Delta Airlines, the Transportation Security Administration (TSA), and a travel tech company called Pangiam have partnered up to bring facial recognition technology to the Hartsfield–Jackson Atlanta International Airport (ATL).
As of next month, Delta SkyMiles members who use the Fly Delta app and have a TSA PreCheck membership will be able to simply look at a camera to present their “digital ID” and navigate the airport with greater ease. In this program, a customer’s identity is made up of a SkyMiles member number, passport number and Known Traveler Number.
Of course, TSA PreCheck enrollment is provided by three other companies…but I digress. (I’ll digress again in a minute.)
Forbes goes on to say that this navigation will be available at pre-airport check in (on the Fly Delta app), bag drop (via TSA PreCheck), security (again via TSA PreCheck), and the gate.
Incidentally, this illustrates how security systems from different providers build upon each other. Since I was an IDEMIA employee at the time that IDEMIA was the only company that performed TSA PreCheck enrollment, I was well aware (in my super-secret competitive intelligence role) how CLEAR touted the complementary features of TSA PreCheck in its own marketing.
Back when automated fingerprint identification systems (AFIS) were originally expanded to become automated fingerprint/palmprint identification systems (AFPIS), a common rationale for the expansion was the large number of unsolved latent palmprints at crime scenes.
The statistic that everyone cited was a statistic that 30% of all latent friction ridge prints at crime scenes were from palmprints. Here’s a citation from the National Institute of Justice.
Anecdotally, it is estimated that approximately 30% of comparison cases involve palm impressions.
Note that the NIJ took care to include the word “anecdotally.” Others don’t.
It is estimated that 30 percent of latent prints found at crime scenes come from palms.
But who provided the initial “30% of latents are palms” estimate long ago? And what was the basis for this estimate? This critical information seems to have been lost.
Now I don’t have a problem with imprecise estimates, provided that the assumptions that go behind the estimate are well-documented. I’ve done this many times myself.
But sadly, any assumptions for the “30% of latents are palms” figure have disappeared over the years, and only the percentage remains.
Is there any contemporary evidence that can be used to check the 30% estimate?
Yes.
The blind proficiency study wasn’t blind regarding the test data
A Center for Statistics and Applications in Forensic Science study (downloadable here) was published earlier this year. Although the study was devoted to another purpose, it touched upon this particular issue.
The “Latent print quality in blind proficiency testing: Using quality metrics to examine laboratory performance” study obviously needed some data, so it analyzed a set of latent prints examined by the Houston Forensic Science Center (HFSC) over a multi-year period.
In the winter of 2017, HFSC implemented a blind quality control program in latent print comparison. Since its implementation, the Quality Division within the laboratory has developed and inserted 290 blind cases/requests for analysis into the latent print comparison unit as of August 4, 2020….
Of the 290 blind cases inserted into casework, we were able to obtain print images for 144 cases, with report dates spanning approximately two years (i.e., January 9, 2018 to January 8, 2020)….
In total, examiners reviewed 376 latent prints submitted as part of the 144 blind cases/requests for analysis.
So, out of those 376 latent prints, how many were from palms?
The majority of latent prints were fingerprints (94.3%; n = 350) or palm prints (4.9%; n = 18). Very few were joint impressions or unspecified impressions (0.8%; n = 3)….
The remaining 5 of 376 prints were not attributed to an anatomical source because examiners determined them to be of no comparative value and did not consider them to be latent prints.
For those who are math-challenged, 5 percent is not equal to 30 percent. In fact, 5 percent is much less than 30 percent. (And 4.9% is even less, if you want to get precise about it.)
Now I’ll grant that this is just one study, and other latent examinations may have wildly different percentages. At a minimum, though, this data should cause us to question the universally-accepted “30%” figure.
As any scientific institute that desires funding would proclaim, further research is needed.
And I’ll grant that. Well, I won’t grant it, but some government or private funding entity might.
The naming, or renaming, of a company is an important step in a company’s journey. While one should rightly concentrate on mission statements and processes and the like, the first impression many people will have of a company is its name.
So it’s important to get it right.
How my company was named
Sometimes the naming of a company is a relatively simple affair. For example, the company name “Bredemarket” is a combination of the beginning of my last name, Bredehoft, with the word market (derived from marketing).
Certainly the name is open to confusion (not that I was planning on doing business in East Sussex), but the name does communicate what the company is about.
I guess I could have called the company Bredewrite, but Bredemarket has grown on me.
Sometimes the naming of a company gets a little more involved.
How my former employer was renamed
When Oberthur was merged with the Morpho portion of Safran, the combined company needed a name (Oberthur was ruled out). So the company adopted the name “OT-Morpho,” indicating the heritage of the two parts of the company.
However, OT-Morpho was never intended to be the permanent name of the company. Everyone knew that the company would be renamed at some point in the future.
A few months later, as part of a razzle dazzle event, the new name of the company was revealed to an in-person audience in France and to people watching remotely all over the world (including myself).
If you don’t want to watch the entire video, the new name was…IDEMIA.
Some thought went into this name, as the accompanying press release noted.
In a world directly impacted by the exponential growth of connected objects, the increasing globalisation of exchanges, the digitalisation of the economy and the consumerisation of technology, IDEMIA stands as the new leader in trusted identities placing “Augmented Identity” at the heart of its actions. As an expression of this innovative strategy, the group has been renamed IDEMIA in reference to powerful terms: Identity, Idea and the Latin word idem, reflecting its mission to guarantee everyone a safer world thanks to its expertise in trusted identities.
However, some people didn’t like the new name at the time, and there was a big ruckus about how to pronounce the name. But at least some thought went into the name, and potential customers at least made the connection between IDEMIA and identity, if not to the other influences.
Some of IDEMIA’s corporate predecessors also had some stories behind their names.
My former employer MorphoTrak was the result of a merger between Tacoma-based Sagem Morpho and the Anaheim-based Biometric Business Unit of Motorola that was previously known as Printrak. In the same way that OT-Morpho represented the union of Oberthur and Morpho, MorphoTrak represented the union of Sagem Morpho and Printrak.
The Morpho in Sagem Morpho was an element of the name of the original French company that was founded in the 1980s, Morpho Systèmes. I don’t know exactly why the company was named Morpho, but the term can mean form or structure, or it can refer to a particular group of butterflies with distinct wing patterns.
And Printrak, a product name before it was a company name, was derived from the word fingerprint. (And presumably from the system that tracked the fingerprints.)
So even if you don’t like these names, at least some thought went behind them.
And then there are other cases.
How another company was renamed
Anyvision was a company that had been around for a while, specializing in using artificial intelligence and vision to provide security solutions. But recently the company decided to expand its focus.
[T]he company’s evolution and vision for the future…is shaped, in part, by a new collaboration with Carnegie Mellon University’s (CMU) CyLab Biometric Research Center. The CMU partnership will focus on early-stage research in object, body, and behavior recognition….
“Historically, the company has focused on security-related use cases for our watchlist alerting and touchless access control solutions….[W]e’re looking beyond the lens of security to include ways our solutions can positively impact an organization’s safety, productivity and customer experience.”
So with this expanded focus, Anyvision decided that its corporate name was too limiting. So the company announced that is was renaming itself.
Now some of you may have noticed that the name “Oosto” does not convey the idea of object, body, or behavior recognition in English, Latin, Hebrew (Anyvision started in Israel), or any other known language. As far as I know. (And yes, I saw what The Names Dictionary says.)
For those who have never looked at FRVT before, it does not merely report the accuracy results of searches against one database, but reports accuracy results for searches against eight different databases of different types and of different sizes (N).
Mugshot, Mugshot, N = 12000000
Mugshot, Mugshot, N = 1600000
Mugshot, Webcam, N = 1600000
Mugshot, Profile, N = 1600000
Visa, Border, N = 1600000
Visa, Kiosk, N = 1600000
Border, Border 10+YRS, N = 1600000
Mugshot, Mugshot 12+YRS, N = 3000000
This is actually good for the vendors who submit their biometric algorithms, because even if the algorithm performs poorly on one of the databases, it may perform wonderfully on one of the other seven. That’s how so many vendors can trumpet that their algorithm is the best. When you throw in other qualifiers such as “top five,” “best non-Chinese vendor,” and even “vastly improved,” you can see how dozens of vendors can issue “NIST says we’re the best” press releases.
Not that I knock the practice; after all, I myself have done this for years. But you need to know how to interpret these press releases, and what they’re really saying. Remember this when you read the vendor announcement toward the end of this post.
Anyway, I went to check the current results, which when you originally visit the page are sorted in the order of the fifth database, the Visa Border database. And this is what I saw this morning (October 27):
For the most part, the top five for the Visa Border test contain the usual players. North Americans will be most familiar with IDEMIA and NEC, and Cloudwalk and Sensetime have been around for a while.
A new algorithm from a not-so-new provider
But I had never noticed Cubox in the NIST testing before. And the number attached to the Cubox algorithm, “000,” indicates that this is Cubox’s first submission.
And Cubox did exceptionally well, especially for a first submission.
As you can see by the superscripts attached to each numeric value, Cubox had the second most accurate algorithm for the Visa Border test, the most accurate algorithm for the Visa Kiosk test, and placed no lower than 12th in the six (of eight) tests in which it participated. Considering that 302 algorithms have been submitted over the years, that’s pretty remarkable for a first-time submission.
Well, as an ex-IDEMIA employee, my curious nature kicked in.
The Cubox that submitted an algorithm to NIST is a South Korean firm with the website cubox.aero, self-described as “The Leading Provider in Biometrics” (aren’t they all?) with fingerprint and face solutions. Cubox competes in the access control and border control markets.
Cubox’s ten-year history and “overseas” page details its growth in its markets, and its solutions that it has provided in South Korea, Mongolia, and Vietnam.
And although Cubox hasn’t trumpeted its performance on its own website (at least in the English version; I don’t know about the Korean version), Cubox has publicized its accomplishment on a LinkedIn post.
But before you get excited about the NIST results from Cubox, Sensetime, or any of the algorithm providers, remember that the NIST test is just a test. NIST cautions people about this, I have cautioned people about this (see the fourth point in this post), and Mike French has also discussed this.
However, it is also important to remember that NIST does not test operational systems, but rather technology submitted as software development kits or SDKs. Sometimes these submissions are labeled as research (or just not labeled), but in reality it cannot be known if these algorithms are included in the product that an agency will ultimately receive when they purchase a biometric system. And even if they are “thesame”, the operational architecture could produce different results with the same core algorithms optimized for use in a NIST study.
The very fact that test results vary between the NIST databases explicitly tells you that a number one ranking on one database does not mean that you’ll get a number one ranking on every database. And as French reminds us, when you take an operational algorithm in an operational system with a customer database, the results may be quite different.
Which is why French recommends that any government agency purchasing a biometric system should conduct its own test, with vendor operational systems (rather than test systems) loaded with the agency’s own data.
Incidentally, if your agency needs a forensic expert to help with a biometric procurement or implementation, check out the consulting services offered by French’s company, Applied Forensic Services.
In January of this year, I wrote a couple of posts about websites with outdated content.
The posts were obviously self-serving (since Bredemarket happens to sell services to update website text), but the second post backed my points up with data.
Specifically, a study noted that when people want to research a solution, 53% of them perform a web search for the solution, and 41% of them go to vendor web sites.
I used this data to make the point that your website had better be up to date, if you want your potential customers to have a good impression of your business.
An outdated website looks bad.
But I just ran across something even worse.
Worse than an outdated website
I’m not going to provide specifics, but I just saw a Facebook post in a local business group that promoted a service. This happens to be a service that is popular with individuals and businesses. The Facebook post stated that the service provider was the best provider in the local area, and was better than the competition. The post then gave the company name of the service provider, and…
…a local phone number.
You can guess what I did next. Like 53% of you, I searched for information on this particular company. I started on Facebook itself; since the individual made the post on Facebook, I figured that the company had a Facebook page.
It didn’t. The company had no Facebook presence.
So I got out of Facebook and went off into the World Wide Web and (like 41% of you) searched for the company’s web page.
I found no company web page with that name in California, but I did find a company with that name in another part of the country that coincidentally provided the same service. But I could tell that this was a separate company.
So I went back to the original Facebook post and asked a question.
Does [COMPANY NAME] have a website, or just a phone number?
I received a response from the original poster.
Bredemarket, no, just a number.
I made no further comment, but it got me thinking.
What’s worse than a website with outdated content?
No website or web page at all.
And I’m not talking about a fancy-dancy website. If you’ve seen Bredemarket’s website, it’s not fancy-dancy.
I’m just talking about a simple page. It doesn’t have to be on your own domain; it could be on wordpress.com (like my jebredcal site) or wix.com even facebook.com (Bredemarket has one of those too). Just something that ideally tells you the company name, the person who runs the company, the address of the company (yes, UPS Store addresses are acceptable; I know), a phone number, and an email address.
When all of these elements are available, and they’re present on a website, you have at least some assurance that the company is a viable concern. (I’ll grant that this can be faked, like Abdul Enterprises was faked, but at least a name, address, email, and phone number suggest that the company is real.)
A company name and a phone number with no website, no email address, and no company ownership information is…well, it’s sketchy.
So how does a company without an online presence establish one?
There are a variety of ways to establish a company online presence. You could pay for a website, you could set up a free website via a variety of service providers, or you could simply set up a social media page such as a Facebook page.
Now Bredemarket doesn’t create websites, and Bredemarket doesn’t create Facebook business pages. Facebook offers step-by-step instructions on how to create a Facebook business page, and there are guides on how to create complete websites such as a Wix site (and you can do it for free if you don’t need a custom domain and use accountname.wixsite.com/siteaddress).
Creating the site, however, is only part of the story.
Bredemarket can help you establish the initial content for a website or a Facebook page. (And if you desire, I can help you refresh the content also.)
Let’s look at the simplest example, where you just want to establish a presence with a few hundred words (say 400 to 600 words).
Topic. Well, the topic is your business, of course, but how would you summarize your business in one sentence?
Goal. What is the goal of your site or page? Do you want people to immediately buy something online? Do you want people to rush to your business location and buy something? Or do you just want people to talk to you about your product or service?
Benefits. I’ve talked about this ad nauseum, but it’s important to explain why people should want your product or service. If your explanation results in a “so what?” from the potential customer, then you need to refine your benefit statement.
Target audience. The message on your site or page is obviously affected by your target audience. A page intended for forensic scientists will have different messaging than a page intended for high school students who want an after school snack.
Other questions. These are going to vary from engagement to engagement, but it’s important to ask these questions up front to minimize any misunderstandings later.
After you and I have talked through these questions, I’ll start creating the text to place on your website. By the time we’ve gone through the process and we’re done, you’ll have an initial website presence for your business. People will be able to find your business, find out what it’s about, contact you, and give you lots of money.
But that won’t happen until the people can find out what you offer.
And it won’t happen if they only have a business name and a phone number.
If you want Bredemarket to help you establish an online presence with the correct words to woo customers:
My local area is undergoing a transformation, with a number of new businesses appearing in the area. Oddly enough, I keep on seeing two distinctly different types of businesses appearing here.
Over the last couple of years, a number of coffee shops have opened in downtown Ontario (California, not Canada). I’m unintentionally going to leave many of them off this list, but a few of the new coffee shops include Mestiza Cakehouse and Cafe, Special Needz Coffee (with a second location inside 4th Sector Innovations), and Starbucks.
At the same time, a number of new hair stylists and barber shops have opened in downtown Ontario. Trust me, there’s a bunch of them.
I don’t know if this is public knowledge (it’s been discussed at the Ontario IDEA Exchange and other B2B forums), but downtown Ontario is even on track to have an establishment that combines the two business types. (Of course, a few of you have already figured out who I’m talking about.)
Without a bridge, you’re stuck at one place and can’t get to the other place. Or you can try to get to the other place, but you may get very wet.
Businesses need bridges to connect with their customers. When the bridges are erected, the customers understand what the businesses can do for them. If the customers need those particular services, they can buy them.
In two hours, I plan to attend the Ontario (California, not Canada) IDEA Exchange at 4th Sector Innovations.
And if some of the attendees ask, I can explain how Bredemarket can be a bridge.
I use two separate Google calendars: one for Bredemarket, and one for personal non-Bredemarket meetings. I receive meeting invitations on both of these calendars. This usually isn’t a problem.
Usually.
Over the last year, I have accepted a variety of calendar invites from external inviters, including invites to Zoom meetings, invites to Microsoft Teams meetings, invites to Google Meet meetings, and even old-fashioned invites for Plain Old Telephone Service (POTS) calls. (Yes, these still exist.) These have originated from Google-managed domains, Microsoft-managed domains, and other domains.
When you accept a calendar invite, you send a message to the inviter that contains your acceptance of the message, and this acceptance is recorded both on your calendar and on the inviter’s calendar.
Except for the invite that I received yesterday evening.
I was reading email on my mobile phone and received a calendar invite. When Gmail displays calendar invites, it displays them with “Yes,” “Maybe,” and “No” buttons.
Calendar invite, the expurgated version.
So I clicked “Yes” on the invite…and received a message that I didn’t have permission to access to the target calendar.
That seemed odd, but I noticed that there was an “invite.ics” file attached to the invitation. While ics files are designed for Microsoft calendars, they can be imported into Google calendars, so I figured that I’d just import the invite.ics file when I had access to my computer the following morning.
So this morning I imported the invite.ics file…and got the same error stating that I didn’t have permission to access the target calendar.
“The solution for this is to manually edit the .ics file prior to importing it and replace all occurrences of “UID:” with “UID:X” (without the quotes). After doing this and saving the file, proceed with the import and all should be fine.”
So I opened up the invite.ics file in Notepad, performed the manual edit, and successfully imported the calendar entry.
As it turns out, the inviter doesn’t usually schedule meetings with people outside of the inviter’s domain, which explains why I was the first person to mention the issue.
Most of the time when I receive a meeting request in my gmail account, Google Calendar understands exactly what is going on and handles the request pleasantly.
But for some zoom meeting requests originating from one particular client, Google Calendar refuses to admit that it’s a meeting request until I edit the ICS file and insert an “X” after the “UID:” prefix per the suggestion here.
Looking at RFC 5545, it doesn’t look like the “X” is required but it’s not terribly clear.
Does RFC 5545 in any way require that “X” to be there?
As of this morning, no one has answered the question, but I found a comment in a separate thread that appeared to be relevant.
After investigating for a while, it seems adding the “X” is not a permanent solution. The UID is a global identifier, if two events have the same UID in the same calendar there’s a collision. Some calendar services like Outlook (which I use) seem to handle this, while Google and probably many others don’t.
I like to publish “in case you missed it” (ICYMI) posts over the weekend, just in case my Facebook, LinkedIn, or Twitter followers might have missed something that I originally published in the preceding week.
Last weekend I tried something a little different. Now that Bredemarket has been a going concern for over a year, I chose to publish some items that my followers might have missed when I originally published them in the preceding YEAR.
Although there are some parts of 2020 that aren’t fun to revisit.
But this past weekend, I went back to October 2020 for my latest #ICYMI offerings. I want to talk about two of these offerings in particular.
The first #ICYMI item
The first item that I shared last weekend was a Bredemarket blog post from October 17, 2020 entitled “You go back, Jack, do it again” that talked about repurposing content. Here’s a brief excerpt that links to a Neil Patel post.
Why repurpose content?
To reach audiences that you didn’t reach with your original content, and thus amplify your message. (There’s data behind this.)
If you’re a data lover, check the link.
The second ICYMI item
Waylon Jennings promotional picture for RCA, circa 1974. By Waylon_Jennings_RCA.jpg: RCA Records derivative work: GDuwenTell me! – This file was derived from: Waylon Jennings RCA.jpg:, Public Domain, https://commons.wikimedia.org/w/index.php?curid=17091525
Yes, this particular podcast episode was only on Spotify because it included a song sample.
Yes, I chose Waylon’s version of the song rather than Steely Dan’s because I like Waylon’s version better.
Yes, you have to be on Spotify Premium to hear the whole song, rather than a 30-second snippet. (I’m not on Spotify Premium, so even I haven’t heard the entire podcast as envisioned.)
I don’t really have anything profound to say about repurposing that hasn’t been said already, so treat this as a reminder that you can easily repurpose content on new platforms to reach new readers/listeners.
As I just did.
Again.
Postscripts
For the record, I haven’t created any other Spotify-only podcast episodes with music since that initial one a year ago. So all of the other podcast episodes that I’ve recorded are available on ALL of my platforms, including Anchor.
By the way, there was a third #ICYMI item that I re-shared last weekend on Facebook, LinkedIn, and Twitter. But it didn’t deserve its own re-blog.
(You gotta know when to hold ’em. Yes, that’s Kenny, not Waylon.)
Bredemarket 