprint, a retinal or iris print, a face or other physical information used for the biometric data are part of the individual. They cannot be changed at all or can only be changed somewhat. Therefore, if the biometric information is used abusively and/or is distributed to third parties such as law enforcement agencies for example, the individual has little or no recourse, and cannot change the situation. The problem with the biometrics enfacement scheme is not merely the collection of biometrics, it is that the scheme is conceptualized to act as a means of collation of all government data, and indexing all significant civil transactions through a central database. Who will be responsible or compensate for lost, stolen and reconstructed unique biometric characteristics collections? People want to be able to draw a boundary circle around information about themselves and how they behave. They feel entitled to the ability to control all that falls inside this circle and they want to be able to regulate how, to whom, and for what reasons the information within the circle is disseminated. A life less monitored and less searchable is a life more private. Many countries are dependent on electronic data storage mechanisms. As this reliance continues to increase the question becomes one of safeguarding electronic information against misuse. There are thousands of databases of less permanent information about people on computers, often servers connected to the Internet. Names, addresses, credit card and bank account numbers are just some of the personally identifying information that is being stored by independent information traders, including state and federal governments. We all must be aware that biometrics exposure may take a long period of time to recover (actually a life-time period). Can anybody implant ‘new’ biometrics in case of exposure? Anything can be faked but, if someone owns your biometrics he practically owns your identity. Exposing or losing biometric property is lost for life.

Privacy and security are not the same:

Biometrics violating privacy and is harmfully traceable:
In the context of biometrics, privacy is a central issue because any biometric information about a person necessarily falls within the boundary of the privacy-circle. Hence, individuals are concerned about how any biometrically identifying information about them is controlled. Biometric properties from the perspective of traces or permanent storage can lead to undesired identification and tracing of the activities of an individual. Even if the biometric data is stored in an altered form that requires a complex algorithm to decipher, the uniqueness of the biometrics specimen, the speed and computational power available today makes any such protection scheme irrelevant.

Who can you trust?
It may seem that one of the issues that plagues card-based ID systems the security or integrity of the card itself -- does not apply for biometric systems, because ‘you are your ID.’ But the question of the reliability of the card is really a question about trust. In an ID card system, the question is whether the system can trust the card. In a biometric system, the question is whether the individual can trust the system.

What remains to be determined is the following:
1. Can the biometric information be collected, stored, or retrieved?
2. Can the biometric information collected be used both for criminal and non-criminal searches and suspicionless searches?
3. Can the system give the individual full control over his abandoned personal intrinsic information?
The following fact remains: there are no legal restrictions on biometrically identifying information, or biometric authentication systems. However: there are severe restrictions on collecting, creating, maintaining, using, or disseminating records of identifiable personal data. One immediate conclusion that we should draw is that biometrics authentication must be traceless.

When designing a security system, it is best not to make it too powerful. If an intruder manages to gain access, he has more power over you. Hence, security systems must be simple.

About the author:
Michael (Micha) Shafir – CTO, Inventor, seasoned entrepreneur (RadWare, MagniFire, PonsEye, PonsHoldings - Technology Greenhouse, CrossID, Innovya)

Email: Micha@Innovya.com
Direct: +972 54 48379



Article Source: http://www.Free-Articles-Zone.com