Tag Archives: biometrics

What is an “antimicrobial” contact fingerprint reader? And what is it NOT?

(Part of the biometric product marketing expert series)

In the COVID and (soon) post-COVID area, people don’t want to touch things. That impacts how identity products are marketed, including biometric readers.

Why contactless biometrics are “better” than contact biometrics

In the biometric world, this reluctance to touch things has served to promote CONTACTLESS biometric technologies, such as facial recognition, other other technologies. The loser in this has been fingerprint-based technologies, as several facial and iris vendors have made the claim that face/iris biometrics are contactless, while fingerprint biometrics are NOT contactless.

Well, my friends at my former employer IDEMIA might take issue with that claim, since you literally do NOT touch the fingerprint reader in IDEMIA’s MorphoWave product. IDEMIA does not (to my knowledge) make any medical claims about MorphoWave, but the company does emphasize that its contactless fingerprint reader allows for fast capture of four-finger slaps.

To protect their premises, organizations need access control solutions that are efficient, fast, and convenient. A contactless fingerprint scanner provides an optimum answer high throughput workplaces. IDEMIA’s MorphoWave contactless fingerprint solution scans and verifies 4 fingerprints in less than 1 second, through a fully touchless hand wave gesture. Thanks to the simplicity of this gesture, the throughput can reach up to 50 people per minute.

An antimicrobial contact fingerprint reader?

But what if there were a CONTACT solution that allowed you to capture prints with a reduced fear of “bad things”?

That’s what Integrated Biometrics appears to be claiming.

Integrated Biometrics (IB), the world leader in mobile, FBI-certified biometric fingerprint scanners, and NBD Nanotechnologies (NBD Nano), the surface coating experts, today announced the inclusion of NBD’s RepelFlex MBED transparent coating on IB’s entire line of fingerprint scanners.

An ultra-thin, transparent coating, RepelFlex MBED is designed to provide outstanding antimicrobial, anti-scratch, and anti-stain protection to devices. Long-lasting and multi-functional, RepelFlex MBED is ideal for surfaces that must stand up to high throughput and harsh conditions without compromising accuracy.

So what exactly does “antimicrobial” mean?

cluster of Escherichia coli bacteria magnified 10,000 times. By Photo by Eric Erbe, digital colorization by Christopher Pooley, both of USDA, ARS, EMU. – This image was released by the Agricultural Research Service, the research agency of the United States Department of Agriculture, with the ID K11077-1 (next)., Public Domain, https://commons.wikimedia.org/w/index.php?curid=958857

Let’s see how NBD Nano describes it.

Preventing the presence and growth of microbials on surfaces is becoming increasingly important. Antimicrobial performance is especially critical on surfaces that are accessible to the public in order to prevent the spread of stain and odor causing bacteria and microbes.

And if you drill further down in NBD Nano’s website, you find this information in a technical data sheet (PDF).

Antimicrobial Performance: Japanese Industrial Standard (JIS) Z 2801 – PASS*
*as tested by Microchem Laboratory, Round Rock, TX

Now since I’m not up to date on my Japanese Industrial Standards, I had to rely on the good folks at the aforementioned Microchem Laboratory to explain what the standard actually means.

The JIS Z 2801 method tests the ability of plastics, metals, ceramics and other antimicrobial surfaces to inhibit the growth of microorganisms or kill them. The procedure is very sensitive to antimicrobial activity and has a number of real world applications anywhere from the hospital/clinical environment to a household consumer company concerned with the ability of a material they have to allow bacterial growth.

The JIS Z 2801 method is the most commonly chosen test and has become the industry standard for antimicrobial hard surface performance in the United States.

It may be antimicrobial, but what about preventing the “C” word?

Now you may have noticed that Microchem Laboratory, NBD Nano, and Integrated Biometrics did not make any medical claims regarding their products. None of them, for example, used the “C” word in any of their materials.

There’s a very, very good reason for that.

If any of these product providers were to make specific MEDICAL claims, then any sales in the United States would come under the purview of the U.S. Food and Drug Administration.

This is something that temperature scanner manufacturers learned the hard way.

Digression: if fever scanners are fever scanners, does that mean they are fever scanners?

Remember “fever scanners”? Those devices that were (and in some cases still are) pointed at your forehead as you enter a building or another secure area? I won’t get into the issues with these devices (what happens when the scanner is placed next to a building’s front entrance on a hot day?), but I will look at some of the claims about those scanners.

About a year ago, John Honovich of IPVM began asking some uncomfortable questions about the marketing of those devices, especially after the FDA clarified what thermal imaging systems could and could not do.

When used correctly, thermal imaging systems generally have been shown to accurately measure someone’s surface skin temperature without being physically close to the person being evaluated….

Thermal imaging systems have not been shown to be accurate when used to take the temperature of multiple people at the same time. The accuracy of these systems depends on careful set-up and operation, as well as proper preparation of the person being evaluated….

Room temperature should be 68-76 °F (20-24 °C) and relative humidity 10-50 percent….

The person handling the system should make sure the person being evaluated…(h)as waited at least 15 minutes in the measurement room or 30 minutes after exercising, strenuous physical activity, bathing, or using hot or cold compresses on the face.

Let’s stop right there. For any of you who have undergone a temperature scan in the last year: how many of you have waited in a measurement room for at least 15 minutes BEFORE your temperature was taken?

Last summer I had a dentist appointment. My dentist is in Ontario, California, where the summers can get kind of hot. The protocol at this dentist’s office was to have you call the office from your car when you arrived in the parking lot, then wait for someone from the office to come outside and take your temperature before you could enter the building.

I was no dummy. I left my car and its air conditioner running while waiting for my temperature to be taken. Otherwise, who knows what my temperature reading would have been? (I also chose NOT to walk to the dentist’s office that day for the same reason.)

Back to John Honovich. He had read the FDA advice on the medical nature of thermal imaging systems, and then noted that some of the manufacturers of said systems were sort of getting around this by stating that their devices were not medical devices.

Even though the manufacturers still referred to them as “fever cameras.”

For example, one vendor (who has since changed its advertising) declared at the time that “thermal temperature-monitoring technology assists in reducing the spread of viral diseases,” even though that vendor’s device “is not a medical device and is not designed or intended for diagnosis, prevention, or treatment of any disease or condition.”

Fever scanners, testosterone supplements…and fingerprint readers

Yes, that language is similar to the language used by providers of natural supplements that, according to anecdotal evidence, work wonders. The FDA really polices this stuff.

So you really don’t want to make medical claims about ANY product unless you can back them up with the FDA. You can say that a particular product passed a particular antimicrobial standard…but you’d better not say anything else.

In fact, Integrated Biometrics only mentions the “antimicrobial” claim in passing, but spends some time discussing other benefits of the NBD Nano technology:

The inclusion of RepelFlex MBED coatings enable IB’s scanners to deliver an even higher level of performance. Surfaces are tougher and more difficult to scratch or stain, increasing their longevity while maintaining print quality even when regular cleaning is not possible due to conditions or times of heavy use.

So the treated Integrated Biometrics products are tough…like those famous 1970s crime fighters Kojak, Columbo, and Danno and the other people from Five-O. (Not that Sherlock and Watson were slouches.)

Book ’em, Danno! By CBS Television – eBay item photo front photo back, Public Domain, https://commons.wikimedia.org/w/index.php?curid=19674714

I really want to know (if this song is truly related to crime scene investigation)

I was performing some website maintenance this afternoon, and decided to add a page dedicated to Bredemarket’s services for identity firms. I was trying to think of an introductory illustration to go with the page, since the town crier can only go so far. So, claiming fair use, I decided that this image made perfect sense.

“Who Are You” by The Who. Fair use, https://en.wikipedia.org/w/index.php?curid=11316153

Now while use of the “Who Are You” album cover on a Bredemarket identity page makes perfect sense to me, it may not make sense to 6.9 billion other people. So I guess I should explain my line of thinking.

The link between human identification and the song “Who Are You” was established nearly two decades ago, when the television show “C.S.I. Crime Scene Investigation” started airing on CBS. TV shows have theme songs, and this TV show adopted a (G-rated) excerpt from the Who song “Who Are You” as its theme song. After all, the fictional Las Vegas cops were often tasked with identifying dead bodies or investigating crime scene evidence, so they would be expected to ask the question “who are you” a lot.

Which reminds me of two stories:

  • I actually knew a real Las Vegas crime scene investigator (Rick Workman), but by the time I knew him he was working for the neighboring city of Henderson.
  • CSI spawned a number of spinoffs, including “CSI:Miami.” When I was a Motorola product manager, CSI:Miami contacted us to help with a storyline involving a crime scene palm print. While Motorola software was featured in the episode, the GUI was jazzed up a bit so that it would look good on TV.

So this song (and other Who songs for the CSI spinoffs) is indelibly associated with police crime scene work.

But should it be?

After all, people think that “When a Man Loves a Woman” is a love song based upon its title. But the lyrics show that it’s not a love song at all.

When a man loves a woman
Down deep in his soul
She can bring him such misery
If she is playin’ him for a fool

So are we at fault when we associate Pete Townshend’s 1970s song “Who Are You” with crime scene investigation?

Yes, and no.

While the “who are you” question has nothing to do with figuring out who committed a crime, it DOES involve a policeman.

This song is based on a day in the life of Pete Townshend….

Pete left that bar and passed out in a random doorway in Soho (a part of New York). A policeman recognized him (“A policeman knew my name”) and being kind, woke him and and told him, “You can go sleep at home tonight (instead of a jail cell), if you can get up and walk away.” Pete’s response: “Who the f–k are you?”

Because it was the 1970s, the policeman did not try to identify the drunk Townshend with a mobile fingerprint device linked to a fingerprint identification system, or a camera linked to a facial recognition system.

Instead, the drunk Townshend questioned the authority of the policeman. Which is what you would expect from the guy who wrote the line “I hope I die before I get old.”

Speaking of which, did anybody notice that on the album cover for “Who Are You,” Keith Moon is sitting on a chair that says “Not to Be Taken Away”? Actually, they did…especially since the album was released on August 18, 1978 and Moon died on September 7.

While Moon’s death was investigated, no crime scene investigators were involved.

The five authentication factors

(Part of the biometric product marketing expert series)

I thought I had blogged about the five factors of authentication, either here or at jebredcal, but I guess I haven’t explicitly written a post just on this topic. (You’d expect an identity content marketing expert to do that.)

And I’m not going to do that today either (at least in any detail), because The Cybersecurity Man already did a good job at that (as have many others).

However, for those like me who get a little befuddled after authentication factor 3, I’m going to list all five authentication factors.

  • Something You Know. Think “password.” And no, passwords aren’t dead. But the use of your mother’s maiden name as an authentication factor is hopefully decreasing.
  • Something You Have. I’ve spent much of the last ten years working with this factor, primarily in the form of driver’s licenses. (Yes, MorphoTrak proposed driver’s license systems. No, they eventually stopped doing so. But obviously IDEMIA North America, the former MorphoTrust, has implemented a number of driver’s license systems.) But there are other examples, such as hardware or software tokens.
  • Something You Are. I’ve spent…a long time with this factor, since this is the factor that includes biometrics modalities (finger, face, iris, DNA, voice, vein, etc.). It also includes behavioral biometrics, provided that they are truly behavioral and relatively static.
  • Something You Do. The Cybersecurity Man chose to explain this in a non-behavioral fashion, such as using swiping patterns to unlock a device. This is different from something such as gait recognition, which supposedly remains constant and is thus classified as behavioral biometrics.
  • Somewhere You Are. This is an emerging factor, as smartphones become more and more prevalent and locations are therefore easier to capture. Even then, however, precision isn’t always as good as we want it to be. For example, when you and a few hundred of your closest friends have illegally entered the U.S. Capitol, you can’t use geolocation alone to determine who exactly is in Speaker Pelosi’s office.

Now when these factors are combined via multi-factor authentication, there is a higher probability that the person is who they claim to be. If I enter the password “12345” AND I provide a picture of my driver’s license AND I provide a picture of my face AND I demonstrate the secret finger move AND I am within 25 feet of my documented address, then there is a pretty good likelihood that I am me, despite the fact that I used an extremely poor password.

I don’t know if anyone has come up with a sixth authentication factor yet. But I’m sure someone will if it hasn’t already been done. And then I’ll update to update this post in the same way I’ve been updating my Bredemarket 2021 goals.

Biometric writing, and four ways to substantiate a claim of high biometric accuracy

I wanted to illustrate the difference between biometric writing, and SUBSTANTIVE biometric writing.

A particular company recently promoted its release of a facial recognition application. The application was touted as “state-of-the-art,” and the press release mentioned “high accuracy.” However, the press release never supported the state-of-the-art or high accuracy claims.

By Cicero Moraes – Own work, CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=66803013

Concentrating on the high accuracy claim, there are four methods in which a biometric vendor (facial recognition, fingerprint identification, iris recognition, whatever) can substantiate a high accuracy claim. This particular company did not employ ANY of these methods.

  • The first method is to publicize the accuracy results of a test that you designed and conducted yourself. This method has its drawbacks, since if you’re administering your own test, you have control over the reported results. But it’s better than nothing.
  • The second method is for you to conduct a test that was designed by someone else. An example of such a test is Labeled Faces in the Wild (LFW). There used to be a test called Megaface, but this project has concluded. A test like this is good for research, but there are still issues; for example, if you don’t like the results, you just don’t submit them.
  • The third method is to have an independent third party design AND conduct the test, using test data. A notable example of this method is the Facial Recognition Vendor Test series sponsored by the U.S. National Institute of Standards and Technology. Yet even this test has drawbacks for some people, since the data used to conduct the test is…test data.
  • The fourth method, which could be employed by an entity (such as a government agency) who is looking to purchase a biometric system, is to have the entity design and conduct the test using its own data. Of course, the results of an accuracy test conducted using the biometric data of a local police agency in North America cannot be applied to determine the accuracy of a national passport system in Asia.

So, these are four methods to substantiate a “high accuracy” claim. Each method has its advantages and disadvantages, and it is possible for a vendor to explain WHY it chose one method over the other. (For example, one facial recognition vendor explained that it couldn’t submit its application for NIST FRVT testing because the NIST testing design was not compatible with the way that this vendor’s application worked. For this particular vendor, methods 1 and 4 were better ways to substantiate its accuracy claims.)

But if a company claims “high accuracy” without justifying the claim with ANY of these four methods, then the claim is meaningless. Or, it’s “biometric writing” without substantiation.

Why I created a LinkedIn Showcase Page for Bredemarket

It was Sunday, and I was thinking about something that I wanted to communicate to a potential client in the coming week. The potential client performs work in multiple areas, and had inquired about my assisting in one of those areas.

As I thought about solutions for that one section of the potential client’s website, I began wondering how that material could be repurposed in other channels, including LinkedIn. One solution, I realized, was for the client to set up a special “showcase page” on LinkedIn that was dedicated to this one area. Content from the website could then be repurposed for the showcase page.

If you are unfamiliar with LinkedIn Showcase Pages, they “are extensions of your LinkedIn Page, designed to spotlight individual brands, business units and initiatives.”

A notable example of the use of showcase pages is Adobe. Adobe has a company page, but since Adobe provides a plethora of products and services, it would be a firehose to cover EVERYTHING on the main Adobe page. So Adobe established showcase pages, such as its page for Adobe Experience Cloud, that allowed the company to go into greater detail for that particular topic.

But this doesn’t explain why I just created a showcase page for a Bredemarket customer segment. Actually, there are two reasons.

  • While Bredemarket provides its services to identity firms, technology firms, general business, and nonprofits, it’s no secret that Bredemarket’s most extensive experience is in the identity industry. Because of my experience in biometrics and secure documents, I know the messages that identity firms need to communicate to their customers and to the public at large. Because of this, I thought I’d create a showcase page dedicated solely to the services that Bredemarket can provide to identity firms.
  • There’s another reason why I created the showcase page – the “eating your own dog food” reason. If I’m going to talk about the use of LinkedIn Showcase Pages, wouldn’t it make sense for me to create my own?

So on Sunday I created the Bredemarket Identity Firm Services page on LinkedIn; you can find it at the https://www.linkedin.com/showcase/bredemarket-identity-firm-services/ URL.

And if your interest is specifically in identity, be sure to click the Follow button.