Behind the hype

As biometrics are offered as the foolproof way to identify terrorists and prevent crime, are we missing vital opportunities based on existing proven technologies? David Fowler finds out.

There is no more poignant moment than when technology that promises to protect us from crime – or at least deliver justice after the event – fails to do so.

The desperate effort by Surrey Police, with the help of FBI experts, to enhance CCTV footage of the last recorded sightings of murdered schoolgirl Amanda Dowler is one of the more notable recent examples.

Video surveillance has become a vital weapon in the armoury of law enforcement agencies, from deterring Saturday night vandals to catching child killers.

It has, however, been overshadowed in the headlines by the new generation of biometric technologies, many originating from the US, which seem to offer foolproof answers to security concerns by using the fundamental characteristics of the human body itself to establish identity.

But as reported in The Engineer (Cover Story, 13 June) there are doubts about whether the technology can live up to its expectations.

Away from the glare of the biometrics spotlight, a significant amount of research is underway in the UK to make CCTV – still widely, if slightly misleadingly, used as blanket term for video surveillance technology – a more efficient tool for security purposes.

This is being achieved via a happy conjunction of big advances in digital imaging, video compression, ever-more powerful computer processing and networking capabilities and more refined automation and remote control systems.

The crucial element is the move from analogue technology, the mainstay of CCTV systems for decades, to digital recording. Not only is the image quality vastly superior, but also cameras cease to be ‘dumb terminals’ – instead becoming part of a network that can be controlled from a single centre.

Earlier this year, Midlands-based Quadnetics Group unveiled in Sheffield what is claimed to be one of the most technically advanced CCTV systems in Europe.

Designed in conjunction with IT giant IBM, the Sheffield system aims to take surveillance networks away from the realm of grainy shots to the type of crystal-clear images needed to spot crimes as they take place and identify suspects afterwards.

Huge storage capacity gives such systems the ability to store billions of images for several months.

Quadnetics, which has similar installations in Manchester andLondon’s west end, is one of a range of UK companies working at the leading edge of video surveillance technology.

Indigovision, the Edinburgh video company specialising in internet-based systems, said it now has three ‘significant’ projects using MPEG4, the state-of-the-art multimedia video standard. It has also installed a vast system at Brussels Airport, the first airport in the world to use ethernet networking technology to allow CCTV images to be recorded in full motion and real-time from more than 700 cameras.

Projects such as these, which make high-quality video surveillance technically possible, are a vital platform for biometric applications such as facial recognition systems. Without high-quality images, and the ability to monitor and process them, such systems will simply not work.

In fact, some experts are warning that opportunities for crime prevention and increased security based on existing technologies are being missed because of the focus on biometrics.

Prof. Ken Pease, professor of criminology at the University of Huddersfield and a visiting professor at the Jill Dando Institute of Crime Science at UCL, said: ‘The technology is already there – it just needs an effort of imagination.’

He points to automatic number plate recognition as one tried and tested example. ‘We know it works from a trial in Northampton which linked local authority CCTV cameras to the police database to check number plates against those wanted in connection with crimes. The trial led to a significant increase in arrests.

‘I think the right attitude to biometrics is scepticism until you prove they’re foolproof. For example, what’s the trade-off between false positives and false negatives?’

There are four main types of biometric system. Fingerprint recognition, probably the most widely used and fairly inexpensive to implement; face recognition; voice recognition, perhaps the least widely implemented; and iris recognition, which is thought by many to have the greatest potential.

Saflink is a US firm which acts as a system integrator for a wide range of recognition technology of all four types. Its activities are expanding into the use of biometrics on identity cards. Its clients are in financial services, education, healthcare and, increasingly, government projects.

However, implementations so far have tended to be groups of a limited size, such as firms wanting to control access secure areas, groups of students at schools or members of frequent flyer or trusted traveller schemes, as at Amsterdam’s Schipol airport. At Schipol, iris recognition is used as part of a membership package.

‘A multi-usery environment such as an airport presents more difficulties than a single-user,’ said Saflink director of engineering and chief software architect Dwayne Mercredi.

But a possible solution is to incorporate a biometric image into a smart card. The security system would then only have to compare the image on the card with the physical characteristic of the card carrier. This is the route being explored by the US military for its Common Access Card, a project Saflink is working on which will ultimately have four million users.

For IT systems, too, Mercredi said that there are compelling arguments for implementing a biometric system instead of passwords for access.Statistics show that the average company in the US loses $1.1m (£600,000) annually through unauthorised access to confidential data, usually from within the company. As firms implement ever more complex password systems support costs rise.

Typically it costs a company $300 (£180) a year per employee to deal with employees who forget their passwords and are locked out of the system. As passwords become more complex they start to write them on a note and stick them on their computer screen.

In these circumstances, a fingerprint recognition system – at around $70-$125 (£40-£75) per person for the hardware, and $40 (£24) for the software – could prove very cost-effective.

‘Biometrics are very secure – you can’t forget them or borrow someone else’s, and they’re hard to hack So security can be increased without inconveniencing the user,’ said Mercredi.

Fingerprint recognition is seeing wide adoption, but it doesn’t make sense for all environments. Iris recognition, for instance, is becoming important in areas such as healthcare, to get round the problem of gloved surgeons being unable to use fingerprint recognition systems.

‘Iris recognition is very good for identifying users from a high volume of people,’ said Mercredi.

‘Because the system compares 250 points on the iris rather than 25 using fingerprints, this makes it much more secure and significantly less likely to identify the wrong user based on the biometric alone. Fingerprint is better suited to environments where users must first identify themselves using an identification card or a user ID.’

Mercredi feels that biometrics definitely will be deployed on a large scale. As he pointed out: ‘The cost of iris recognition cameras and fingerprint scanners is plummeting. We don’t have any doubts that the technology is ready to do the job. It’s a question of people and politics.’

Prof. Pease admits that although most number plate recognition schemes are designed to operate locally, they could be linked for nationwide coverage. ‘The potential is enormous,’ he said.

He also feels mobile phones could be designed to double as personal alarms. ‘They could even photograph the offender and immediately download the picture to the user’s computer. That to me is a parable of how you can look at sexy technology such as biometrics and ignore things we could implement now.

‘We just can’t afford to miss these opportunities.’