Last June I created a still for a fictional TV show called “The Amazing Computer.” The show described the real life activities of the FBI in computerizing its fingerprint system.
Now I’m giving it the Lyria treatment.
Tag Archives: fingerprint
On Melanin
If you’re examining a person’s fingerprints, palm prints, face, and irises, you need to understand melanin.
The Cleveland Clinic goes into great detail on melanin, but for now I’m going to concentrate on one item.
There are three types of melanin, two of which affect the skin, eyes, and hair.
Eumelanin. There are two types of eumelanin: black and brown. Eumelanin is responsible for dark colors in skin, eyes and hair. People with brown or black hair have varying amounts of brown and black eumelanin. When there’s no black eumelanin and a small amount of brown eumelanin, it results in blonde hair.
Pheomelanin. This type of melanin pigments your lips, nipples and other pinkish parts of your body. People who have equal parts eumelanin and pheomelanin have red hair.
Melanin obviously affects the coloration of your skin, although some parts of your body (such as your fingertips) may have less melanin than other parts (such as your face).
Concentrating on fingertips and faces (and ignoring irises for the moment), let’s look at a situation where we use an optical mechanism (such as an optical fingerprint reader or a camera), along with available illumination, to photograph fingers and faces of people with varying skin tones.
But what if your entire photographic system is based upon reference materials optimized for light melanin levels? As late as the 1970s, Kodak’s reference materials, called “Shirley cards” after the first model, used to exclusively white people.
In the 1970s, photographer Jim Lyon joined Kodak’s first photo tech division and research laboratories. He says the company recognized there was a problem with the all-white Shirley cards.
“I started incorporating black models pretty heavily in our testing, and it caught on very quickly,” he says. “It wasn’t a big deal, it just seemed like this is the right thing to do. I wasn’t attempting to be politically correct. I was just trying to give us a chance of making a better film, one that reproduced everybody’s skin tone in an appropriate way.”
So hopefully today optical devices are properly capturing fingers, faces, and irises of people at all melanin levels.
Or is this wishful thinking?
The Biometric Product Marketing Expert For…Which Biometrics?
My professional experience spans DNA, face, friction ridge, iris, and voice.
But I’ve looked at many other modalities.
See the full list here.
Fingerprint Evidence in Court
For…a long time I’ve been talking about whether fingerprint evidence is accepted in court. But until now I never had access to an easy-to-use database of court cases.
Mike Bowers shared a release from the Wilson Center for Science and Justice at Duke Law, “New Database Documents a Century of Court Decisions on Forensic Expert Evidence Testimony.”
The fingerprint database can be accessed here.
Here’s an example of the case details for the (current) most recent record:
Case
Commonwealth v. Honsch, 22 N.E.3d 287 (Mass. 2024)
Year
2024
Jurisdiction
Massachusetts
Type of Proceeding
Appellate
Other fields
CourtSupreme Judicial Court of Massachusetts, Hampden
Expert Evidence Ruling Reversing or Affirming on AppealAdmitted
RulingCorrect to admit
Type of EvidenceFingerprint
Defense or Prosecution ExpertProsecution
Summary of Reasons for Ruling
The Commonwealth here presented two latent print analysts as experts. One multiple times that it was his “scientific opinion” that there were three latent prints that were “identified to” the palms of the defendant. The term “scientific” to describe his opinion “arguably verged on suggesting that the ACE-V process is more scientific than warranted,” and there was one instance in which Dolan testified without using the term “opinion.” The court concludes that there was no error because, “viewed as a whole,” his testimony was largely expressed in terms of an “opinion” and his testimony did not claim that the ACE-V process was infallible or absolutely certain.
On the other hand, Pivovar testified that she (i) “identified [a palm print from one of the garbage bags and the print of the defendant’s left palm] as originating from the same source”; (ii) “identif[ied] [another latent print] and the right palm print of [the defendant] as being the same, they originated from the same source”; and (iii) “identif[ied] the [third latent print] as originating from the same source as the right palm of [the defendant] that [she] compared it to.” Pivovar did not frame her testimony in terms of an “opinion” and expressed the identification of the defendant with certainty. This was error. However, the court concluded that Pivovar’s testimony did not likely influence the jury’s conclusion. Defense counsel countered the notion that individualization under the ACE-V methodology is infallible by cross-examining Pivovar on the subjectivity of latent print analysis, the fact that two prints are never identical, and a recent incident in which the Federal Bureau of Investigation erroneously identified a suspect based on an incorrect latent print analysis. The defendant also presented an expert detailing the risks of cognitive bias in latent print analysis. Additionally, the Commonwealth’s other latent print examiner, Dolan, testified as to the same findings as Pivovar. If Pivovar’s testimony had been properly framed as an opinion, there still would have been strong evidence that the prints found at Elizabeth’s crime scene originated from the defendant. Thus, even though we determine that Pivovar’s testimony was erroneously presented as fact, the error did not create a substantial likelihood of a miscarriage of justice.
Admissibility StandardLanigan-Daubert
Lower Court HearingN
Discussion of 2009 NAS ReportY
Discussion of Error Rates or ReliabilityN
Frye RulingN
Limiting Testimony RulingN
Language Imposed by Court to Limit TestimonyN
Ruling Based in Prior PrecedentY
Daubert FactorsN
Ruling on Qualifications of ExpertN
Ruling on 702(a)N
Ruling on 702(b)N
Ruling on 702(c)N
Ruling on 702(d)N
Notes—
Good resource to keep in mind.
Delivering Bad News: How Motorola Overcame the FpVTE 2003 Results Announcement
I just realized that I have never told the FULL story of FpVTE 2003 in the Bredemarket blog. I’ve only told the problem part, but not the solution part. Bad on me.
The problem part
I told parts of this in a 2023 post entitled “The Big 3, or 4, or 5? Through the Years.” One of the pivotal parts of the story was when the “big 4” became the “big 3.”
It happened like this:
These days the U.S. National Institute of Standards and Technology (NIST) is well known for its continuous biometric testing, but one of its first tests was conducted in 2003. At the time, there were four well-recognized fingerprint vendors:
- Cogent Systems.
- Motorola, which had acquired Printrak.
- NEC.
- Sagem Morpho, which had acquired Morpho.
There were a bunch of other fingerprint vendors, but they were much smaller, including the independent companies Bioscrypt and Identix.
I was a product manager at Motorola at the time, managing the server portion of the company’s automated fingerprint identification system (AFIS), Omnitrak. This featured a modernization of the architecture that was a vast improvement over the client-server architecture in Series 2000. The older product was still in use at the Royal Canadian Mounted Police (RCMP), but Motorola was in the process of installing Omnitrak in Slovenia and upgrading existing systems in Oklahoma and Switzerland.
Yes, I’ve worked in biometrics for a while.
This is the environment in which NIST released its Fingerprint Vendor Technology Evaluation of 2003 (FpVTE 2003).
“FpVTE 2003 consists of multiple tests performed with combinations of fingers (e.g., single fingers, two index fingers, four to ten fingers) and different types and qualities of operational fingerprints (e.g., flat livescan images from visa applicants, multi-finger slap livescan images from present-day booking or background check systems, or rolled and flat inked fingerprints from legacy criminal databases).”
So the companies listed above, among others, submitted their algorithms to FpVTE 2003. After the testing, NIST issued a summary report that included this sentence.
“Of the systems tested, NEC, SAGEM, and Cogent produced the most accurate results.”
You can see how this affected Motorola…and me. We were suddenly second-tier, via independent confirmation.
We first had to go to the RCMP and admit that we weren’t as accurate as other systems. This came at a particularly bad time, since the RCMP was engaged in a massive system upgrade of its own. While Motorola’s FpVTE performance was not the ultimate deciding factor, we lost the massive RCMP system to Cogent.
But Motorola did something else at the same time.
The solution part
The accuracy of an automated fingerprint identification system falls in the laps of the algorithm developers, whether the vendor develops its own algorithms or buys a third-party algorithm from another AFIS vendor.
Motorola developed its own algorithm…and one of the R&D leaders was Guy Cardwell.
Motorola held a User’s Conference after the FpVTE results announcement, and Cardwell spoke to our customers.
- It wasn’t a flashy presentation with smoke and mirrors.
- It wasn’t an accusatory presentation calling NIST a bunch of crooks.
- It was basically Guy, on stage, saying that we didn’t do well.
- And that we would do better.
Now of course that in itself means nothing unless we actually DID better. The R&D team went to work and improved the algorithm, and continued with other advances such as supporting complete 1000 pixel per inch systems as Sweden demanded.
But from a product marketing perspective, Motorola’s initial messaging to its customers was critically important.
Because if Motorola didn’t publicly address its FpVTE 2003 performance, then the only people talking about it would be Cogent, NEC, and Sagem Morpho.
And you don’t want to let your competitors deliver your message and steal your prospects.
Lyria…and Fingerprint Matching
Google Gemini has a new capability: artificial intelligence music generation.
It’s called Lyria.
“Since launching the Gemini app, we’ve built tools to encourage creative expression through images and video. Today, we’re taking the next step: custom music generation. Lyria 3, Google DeepMind’s latest generative music model, is rolling out today in beta in the Gemini app.”
I used this prompt to generate a Lyria tune:
“Create music for a wildebeest using a laptop to compare a latent fingerprint to a tenprint fingerprint”
Google’s response:
“’I’ve created a unique atmospheric track for you that blends electronic data-processing sounds with the deep, resonant textures of a wildebeest’s world. You can play the music directly here in our chat!”
Or I could download it and share it with you.
Know Your Contactless Fingerprint Scanning History
As I write this, contactless fingerprint scanners cannot submit their prints to the U.S. Federal Bureau of Investigation’s (FBI) Next Generation Identification (NGI) system.
But the FBI does certify such scanners under a special category.
CFS flats from IDloop
Biometric Update recently wrote about one such scanner.
“Hungarian border police are exploring the use of contactless biometric technology made by German startup IDloop in border control and law enforcement….
“The product [CFS flats] was first introduced in 2024 and is the world’s first 3D contactless fingerprint scanner certified by the FBI, according to the firm.”
Note the last four words.
Biometric Update reports news as reported, and I don’t think it’s Biometric Update’s purpose to poke holes in vendor claims. So they just says that THE FIRM SAYS it’s certified, and it’s the first.
Well, IDloop is half right.
Is IDloop’s CFS flats FBI certified?
The way to check certification is to go to the Certified Products List web page at the FBI Biometric Specifications website. You can go there yourself: https://fbibiospecs.fbi.gov/certifications-1/cpl
And if you do, scroll down to the “Firm” area and look for IDloop in the list of firms.
Yes, it’s there, and it has a certification under the Personal Identity Verification (PIV) specification, originally dated 10/30/2024, modified 1/28/2026.
Here’s the description:
“CFS flats contactless, up to 4-finger, capture device at 500 ppi (PIV-071006) (original 10/24; algorithm update 1/26) Note: Device images a 3-dimensional object, but testing was primarily 2-dimensional – Not for use with CJIS systems.”
Again, the FBI isn’t allowing contactless submissions to CJIS systems such as NGI, in part because the Appendix F specifications assume analysis of fingerprint images on a 2-dimensional object. Obviously very, very difficult with contactless devices that capture 3-dimensional objects.
Is IDloop’s CFS flats first?
Again, here’s what IDloop claims.
“Introducing CFS flats—the world’s first FBI-certified 3D contactless fingerprint scanner.“
Um…perhaps I should share a bit of my personal history, for those who don’t know.
From 2009 to 2017 I worked for a company called MorphoTrak. Know where this is going?
But I’m not going to focus on my former employer.
Initial CPL search
Remember that unusual sentence that appears in IDloop’s description of its PIV certification?
“Device images a 3-dimensional object, but testing was primarily 2-dimensional”
I assert that if we can find ANY contactless product in the Certified Products List that uses that same language and was certified before 10/30/2024, then IDloop’s claim of being first is…somewhat inaccurate.
So I checked.
Two products received PIV certification before October 2024, MorphoWave XP (July 2020) and MorphoWave TP (May 2024). The first was originally certified over 4 years BEFORE the IDloop product.
“MorphoWave XP (formerly MorphoWave Compact) contactless, up to 4-finger, livescan device at 500 ppi (PIV-071006) (alternate enrollment processing 6/23; name change 2/22; contrast stretch 9/21; original 7/20) Note: Device images a 3-dimensional object, but testing was primarily 2-dimensional – Not for use with CJIS systems.”
Subsequent CPL search
And what if you search for the word “contactless” instead and just look at the 4-finger PIV certifications?
If you do so, you can find certifications from 2019 and earlier for products from Advanced Optical Systems (October 2015 May 2017), Safran Morpho (November 2015, under the original name “Finger On The Fly”), and Thales (May 2019). All years BEFORE the IDloop product.
IDloop, meet Advanced Optical Systems
While Advanced Optical Systems is no more, let’s look at the description for that original AOS product.
“ANDI OTG
contactless, up to 4-finger, livescan capture system at 500ppi (PIV-071006). Note: Device images a 3-dimensional object, but testing was only 2-dimensional – Not for use with CJIS systems”
Oh, and there was a press release:
“Huntsville, AL, November 30, 2015 (Newswire.com) –Advanced Optical Systems, Inc made the historic announcement today that their revolutionary, zero-contact “On The Go” fingerprint technology, ANDI® OTG, is the first non-contact fingerprint system to be certified by the US Federal Bureau of Investigation (FBI). The FBI added the device to the agency’s Certified Product List (CPL) on November 27th, 2015.”
So IDloop may be certified, but it’s NOT the first contactless 4-finger scanner to receive certification.
It should have fact checked with the biometric product marketing expert.
Who Can Write My Biometric Company’s Product Marketing Content?
Someone who is a biometric product marketing expert.
Someone who has three decades of expertise in biometrics.
Someone who has worked with fingerprints, faces, irises, voices, DNA, and other biometric modalities.
Someone who understands the privacy landscape in Europe (GDPR), Illinois (BIPA), California, and elsewhere.
Oh…and someone who can write.
So who can write this stuff?
I know someone. Bredemarket.
Some great videos
Biometric product marketing expert.
Which Biometric Modalities Does NIST Investigate?
I’ve spent a lot of time in the Bredemarket blog looking at a variety of NIST studies of different biometric modalities.
But you can read up on them yourself.
NIST has investigated the following biometric modalities, using both definitions of the word biometrics:
- Voice identification and analysis.
But NIST has not spent taxpayer money researching other biometric modalities, such as tongue identification.
Did You Say Fingerprint Cards, ATF NFA Person?
The Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF, a legacy acronym) is part of the Department of Justice (moved from Treasury when Homeland Security was created). One of its duties is to administer the regulations from the National Firearms Act (NFA) of 1934.
In the course of its duties, ATF fingerprints certain gun owners.
As Bayometric notes in a detailed article, there are two ways to generate the fingerprint cards required by ATF: traditional ink fingerprinting to create an FD-258 card, and live scan fingerprinting to create one or more FD-258 cards. Although the latter is more expensive (even a non-ruggedized live scan station is much more expensive than an ink pad), live scans measure quality immediately and are less suspectible to operator error.
But why even worry about FD-258 cards? ATF supports an eForms service which allows you to submit prints electronically like everyone else does.
Then again, if you’re suspicious of Big Brother, you may opt for non-electronic inked fingerprints.
Bredemarket 