biometric – Page 4 – Bredemarket

Francesco Fabbrocino’s Five Rules of Fraud Prevention…and Bredemarket’s Caveat to Rule 2

Francesco Fabbrocino of Dunmor presented at today’s SoCal Tech Forum at FoundrSpace in Rancho Cucamonga, California. His topic? Technology in FinTech/Fraud Detection. I covered his entire presentation in a running LinkedIn post, but I’d like to focus on one portion here—and my caveat to one of his five rules of fraud detection. (Four-letter word warning.)

The five rules

In the style of Fight Club, Fabbrocino listed his five rules of fraud detection:

1. Nearly all fraud is based on impersonation.

2. Never expose your fraud prevention techniques.

3. Preventing fraud usually increases friction.

4. Fraud prevention is a business strategy.

5. Whatever you do, fraudsters will adapt to it.

All good points. But I want to dig into rule 2, which is valid…to a point.

Rule 2

If the fraudster presents three different identity verification or authentication factors, and one of them fails, there’s no need to tell the fraudster which one failed. Bad password? Don’t volunteer that information.

In fact, under certain circumstances you may not have to reveal the failure at all. If you are certain this is a fraud attempt, let the fraudster believe that the transaction (such as a wire transfer) was successful. The fraudster will learn the truth soon enough: if not in this fraud attempt, perhaps in the next one.

But “never” is a strong word, and there are some times when you MUST expose your fraud prevention techniques. Let me provide an example.

Biometric time cards

One common type of fraud is time card fraud, in which an employee claims to start work at 8:00, even though he didn’t show up for work until 8:15. How do you fool the time clock? By buddy punching, where your friend inserts your time card into the time clock precisely at 8, even though you’re not present.

Enter biometric time clocks, in which a worker must use their finger, palm, face, iris, or voice to punch in and out. It’s very hard for your buddy to have your biometric, so this decreases time clock fraud significantly.

The four-letter word

Unless you’re an employer in Illinois, or a biometric time clock vendor to employers in Illinois.

And you fail to inform the employees of the purpose for collecting biometrics, and obtain the employees’ explicit consent to collect biometrics for this purpose.

Because that’s a violation of BIPA, Illinois’ Biometric Information Privacy Act. And you can be liable for damages for violating it.

In a case like this, or a case in a jurisdiction governed by some other privacy law, you HAVE to “expose” that you are using an individual’s biometrics as a fraud prevention techniques.

But if there’s no law to the contrary, obfuscate at will.

Communicating your anti-fraud solution

Now there are a number of companies that fight the many types of fraud that Fabbrocino mentioned. But these companies need to ensure that their prospects and clients understand the benefits of their anti-fraud solutions.

That’s where Bredemarket can help.

As a product marketing consultant, I help identity, biometric, and technology firms market their products to their end clients.

And I can help your firm also.

Read about Bredemarket’s content for tech marketers and book a free meeting with me to discuss your needs.

Stop losing prospects! Use Bredemarket content for tech marketers

More information:

Bredemarket: Services, Process, and Pricing.

Omnigarde Peter Lo Biography: I Need to Steal This Idea

As we approach 2026, advanced biometric firm Omnigarde has released new marketing materials. One of these is a video biography of Omnigarde’s principal, Dr. Peter Lo.

Dr. Peter Lo.

Of all the videos I’ve created, I’ve never created a “Who I Am” video. Not that I have the industry recognition that Dr. Lo has…

A Look at Biometric Accuracy in an Alternative Universe

(Part of the biometric product marketing expert series)

Imagine an alternative universe in which a single human body had ten (different) faces and only one finger.

How accurate would facial recognition be?
How accurate would fingerprint identification be?

Think about the ramifications.

Credit for this thought, not original to me, must remain anonymous.

Revisited January 12, 2026.

Bredemarket’s Biggest Accomplishments in 2025 (So Far)

I’m jumping ahead in the year-end post ridiculousness to cite Bredemarket’s two most notable accomplishments this year. Not to detract from my other accomplishments this year, but these two were biggies.

The first was my Biometric Update guest post in May, “Opinion: Vendors must disclose responsible uses of biometric data.” I discussed elsewhere my reasons for writing this, and created a Bredemarket-hosted video summarizing my main points.

Biometric vendors…

The second was my go-to-market effort for a Bredemarket client in September, which I discussed (without mentioning my participation) here. And there’s a video for that effort also.

Recent go-to-market.

I’ve accomplished many other things this year: client analyses, blog posts (both individually and in series), consultations, presentations, press releases, proposals, requirements documents, sales playbooks, and many more.

And I still have three more weeks to accomplish things.

The Biometric Challenges of Twins

Facial recognition and DNA can’t tell identical twins apart. (Well, not unless you can detect somatic mutations.) Even Santa can’t tell.

And fingerprints don’t work because everyone at the North Pole wears gloves.

Grok.

Bredemarket Essentials November 2025

If I had to choose three videos that represented today’s Bredemarket, I would choose the three listed below:

Landscape.

The Seven Questions I Ask.

Bredemarket: Services, Process, and Pricing.

I placed all three in this YouTube playlist.

I’ve shared all three as an Instagram story (which will probably have expired when you see this).

And I’m sharing them again below.

Landscape.

The Seven Questions I Ask.

Bredemarket: Services, Process, and Pricing.

Those are good essentials.

If you want to know more, visit https://bredemarket.com/mark/ and book a free meeting with me.

Stop losing prospects! Use Bredemarket content for tech marketers

For My European Readers: Entry-Exit in Switzerland

Europeans generally do not celebrate the U.S. Thanksgiving, unless they spent time in this country and like the food.

But for most Europeans this will be another Thursday. Actually it’s already Thursday in Europe. Good morning.

And Europe is also ahead of the U.S. in biometric entry AND exit. Just ask the Swiss.

“Switzerland’s busiest international hub, Zurich Airport is swept up in the EU-wide upgrade to how third-country nationals are registered at Schengen borders, with the rollout of the EU Entry/Exit System.”

More here.

Biometrics: Unknown, Known, and Deceased

When You Don’t Use Voter ID, Don’t Use Signatures

I’ve previously commented that the precinct workers in voter ID states have neither the knowledge nor the equipment to tell a fake voter ID from a real one.

But what if you rely on things other than voter ID to determine identity?

This goodie came from a thread from cherielynn89.

“My vote didn’t count against prop 50 because my signature didn’t match ? I voted in person !! With ID that no one asked for !! Make it make sense !! I’m sure I’m not the only vote they didn’t count !!”

So my state of California, which does not require voter ID, uses signature verification. If you view cherielynn69’s original thread, you will see a letter from the Butte County Clerk-Recorder stating “signature does not match.”

I’d like to know who made that determination, and what training they had.

As it turns out, I have never discussed signatures as a biometric in detail. But the Biometrics Institute has, distinguishing between static and dynamic signatures. You obtain more information with the latter:

“The physical actions involved in writing a signature are captured, usually on a screen sensitive device like a tablet, and recorded electronically. Consequently different characteristics are used rather than just those found in the image of the signature. This involves a three dimensional (X, Y & Z axes) evaluation of the time taken, rhythm and varying velocities of forming each letter and the overall signature, pen/stylus pressure and the direction of the strokes, including free strokes, for example crossing a ‘T’ or dotting an ‘I’.”

Which is nice…except that when comparing the signature on a mail-in ballot to the signature on a voter roll, only static signature comparison is available.

And static signatures are not all that accurate.

In 1971, publisher McGraw-Hill scored the rights to Howard Hughes’ life story, accompanied by a letter from Howard Hughes affirming that he had authorized writer Clifford Irving to act on Hughes’ behalf. Experts from McGraw-Hill examined the letter and concluded that Hughes could have written it…until those troublesome postal inspectors noticed something. While the writing in the Hughes letter differed from Irving’s own writing, the two shared telltale similarities.

Because while it’s hard to change your face, and very hard to change your finger, it’s much easier to change your signature. But not easy enough, as the postal inspectors showed.

So I don’t know about you, but I wouldn’t rely on signatures as proof of identity.

EBTS the Movie, “Inside the FBI’s EBTS”: Using Google’s NotebookLM to Create Videos From Non-Copyrighted Material

Do you want to skip the book and watch the movie version? Thanks to Google’s NotebookLM, you can.

I used the Federal Bureau of Investigation’s Electronic Biometric Transmission Specification (EBTS) for this exercise.

What should you NOT upload to NotebookLM?

But there’s two things I need to say about the EBTS:

First, the EBTS is a public document and not a top secret document. You can download the EBTS yourself from the https://fbibiospecs.fbi.gov/ebts-1/approved-ebts-1 URL. For my test I used version 11.3 of the EBTS from earlier this year.
Second, the EBTS is a public domain document and is not copyrighted. This is something I need to emphasize. If you’re going to take a magazine article and make a movie out of it, the copyright holder may have something to say about that.

Both points are important. If you want to upload your employer’s confidential report into NotebookLM for analysis…well, you probably shouldn’t. But the public, non-copyrighted EBTS is safe for this exercise.

Uploading the EBTS to NotebookLM

So I uploaded the EBTS into NotebookLM, and as expected, I received a short text sumnmary of the document.

“This document outlines the technical specifications for the electronic exchange of biometric and biographic information between various law enforcement agencies and the FBI’s Criminal Justice Information Services (CJIS) Next Generation Identification (NGI) System. It details the Transaction Offense Types (TOTs), which are the standardized requests and responses used for services such as identification, verification, investigation, and data management. Furthermore, the text specifies the precise data fields, formats, and codes required for the submission and retrieval of diverse biometric data, including fingerprints, palm prints, facial images, and iris scans, while also setting forth image quality specifications for scanner and printer certification.”

Now I could continue to query NotebookLM about the document, but I chose to request a video overview instead. This feature was introduced a few months ago, but I missed it.

“Video Overviews transform the sources in your notebook into a video of AI-narrated slides, pulling images, diagrams, quotes, and numbers from your documents. They distill complex information into clear, digestible content, providing a comprehensive and engaging visual deep dive of your material.”

So I launched the video overview creation feature, and waited. As I waited, I mused upon the time it would take me to create this video manually, and I also mused on the usual LLM warning that the result may contain inaccuracies.

I didn’t have to wait that long, maybe 15 minutes, and Google delivered this 7-minute video.

Inside the FBI’s EBTS. Created by Google NotebookLM based upon EBTS Version 11.3.

Not too bad…especially considering that the video was created based upon a single source. Imagine if I had provided multiple sources, such as an old version of the Electronic Fingerprint Transmission Specification (EFTS); then the video may have covered the evolution of the standard.

Oh, and I also created a 12-minute audio version, which NotebookLM structures as a two-host podcast. This is similar to the podcast I generated in late 2024 about…me.

Unpacking the EBTS standard. Created by Google NotebookLM based upon EBTS Version 11.3.

In an environment where many people like to watch or listen rather than read, this helps provide a quick overview. But you still have to dive into the document and read it to truly understand it.