Tag Archives: fingerprint

Telos enters the touchless fingerprint market

Years before COVID became a thing, the U.S. government had a desire to encourage touchless fingerprint technologies. This began many years ago with a concerted effort to capture a complete set of fingerprints in less than 15 seconds. By 2016, this had evolved to a set of Cooperative Research and Development Agreements (CRADA) entered into by the National Institute of Standards and Technology and several private companies.

Slide 10 from the NIST presentation posted at https://www.nist.gov/system/files/documents/2016/12/14/iai_2016-nist_contactless_fingerprints-distro-20160811.pdf

For purposes of this post, I’m going to concentrate on just one of the listed mobile fingerprint capture technology solutions. The mobile fingerprint capture technologies from these companies were intended to support the capture of fingerprints from a standard smartphone without any additional capture equipment. (Compare this to the portal/kiosk category, which employed specialized capture equipment.)

One of NIST’s CRADA partners for mobile fingerprint capture was a company called Diamond Fortress Technologies.

Via our CRADA  relationship (Cooperative Research and Development Agreement), Diamond Fortress is currently working with NIST to develop standards dealing with best practices, certification methodology, data formatting and interoperability with legacy contact-based and inked print databases for optical acquisition systems. This will support future certification for purchase on the Government Certified Products lists.

Fast forward a few years, and Diamond Fortress Technologies’ offering is back in the news again.

Telos Corporation has acquired the ONYX touchless fingerprint biometric software and other assets of Diamond Fortress Technologies (DFT), and appears to be targeting new verticals with the technology.

Now that happened to catch my eye for one particular reason.

You see, my former employer IDEMIA used to have a monopoly on the TSA PreCheck program. If you wanted to enroll in TSA PreCheck, you HAD to go to IDEMIA. This provided a nice revenue stream for IDEMIA…well, perhaps not so nice when all of the airports lost traffic due to COVID.

Anyway, the Congress decided that one provider wasn’t optimal for government purposes, so in early 2020 other vendors were approved as TSA PreCheck providers.

WASHINGTON – Transportation Security Administration (TSA) today announced that TSA PreCheck™ enrollment services will now be provided by Alclear, LLC; Telos Identity Management Solutions, LLC; and Idemia Identity & Security USA, LLC, expanding the opportunities that enable travelers to apply for TSA PreCheck.

Just to clarify, the company then known as Alclear is better known to the general public as CLEAR.

And the third company is Telos.

Which is now apparently moving into the touchless fingerprint space.

From https://diamondfortress.com/onyx/. Fair use.

Now THAT is going to have an impact on enrollment.

Build your own automated fingerprint identification system…for FREE!

At Bredemarket, I work with a number of companies that provide biometric systems. And I’ve seen a lot of other systems over the years, including fingerprint, face, DNA, and other systems.

The components of a biometric system

While biometric systems may seem complex, the concept is simple. Years ago, I knew a guy who asserted that a biometric system only needs to contain two elements:

  • An algorithm that takes a biometric sample, such as a fingerprint image, and converts it into a biometric template.
  • An algorithm that can take these biometric templates and match them against each other.

If you have these two algorithms, my friend stated that you had everything you need for an biometric system.

Well, maybe not everything.

Today, I can think of a few other things that might be essential, or at least highly recommended. Here they are:

  • An algorithm that can measure the quality of a biometric sample. In some cases, the quality of the sample may be important in determining how reliable matching results may be.
  • For fingerprints, an algorithm that can classify the prints. Forensic examiners routinely classify prints as arches, whorls, loops, or variants of these three, and classifications can sometimes be helpful in the matching process.
  • For some biometric samples, utilities to manage the compression and decompression of the biometric images. Such images can be huge, and if they can be compressed by a reliable compression methodology, then processing and transmission speeds can be improved.
  • A utility to manage the way in which the biometric data is accessed. To ensure that biometric systems can talk to each other, there are a number of related interchange standards that govern how the biometric information can be read, written, edited, and manipulated.
  • For fingerprints, a utility to segment the fingerprints, in cases where multiple fingerprints can be found in the same image.

So based upon the two lists above, there are seven different algorithms/utilities that could be combined to form an automated fingerprint identification system, and I could probably come up with an eighth one if I really felt like it.

My friend knew about this stuff, because he had worked for several different firms that produced fingerprint identification systems. These firms spent a lot of money hiring many engineers and researchers to create all of these algorithms/utilities and sell them to customers.

How to get these biometric system components for free

But what if I told you that all of these firms were wasting their time?

And if I told you that since 2007, you could get source code for ALL of these algorithms and utilities for FREE?

Well, it’s true.

To further its testing work, the National Institute of Standards and Technology (NIST) created the NIST Biometric Image Software (NBIS), which currently has eight algorithms/utilities. (The eighth one, not mentioned above, is a spectral validation/verification metric for fingerprint images.) Some of these algorithms and utilities are available separately or in other utilities: anyone can (and is encouraged to) use the quality algorithm, called NFIQ, and the minutiae detector MINDTCT is used within the FBI’s Universal Latent Workstation (ULW).

If the FBI had just waited until 2007, it could have obtained the IAFIS software for free. FBI image taken from Chapter 6 of the Fingerprint Sourcebook, https://www.ojp.gov/pdffiles1/nij/225326.pdf.

As I write this, NBIS has not been updated in six years, when Release 5.0.0 came out.

Is anyone using this in a production system?

And no, I am unaware of any law enforcement agency or any other entity that has actually USED NBIS in a production system, outside of the testing realm, with the exception of limited use of selected utilities as noted above. Although Dev Technology Group has compiled NBIS on the Android platform as an exercise. (Would you like an AFIS on your Samsung phone?)

But it’s interesting to note that the capability is there, so the next time someone says, “Hey, let’s build our own AFIS!” you can direct them to https://www.nist.gov/itl/iad/image-group/products-and-services/image-group-open-source-server-nigos#Releases and let the person download the source code and build it.

Maryland will soon deal with privacy stakeholders (and they CAN’T care about the GYRO method)

Just last week, I mentioned that the state of Utah appointed the Department of Government Operations’ first privacy officer. Now Maryland is getting into the act, and it’s worth taking a semi-deep dive into what Maryland is doing, and how it affects (or doesn’t affect) public safety.

By François Jouffroy – Christophe MOUSTIER (1994), Attribution, https://commons.wikimedia.org/w/index.php?curid=727606

According to Government Technology, the state of Maryland has created two new state information technology positions, one of which is the State Chief Privacy Officer. Because government, I will refer to this as the SCPO throughout the remainder of this post. If you are referring to this new position in verbal conversation, you can refer to the “Maryland skip-oh.” Or the “crab skip-oh.”

From https://teeherivar.com/product/maryland-is-for-crabs/. Fair use. Buy it if you like it. Virginians understand the origins of the phrase.

Governor Hogan announced the creation of the SCPO position via an Executive Order, a PDF of which can be found here.

Let me call out a few provisions in this executive order.

  • A.2. defines “personally identifiable information,” consisting of a person’s name in conjunction with other information, including but not limited to “[b]iometric information including an individual’s physiological or biological characteristics, including an individual’s deoxyribonucleic acid.” (Yes, that’s DNA.) Oh, and driver’s license numbers also.
  • At the same time, A.2 excludes “information collected, processed, or shared for the purposes of…public safety.”
  • But on the other hand, A.5 lists specific “state units” covered by certain provisions of the law, including both The Department of Public Safety and Correctional Services and the Department of State Police.
  • The reason for the listing of the state units is because every one of them will need to appoint “an agency privacy official” (C.2) who works with the SCPO.

There are other provisions, including the need for agency justification for the collection of personally identifiable information (PII), and the need to provide individuals with access to their collected PII along with the ability to correct or amend it.

But for law enforcement agencies in Maryland, the “public safety” exemption pretty much limits the applicability of THIS executive order (although other laws to correct public safety data would still apply).

Therefore, if some Maryland sheriff’s department releases an automated fingerprint identification system Request for Proposal (RFP) next month, you probably WON’T see a privacy advocate on the evaluation committee.

But what about an RFP released in 2022? Or an RFP released in a different state?

Be sure to keep up with relevant privacy legislation BEFORE it affects you.

You will soon deal with privacy stakeholders (and they won’t care about the GYRO method)

I’ve written about the various stakeholders at government agencies who have an interest in biometrics procurements- not only in this post, but also in a post that is available to Bredemarket Premium subscribers. One of the stakeholders that appeared on my list was this one.

The privacy advocate who needs to ensure that the biometric data complies with state and national privacy laws.

Broken Liberty: Istanbul Archaeology Museum. By © Nevit Dilmen, CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php?curid=1115936

If you haven’t encountered a privacy advocate in your marketing or proposal efforts…you will.

Utah Gov. Spencer Cox has appointed Christopher Bramwell as the Department of Government Operations’ first privacy officer….As privacy officer, Bramwell will be responsible for surveying and compiling information about state agencies’ privacy practices to discern which poses a risk to individual privacy. He will also work with the personal privacy oversight commission and state privacy officer to provide government privacy practice reports and recommendations.

Obviously this affects companies that work with government agencies on projects such as digital identity platforms. After all, mobile driver’s licenses contain a wealth of personally identifiable information (PII), and a privacy advocate will naturally be concerned about who has access to this PII.

But what about law enforcement? Do subjects in law enforcement databases have privacy rights that need to be respected? After all, law enforcement agencies legally share PII all the time.

From https://www.facebook.com/UplandPolice/photos/pcb.5828261687245780/5828261513912464/

However, there are limitations on what law enforcement agencies can share.

  • First off, remember that not everyone in a law enforcement database is an arrested individual. For example, agencies may maintain exclusion databases of police officers and crime victims. When biometric evidence is found at a crime scene, agencies may compare the evidence against the exclusion database to ensure that the evidence does not belong to someone who is NOT a suspect. (This can become an issue in DNA mixtures, by the way.)
  • Second off, even arrested individuals have rights that need to be respected. While arrested individuals lose some privacy rights (for example, prisoners’ cells can be searched and prisoners’ mail can be opened), a privacy advocate should ensure that any system does not deny prisoners protections to which they are entitled.

So expect to see a raised concern about privacy rights when dealing with law enforcement agencies. This concern will vary from jurisdiction to jurisdiction based upon the privacy (and biometric) laws that apply in each jurisdiction, but vendors that do business with government agencies need to stay abreast of privacy issues.

A little more about stakeholders, or actors, or whoever

Whether you’re talking about stakeholders in a government agency, stakeholders at a vendor, or external stakeholders, it’s important to identify all of the relevant stakeholders.

Or whatever you call them. I’ve been using the term “stakeholders” to refer to these people in this post and the prior posts, but there are other common terms that could be used. People who construct use cases refer to “actors.” Marketers will refer to “personas.”

Whatever term you use, it’s important to distinguish between these stakeholders/actors/personas/whatever. They have different motivations and need to be addressed in different ways.

When talking with Bredemarket clients, I often need to distinguish between the various stakeholders, because this can influence my messaging significantly. For example, if a key decision-maker is a privacy officer, and I’m communicating about a fingerprint identification system, I’m not going to waste a lot of time talking about the GYRO method.

My time wouldn’t be wasted effort if I were talking to a forensic examiner, but a privacy advocate just wouldn’t care. They would just sit in silence, internally musing about the chances that a single latent examiner’s “green” determination could somehow expose a private citizen to fraud or doxxing or something.

This is why I work with my clients to make sure that the messaging is appropriate for the stakeholder…and when necessary, the client and I jointly develop multiple messages for multiple stakeholders.

If you need such messaging help, please contact Bredemarket for advice and assistance. I can collaborate with you to ensure that the right messages go to the right stakeholders.

Pangiam, CLEAR, and others make a “sporting” effort to deny (or allow) stadium access

Back when I initially entered the automated fingerprint identification systems industry in the last millennium, I primarily dealt with two markets: the law enforcement market that seeks to solve crimes and identify criminals, and the welfare benefits market that seeks to make sure that the right people receive benefits (and the wrong people don’t).

Other markets simply didn’t exist. If I pulled out my 1994-era mobile telephone and looked at it, nothing would happen. Today, I need to look at my 2020-era mobile telephone to obtain access to its features.

And there are other biometric markets also.

Pangiam and stadium bans

Back in 1994 I couldn’t envision a biometrics story in Sports Illustrated magazine. But SI just ran a story on how facial recognition can be used to keep fans out of stadiums who shouldn’t be there.

Some fans (“fanatics”) perform acts in stadiums that cause the sports teams and/or stadium authorities to officially ban them from the stadium, sometimes for life.

John Green is the man in the blue shirt and white baseball cap to Artest’s left. By Copyright 2004 National Basketball Association. – Television broadcast of the Pacers-Pistons brawl on ESPN., Fair use, https://en.wikipedia.org/w/index.php?curid=6824157

But in the past, these measures were ineffective.

For a long time, those “measures” were limited at best. Fans do not have to show ID upon entering arenas. Teams could run checks on all the credit cards to purchase tickets to see whether any belonged to banned fans, but those fans could easily have a friend buy the tickets. 

But there are other ways to enforce stadium bans, and Sports Illustrated quoted an expert on the matter.

“They’ve kicked the fan out; they’ve taken a picture—that fan they know,” says Shaun Moore, CEO of a facial-recognition company called Trueface. “The old way of doing things was, you give that picture to the security staff and say, ‘Don’t let this person back in.’ It’s not really realistic. So the new way of doing it is, if we do have entry-level cameras, we can run that person against everyone that’s coming in. And if there’s a hit, you know then; then there’s a notification to engage with that person.”

This, incidentally, is an example of a “deny list,” or the use of a security system to deny a person access. We’ll get to that later.

But did you notice the company that was mentioned in the last quote? I’ve mentioned that company before, because Trueface was the most recent acquisition by the company Pangiam, a company that has also acquired airport security technology.

But Pangiam/Trueface isn’t the only company serving stadium (and entertainment) venues.

CLEAR and stadium entry

Most of the time, sports stadiums aren’t concentrating on the practice of DENYING people entry to a stadium. They make a lot more money by ALLOWING people entry to a stadium…and allowing them to enter as quickly as possible so they can spend money on concessions.

One such company that supports this is CLEAR, which was recently in the news because of its Initial Public Offering. Coincidentally, CLEAR also provides airport security technology, but it has branched out from that core market and is also active in other areas.

For example, let’s say you’re a die-hard New York Mets fan, and you head to Citi Field to watch a game.

By Chris6d – Own work, CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=101751795

The Mets don’t just let anyone into the stadium; you have to purchase a ticket. So you need to take your ticket out of your pocket and show it to the gate staff, or you need to take your smartphone out of your pocket and show your digital ticket to the gate staff.

What if you could get into the stadium without taking ANYTHING out of your pocket? Well, you can.

In the CLEAR Lane, your fingerprint is all you need to use tickets in your MLB Ballpark app – no need to pull out your phone or printed ticket as you enter the game.

Now that is really easy.

Pangiam and CLEAR aren’t the only companies in this space, as I well know. But there’s the possibility that biometrics will be used more often for access to sports games, concerts, and similar events.

How livescan fingerprinting enrollment service providers win business

One of the tasks that I used to perform as an employee of IDEMIA was to track the state-by-state status of livescan fingerprinting enrollment services. And I soon discovered that enrollment services differed substantially from IDEMIA’s other major product lines.

This post describes the nuances in livescan fingerprinting enrollment services, the many players that are involved, the livescan technology, and (most importantly) how enrollment service providers win business.

Why enrollment services differ from driver’s license and AFIS services

At IDEMIA, I tracked the company’s presence in three major product lines (and a slew of others). And IDEMIA’s presence in each market differed depending upon the nuances of the markets.

  • For IDEMIA’s driver’s license services, there was only one provider for each state. Let’s face it, you can’t have two agencies issuing state driver’s licenses. (Although I guess this would satisfy someone’s libertarian fantasy.)
  • For IDEMIA’s automated fingerprint identification systems (AFIS), there was only one provider of law enforcement AFIS in each state. However, there were other statewide fingerprinting systems back in the days when fingerprints were used for welfare benefits, and a number of county and city law enforcement agencies had their own AFIS systems.
  • But for IDEMIA’s enrollment services, there could potentially be dozens or hundreds of small businesses that provided the service. All of this depended upon how the state authorized enrollment. In some states, only one private entity could provide enrollment services, while in some other states multiple private entities could do so.

Why we have enrollment services

So what are “enrollment services”? I’ll defer to my former employer IDEMIA and use the description from its IdentoGO website.

IdentoGO by IDEMIA provides a wide range of identity-related services with our primary service being the secure capture and transmission of electronic fingerprints for employment, certification, licensing and other verification purposes – in professional and convenient locations.

Of course IdentoGO isn’t the only “channeler” in town. A number of these small businesses that provide enrollment services are allied with Certifix Livescan, others with Thales (Gemalto), others with Fieldprint, others with Biometrics4All, and others with many other FBI-approved channelers.

And in some cases, you can go to your local police agency and have the police capture your fingerprints for enrollment purposes.

The Ripon (California) Police Department provides LiveScan fingerprinting service to the public. https://riponpd.org/?page_id=1226

The channelers, and the hundreds upon hundreds of local businesses that are supported by them, handle some or all of a variety of fingerprint verification tasks, including (depending upon the individual state or Federal regulations) banking, education, firearm permits, health care, insurance, legal services, real estate, social services, state employment, transportation, and many others.

  • The basic theory is that if you are, for example, applying for a banking position, your fingerprints are searched against the FBI’s fingerprint database to make sure you don’t have a prior fraud conviction.
  • Or if you’re applying for an education position, you weren’t previously convicted of committing a crime at a school or with children.
  • Or if you’re applying for a transportation position, those multiple drunk driving convictions may cause a problem.

You get the idea.

Who are the end enrollment service providers?

So who are these small business owners who offer these livescan fingerprinting enrollment services?

In most cases, enrollment services are an add-on to a small firm’s existing business.

  • Maybe the business is a travel agency, and it offers fingerprinting along with other travel-related services (such as passport photos).
  • Maybe the business is a tax preparation service.
  • Maybe it’s an insurance agency.

So the business buys or leases a desktop livescan station, aligns with one of the major channelers, gets the necessary state approvals (in California, from the Office of the Attorney General), and waits for the applicants to…well, apply.

Livescan fingerprint capture isn’t idiot-proof, but if I can do it, you probably can also

“But wait,” you may say. “Isn’t the capture of fingerprints a specialized process requiring substantial forensic knowledge?”

She’s not a CSI, but she played one on TV. By Source, Fair use, https://en.wikipedia.org/w/index.php?curid=17752707

While you do need to take care to capture fingerprints correctly, livescan systems have dramatically improved in quality, allowing a travel agent or insurance agent to capture high-quality prints.

(I’ll let you in on a little secret: even the law enforcement officers who capture livescan prints from criminals don’t necessarily have years of experience in fingerprint capture.)

As someone who has worked with livescan systems since the mid 1990s, I can attest to the dramatic improvements in livescan technology. I wasn’t around in the early 1990s when Printrak and Digital Biometrics partnered to provide an AFIS-compatible livescan, but I was certainly around when Printrak introduced its own livescan, the LiveScan Station 2000 (LSS 2000), that competed with Digital Biometrics, Identix, and other livescan providers. (Today, former competitors Digital Biometrics, Identix, and Printrak are all part of a single company, IDEMIA.) The LSS 2000 used a Printrak-manufactured capture device attached to a computer running Digital UNIX.

By the time I became a product manager (not for livescans, but for AFIS servers), Motorola introduced two new livescan devices, the LiveScan Station 3000U and the LiveScan Station 3000N. (The “U” stood for Unix, the “N” for the Windows NT family.) The capture device for these two workstations was manufactured by Heimann Biometric Systems, which through a series of subsequent mergers is now part of HID Global.

When you’re an employee of a fingerprinting company, you’re often asked to participate in fingerprint scanner tests. (At least you were in the days before GDPR and CCPA.) So the livescan engineers decided to compare the capture quality of the LSS 2000, the LSS 3000U, and the LSS 3000N. I joined several others in participating in the scanner tests.

But I ran into a problem.

At the time that I participated in this scanner test, I had been working with paper for about two decades, and as a result of this and other things I have very light fingerprints. This isn’t an issue if you’re using a subdermal fingerprint capture system (Lumidigm, one manufacturer of such systems, was also acquired by HID Global), but it’s definitely an issue with the average optical system.

Oh, and did I mention that we were capturing our OWN fingerprints as part of this test? Rather than getting a trainer or someone with law enforcement experience to take our prints, this motley assemblage of marketers and engineers was following the DIY route.

With the result that the fingerprints that I captured on the LSS 2000 were pretty much unusuable.

But the later generation LSS 3000 prints looked a lot better. (I believe that the LSS 3000N prints were the best, which heralded the last hurrah for UNIX workstations in the AFIS world, as Windows computers proved their ability to perform AFIS work.)

And of course time has not stood still since those experiments in the early 2000s. (Although you can still buy a LiveScan 3000N today, for the price of $1.00.)

LiveScan 3000N, offered for sale at https://www.propertyroom.com/l/morphotrak-finger-print-scanner-camera/14061023

Today you can buy livescan stations that capture prints at 1000 pixels per inch (ppi), 4 times the resolution of the 500 ppi stations that were prevalent in the 1990s and early 2000s. And frankly, that are still prevalent today; most law enforcement agencies see no need to buy the more expensive 1000 ppi stations, so 500 ppi stations still prevail.

So how does a customer select a livescan fingerprinting enrollment service provider?

So let’s say a customer is applying for a position at a bank or at a school or somewhere else that asks for a fingerprint check. In the state of California, there’s not just one place that you can go to get this service. For example, there are probably a dozen or more enrollment service providers within a few miles of Bredemarket’s corporate headquarters in Ontario.

So how does a customer select a livescan fingerprinting enrollment service provider?

Well, customers do so just like they do with any other business.

IdentoGO Mobile Enrollment RV. https://www.identogo.com/mobile-enrollment-rv
  • Maybe they saw a picture of the IdentoGO RV and that caused “IdentoGO” to stick in their mind when searching for an enrollment service provider.
  • Or maybe they’re driving down a street in the neighborhood and they see a sign that mentions “livescan fingerprinting.”
  • Or maybe they’re on Facebook and see a page that promotes a specific livescan fingerprint enrollment service provider.

The key for the enrollment service provider, of course, is to make sure that your message stays top of customer’s mind when the time comes for the customer to need your service.

  • Your message needs to appear where the customer will see it.
  • Your message has to speak to the customer’s needs.
  • And your message must explain how to obtain the service. Does the customer have to make an appointment? If so, how does the customer make the appointment?

If the customer never sees your message, it’s going to be a lot harder for the customer to use your business. While the California Office of the Attorney General does include a list of all of the authorized livescan fingerprinting providers in California, and all of the various channelers maintain their own lists, neither the Attorney General nor your friendly channeler is going to necessarily direct someone to YOUR business.

You need to let your customers know of your existence, and WHY your service BENEFITS them as opposed to the service down the street.

Bredemarket can help.

If you provide livescan fingerprinting enrollment services and need experienced and knowledgeable help in getting your message out to your customers, contact me:

Read Mike French’s “Why agencies should conduct their own AFIS benchmarks rather than relying on others.”

Today my content calendar says that I’m supposed to be posting about social media, so I’m going to discuss a LinkedIn article. That fits, doesn’t it?

Seriously, Mike French has posted his long-awaited (by me, anyway) article on the need for automated fingerprint identification system (AFIS) benchmarks. And his perspective is valuable.

People enter the AFIS industry in different ways. I entered the industry as a writer, and therefore needed some time to master the forensic and technical concepts. Mike came from the forensic disciplines, having worked in the Latent Print Unit at the King County Sheriff’s Office before joining Sagem Morpho, which became MorphoTrak, which became IDEMIA Identity & Security N.A.

By Frettie – Own work, CC BY 3.0, https://commons.wikimedia.org/w/index.php?curid=6158485

Because of this background, Mike obviously has an appreciation for a law enforcement agency’s forensic requirements, and why it is important for the agency to conduct its own benchmark of AFIS vendors. As Mike notes, more and more agencies are choosing to rely on independent measurements based on test data. This may not be the best course for an agency.

But go read Mike’s words yourself.

https://www.linkedin.com/pulse/why-agencies-should-conduct-own-afis-benchmarks-rather-mike-french/

(Bredemarket Premium) I can’t TELL you the law enforcement AFIS vendors in each state, but…

Well, it’s time for another post in the Bredemarket Premium series, in which posts are only viewable by paying subscribers.

I thought about this topic when I was asked by someone NOT in the automated fingerprint identification system (AFIS) industry to explain the industry. And I told him some things that would benefit people who ARE in the AFIS industry. Some people already know these things, while some people don’t. One example: which AFIS vendors service which customers?

From https://dps.mn.gov/divisions/bca/bca-divisions/forensic-science/Pages/midwest-automated-fingerprint-identification-network.aspx

For purposes of this post I will concentrate on state-level law enforcement AFIS in the United States, although AFIS are available at many government (and enterprise) levels for many markets in many countries.

As I detail in the post, I actually know all of this information myself, but I can’t share it. So this post is intended to tell you how to obtain this information yourself, from publicly available sources. And I’ll even give you a few pointers to get you started.

Subscribe to get access

Subscribe to Bredemarket Premium to access this premium content.

  • Subscriptions just $5 per month.
  • Access Bredemarket’s expertise without spending hundreds or thousands of dollars.
Subscribe

What is an “antimicrobial” contact fingerprint reader? And what is it NOT?

In the COVID and (soon) post-COVID area, people don’t want to touch things. That impacts how identity products are marketed, including biometric readers.

Why contactless biometrics are “better” than contact biometrics

In the biometric world, this reluctance to touch things has served to promote CONTACTLESS biometric technologies, such as facial recognition, other other technologies. The loser in this has been fingerprint-based technologies, as several facial and iris vendors have made the claim that face/iris biometrics are contactless, while fingerprint biometrics are NOT contactless.

Well, my friends at my former employer IDEMIA might take issue with that claim, since you literally do NOT touch the fingerprint reader in IDEMIA’s MorphoWave product. IDEMIA does not (to my knowledge) make any medical claims about MorphoWave, but the company does emphasize that its contactless fingerprint reader allows for fast capture of four-finger slaps.

To protect their premises, organizations need access control solutions that are efficient, fast, and convenient. A contactless fingerprint scanner provides an optimum answer high throughput workplaces. IDEMIA’s MorphoWave contactless fingerprint solution scans and verifies 4 fingerprints in less than 1 second, through a fully touchless hand wave gesture. Thanks to the simplicity of this gesture, the throughput can reach up to 50 people per minute.

An antimicrobial contact fingerprint reader?

But what if there were a CONTACT solution that allowed you to capture prints with a reduced fear of “bad things”?

That’s what Integrated Biometrics appears to be claiming.

Integrated Biometrics (IB), the world leader in mobile, FBI-certified biometric fingerprint scanners, and NBD Nanotechnologies (NBD Nano), the surface coating experts, today announced the inclusion of NBD’s RepelFlex MBED transparent coating on IB’s entire line of fingerprint scanners.

An ultra-thin, transparent coating, RepelFlex MBED is designed to provide outstanding antimicrobial, anti-scratch, and anti-stain protection to devices. Long-lasting and multi-functional, RepelFlex MBED is ideal for surfaces that must stand up to high throughput and harsh conditions without compromising accuracy.

So what exactly does “antimicrobial” mean?

cluster of Escherichia coli bacteria magnified 10,000 times. By Photo by Eric Erbe, digital colorization by Christopher Pooley, both of USDA, ARS, EMU. – This image was released by the Agricultural Research Service, the research agency of the United States Department of Agriculture, with the ID K11077-1 (next)., Public Domain, https://commons.wikimedia.org/w/index.php?curid=958857

Let’s see how NBD Nano describes it.

Preventing the presence and growth of microbials on surfaces is becoming increasingly important. Antimicrobial performance is especially critical on surfaces that are accessible to the public in order to prevent the spread of stain and odor causing bacteria and microbes.

And if you drill further down in NBD Nano’s website, you find this information in a technical data sheet (PDF).

Antimicrobial Performance: Japanese Industrial Standard (JIS) Z 2801 – PASS*
*as tested by Microchem Laboratory, Round Rock, TX

Now since I’m not up to date on my Japanese Industrial Standards, I had to rely on the good folks at the aforementioned Microchem Laboratory to explain what the standard actually means.

The JIS Z 2801 method tests the ability of plastics, metals, ceramics and other antimicrobial surfaces to inhibit the growth of microorganisms or kill them. The procedure is very sensitive to antimicrobial activity and has a number of real world applications anywhere from the hospital/clinical environment to a household consumer company concerned with the ability of a material they have to allow bacterial growth.

The JIS Z 2801 method is the most commonly chosen test and has become the industry standard for antimicrobial hard surface performance in the United States.

It may be antimicrobial, but what about preventing the “C” word?

Now you may have noticed that Microchem Laboratory, NBD Nano, and Integrated Biometrics did not make any medical claims regarding their products. None of them, for example, used the “C” word in any of their materials.

There’s a very, very good reason for that.

If any of these product providers were to make specific MEDICAL claims, then any sales in the United States would come under the purview of the U.S. Food and Drug Administration.

This is something that temperature scanner manufacturers learned the hard way.

Digression: if fever scanners are fever scanners, does that mean they are fever scanners?

Remember “fever scanners”? Those devices that were (and in some cases still are) pointed at your forehead as you enter a building or another secure area? I won’t get into the issues with these devices (what happens when the scanner is placed next to a building’s front entrance on a hot day?), but I will look at some of the claims about those scanners.

About a year ago, John Honovich of IPVM began asking some uncomfortable questions about the marketing of those devices, especially after the FDA clarified what thermal imaging systems could and could not do.

When used correctly, thermal imaging systems generally have been shown to accurately measure someone’s surface skin temperature without being physically close to the person being evaluated….

Thermal imaging systems have not been shown to be accurate when used to take the temperature of multiple people at the same time. The accuracy of these systems depends on careful set-up and operation, as well as proper preparation of the person being evaluated….

Room temperature should be 68-76 °F (20-24 °C) and relative humidity 10-50 percent….

The person handling the system should make sure the person being evaluated…(h)as waited at least 15 minutes in the measurement room or 30 minutes after exercising, strenuous physical activity, bathing, or using hot or cold compresses on the face.

Let’s stop right there. For any of you who have undergone a temperature scan in the last year: how many of you have waited in a measurement room for at least 15 minutes BEFORE your temperature was taken?

Last summer I had a dentist appointment. My dentist is in Ontario, California, where the summers can get kind of hot. The protocol at this dentist’s office was to have you call the office from your car when you arrived in the parking lot, then wait for someone from the office to come outside and take your temperature before you could enter the building.

I was no dummy. I left my car and its air conditioner running while waiting for my temperature to be taken. Otherwise, who knows what my temperature reading would have been? (I also chose NOT to walk to the dentist’s office that day for the same reason.)

Back to John Honovich. He had read the FDA advice on the medical nature of thermal imaging systems, and then noted that some of the manufacturers of said systems were sort of getting around this by stating that their devices were not medical devices.

Even though the manufacturers still referred to them as “fever cameras.”

For example, one vendor (who has since changed its advertising) declared at the time that “thermal temperature-monitoring technology assists in reducing the spread of viral diseases,” even though that vendor’s device “is not a medical device and is not designed or intended for diagnosis, prevention, or treatment of any disease or condition.”

Fever scanners, testosterone supplements…and fingerprint readers

Yes, that language is similar to the language used by providers of natural supplements that, according to anecdotal evidence, work wonders. The FDA really polices this stuff.

So you really don’t want to make medical claims about ANY product unless you can back them up with the FDA. You can say that a particular product passed a particular antimicrobial standard…but you’d better not say anything else.

In fact, Integrated Biometrics only mentions the “antimicrobial” claim in passing, but spends some time discussing other benefits of the NBD Nano technology:

The inclusion of RepelFlex MBED coatings enable IB’s scanners to deliver an even higher level of performance. Surfaces are tougher and more difficult to scratch or stain, increasing their longevity while maintaining print quality even when regular cleaning is not possible due to conditions or times of heavy use.

So the treated Integrated Biometrics products are tough…like those famous 1970s crime fighters Kojak, Columbo, and Danno and the other people from Five-O. (Not that Sherlock and Watson were slouches.)

Book ’em, Danno! By CBS Television – eBay item photo front photo back, Public Domain, https://commons.wikimedia.org/w/index.php?curid=19674714

When biometric readers are “magic” (it’s a small face after all)

The news coming across the wire is that Disney’s Magic Kingdom in Florida is testing facial recognition. (H/T International Biometrics + Identity Association.)

“At Walt Disney World Resort, we’re always looking for innovative and convenient ways to improve our guests’ experience—especially as we navigate the impact of COVID-19. With the future in mind and the shift in focus to more touchless experiences, we’re conducting a limited 30-day test using facial recognition technology.”

If the test is successful and facial recognition is implemented, it would be a replacement for (touch) fingerprint technology, which the Disney parks suspended last July for health reasons. (Although touchless fingerprint options are available.)

Disney’s biometric history extends back to 2006, when it used hand geometry.