If you are a jobseeker on LinkedIn, you have probably seen people claim to be recruiters from well-known companies, when in truth they are nothing of the kind.
Faking your employer has existed for a long time. Just ask the Delaware State Police, who for some reason isn’t keen on people who impersonate police officers.
“[A] 23-year-old man from Laurel, Delaware…reported that he had been driving eastbound on Nine Foot Road, east of Laurel Road, when a white Dodge Magnum with Arizona registration pulled behind him and activated flashing red and blue lights. As the victim began to pull over, the Dodge passed him and continued driving.”
Because Arizona police officers patrol Delaware all the time.
The 23 year old was rightfully concerned, called 911, reported the incident, and described the vehicle. But that wasn’t the end of it.
“Shortly after, the driver of the Dodge pulled up next to the victim and verbally confronted him. The victim did not engage, and the suspect eventually fled the scene.”
After an investigation, the Delaware State Police arrested Blayden Rose of Selbyville, Delaware, for impersonating a police officer.
The real Blayden Rose, courtesy the Delaware State Police. The police like to take pictures of special people.
Not sure if Rose can get off on a technicality (“I wasn’t claiming to be a cop, I was just doing a strobe show”), but it reminds us that we have to trust, but verify.
Normally these blog posts are addressed to Bredemarket’s PROSPECTS, the vendors who provide solutions that use biometrics or other technology. Such as identity proofing solutions.
But I’ve targeted this post for another audience, the organizations that BUY biometrics and technology solutions such as identity proofing solutions. Who knows? Perhaps they can use Bredemarket’s content-proposal-analysis services also. Later I will explain why you should use Bredemarket, and how you can use Bredemarket.
So if you are with an organization that SELLS identity proofing solutions, you can stop reading now. You don’t want to know what I am about to tell your prospects…or do you?
When you buy an identity proofing solution, you take on many responsibilities. While your vendor may be able to help, the ultimate responsibility remains with you.
Here are some questions you must answer:
What are your business goals for the project? Do you want to confirm 99.9% of all identities? Do you want to reduce fraudulent charges below $10 million? How will you measure this?
What are your technology goals for the project? What is your desired balance between false positives and false negatives? How will you measure this?
How will the project achieve legal compliance? What privacy requirements apply to your end users—even if they live outside your legal jurisdiction? Are you obtaining the required consents? Can you delete end user data upon request? Are you prepared if an Illinois lawyer sues you? Do you like prison food?
A new Government Accountability Office (GAO) audit found the Internal Revenue Service (IRS) has not exercised sufficient oversight of its digital identity-proofing program…
As many of you know, the IRS’ identity proofing vendor is ID.me. The GAO didn’t find any fault with ID.me. And frankly, it couldn’t…because according to the GAO, the IRS’ management of ID.me was found to be deficient.
“IRS was unable to show it had measurable goals and objectives for the program. IRS receives performance data from the vendor but did not show it independently identified outcomes it is seeking. IRS also has not shown documented procedures to routinely evaluate credential service providers’ performance. Without stronger performance reviews, IRS is hindered in its ability to take corrective actions as needed.
“ID.me acknowledges that its identity-proofing process involves the use of artificial intelligence (AI) technologies. However, IRS has not documented these uses in its AI inventory or taken steps to comply with its own AI oversight policies. Doing so would provide greater assurance that taxpayers’ rights are protected and that the technologies are accurate, reliable, effective, and transparent.”
You would think the IRS had a process for this…but apparently it doesn’t.
Dead on arrival (DOA).
But I’m not the IRS!
I’ll grant that you’re not the IRS. But is your identity proofing program management better…or worse?
Do you know what questions to ask?
Let Bredemarket ask you some questions. Perhaps these can help you create relevant external and internal content (I’ve created over 22 types of content), manage an RFP proposal process, or analyze your industry, company, or competitors.
I believe we all agree on the problem: the need to measure the accuracy of facial analysis and facial recognition algorithms for different populations. For purposes of this post we will concentrate on a proxy for race, a person’s skin tone.
Why skin tone? Because we have hypothesized (I believe correctly) that the performance of facial algorithms is influenced by the skin tone of the person, not by whether or not they are Asian or Latino or whatever. Don’t forget that the designated races have a variety of skin tones within them.
But how many skin tones should one use?
40 point makeup skin tone scale
The beauty industry has identified over 40 different skin tones for makeup, but this granular of an approach would overwhelm a machine learning evaluation:
[L]arger scales like these can be challenging for ML use cases, because of the difficulty of applying that many tones consistently across a wide variety of content, while maintaining statistical significance in evaluations. For example, it can become difficult for human annotators to differentiate subtle variation in skin tone in images captured in poor lighting conditions.
6 point Fitzpatrick skin tone scale
The first attempt at categorizing skin tones was the Fitzpatrick system.
To date, the de-facto tech industry standard for categorizing skin tone has been the 6-point Fitzpatrick Scale. Developed in 1975 by Harvard dermatologist Thomas Fitzpatrick, the Fitzpatrick Scale was originally designed to assess UV sensitivity of different skin types for dermatological purposes.
However, using this skin tone scale led to….(drumroll)…bias.
[T]he scale skews towards lighter tones, which tend to be more UV-sensitive. While this scale may work for dermatological use cases, relying on the Fitzpatrick Scale for ML development has resulted in unintended bias that excludes darker tones.
10 point Monk Skin Tone (MST) Scale
Enter Dr. Ellis Monk, whose biography could be ripped from today’s headlines.
Dr. Ellis Monk—an Associate Professor of Sociology at Harvard University whose research focuses on social inequalities with respect to race and ethnicity—set out to address these biases.
If you’re still reading this and haven’t collapsed in a rage of fury, here’s what Dr. Monk did.
Dr. Monk’s research resulted in the Monk Skin Tone (MST) Scale—a more inclusive 10-tone scale explicitly designed to represent a broader range of communities. The MST Scale is used by the National Institute of Health (NIH) and the University of Chicago’s National Opinion Research Center, and is now available to the entire ML community.
At least for now. Biometric Update notes that other skin tone measurements are under developoment, including the “Colorimetric Skin Tone (CST)” and INESC TEC/Fraunhofer Institute research that uses “ethnicity labels as a continuous variable instead of a discrete value.”
But will there be enough data for variable 8.675309?
If you think Mr. Owl’s conclusion was flawed, let’s look at Google.
One, two, three…three
I was researching the Monk Skin Tone Scale for a future Bredemarket blog post, but before I share that post I have to respond to an inaccurate statement from Google.
In 2018, the pioneering Gender Shades study demonstrated that commercial, facial-analysis APIs perform substantially worse on images of people of color and women.
Um…no it didn’t.
I will give Google props for using the phrase “facial-analysis,” which clarifies that Gender Shades was an exercise in categorization, not individualization.
But to say that Gender Shades “demonstrated that commercial, facial-analysis APIs perform substantially worse” in certain situations is an ever-so-slight exaggeration.
Kind of like saying that a bad experience at a Mexican restaurant in Lusk, Wyoming demonstrates that all Mexican restaurants are bad.
The Gender Shades study evaluated only three algorithms: one from IBM, one from Microsoft, and one from Face++. It did not evaluate the hundreds of other facial recognition algorithms that existed in 2018 when the study was released.
So to conclude that all facial classification algorithms perform substantially worse cannot be supported…because in 2018 the other algorithms weren’t tested.
“May spotlighted how even the most advanced enterprises are vulnerable when identity systems are fragmented, machine identities go unmanaged, and workflows rely too heavily on manual intervention—creating conditions ripe for risk. Enterprises need to get the message: identity is the perimeter of cybersecurity, and orchestration is the force multiplier. It’s time to learn how to effectively leverage it.”
Of course, there’s that interesting wrinkle of the identities of non-person entities, which may or may not be bound to human identities. Simeio, with its application onboarding solution, plays in the NPE space.
As for me, I need to start thinking about MY Bredemarket monthly LinkedIn newsletter (The Wildebeest Speaks) soon. June approaches. (Here’s the May edition if you missed it.)
“If you need a consultant for marketing or proposal work, and your company is involved in the identification of individuals, Bredemarket can accept the work.”
Because…I learned at 7:30 that morning that my individual identification employer was no longer my employer. Several of us lost our jobs that day.
As it turns out, my view of my employment future was overly optimistic.
“Maybe I’ll find a new full-time position in a couple of weeks, and I’ll again have to reduce hours and scope.”
As it ended up, I didn’t…and I haven’t.
Your credentials are too impressive, so we are moving in a different direction.
And I’m paying full price for my healthcare—no employer subsidy.
Bredemarket 