4.7 Identification errors and the national database
The UK identity card scheme, and similar schemes in many other countries, is based on the idea of creating a national identification register. This is a database that will have templates of biometric data from all citizens. In the UK, the proposal is to have a photograph, some fingerprint data and iris scans from each citizen. There will also be other data in the register: name, address, national registration number, and much more besides. Identity cards will be issued only to people who are enrolled in the national identification register. This latter point is crucially important to the system envisaged for the UK.
Much of the controversy about identity cards relates more to this national database of personal data than to the cards themselves. In the next few activities, you will be looking at extracts from an article by Roger Dettmer that looks at the practicalities of creating a national identification register. As you will see, Dettmer is essentially concerned with identification errors, and his observations apply equally to any national-scale identification system.
Click on 'view document' below to read the first part of the article 'Safety in Numbers' (with thanks to R. Dettmer).
Activity 21 (self-assessment)
Read the extract from Dettmer (2004). Note that in this and subsequent extracts you might not be able to understand all the details, but you will probably be able to follow the argument.
Briefly explain why Dettmer sees false negative identification as a security problem, whereas false positive identification is not. Remember that false negative identification is failure to recognise someone already enrolled. False positive identification is misidentifying one person as another.
Why does usability require a low probability of false positive identification?
False negative identification error enables someone to re-enrol in the system under a new identity, and thereby get a second identity card. This possibly enables fraudulent use of services and is a security problem. False positive identification means (in this context) that an applicant is wrongly thought to have already enrolled. A new identity document will not be issued until the applicant can prove his or her true identity by other means. False positive identification is not a security risk because no new documents are issued until the confusion is resolved.
False positive identification creates extra work for the operators of the system sorting out the misidentification. Therefore a usable system should have a low probability of false positive identification.
Reading technical articles
The Dettmer extract for the last activity was quite short, and perhaps did not cause you undue trouble. The extract in the next activity is longer and might not be so straightforward.
It is easy to get demoralised if you are reading a technical article and find it hard going. If that is how you feel, you are in good company. Very few people find technical articles easy to read, and few experts would expect to be able to understand everything in an article. In fact understanding an article is not an 'all or nothing' business. There are degrees of understanding, and for many experienced readers understanding is approached by stages. Very often the first read through is quick, to get a general impression. On the basis of that, there's a decision to be made: Do I persevere, or have I got everything from the article I want to get from it at the moment? If the decision is to persevere, then the next reading is more methodical. One of the jobs on subsequent readings is to isolate the parts that are hardest to understand. You might even need to go to other articles on the same subject to see if they have another approach that makes more sense to you. Alternatively, you might need to spend time thinking about what you have read and rephrasing it in your own words.
I am not expecting you to go looking for other articles on this subject, nor to spend a long time thinking about it. The important point to remember is that it is normal not to understand everything in an article like this. However, here are a few tips to help you.
Generally each paragraph is making one main point, or maybe just a few related points. Try noting these down.
The overall argument is usually carried by the main points, rather than the details, so try to see the story that the main points are telling.
The last one or two paragraphs often contain the major points the author wants to make. It is all right to read those first, and to use that information to fill in some of the parts you are struggling with.
Often if you reread an article after a gap of a day or two, parts that were difficult to understand turn out not to be so difficult after all.
For the next extract, you need to know the meanings of a couple of the terms Dettmer uses. A one-to-one comparison is when you compare one piece of data with another. In this context, those pieces of data are biometric data. A one-to-many comparison is when you compare one piece of data with many others. In this context that might be when you compare a piece of biometric data with all the templates in a database.
Click on 'view document' to read the next extract from the article (with thanks to R. Dettmer).
Activity 22 (self-assessment)
Now read the second extract from Dettmer (2004), and answer the following question: Why does Dettmer say that a biometric identity system will need to be based on taking iris scans from both eyes, or fingerprints from eight fingers?
Iris scans from a single eye, or fingerprints from a few fingers, do not give a sufficiently low false match rate. Using both eyes, or more fingers, improves the false match rate to a suitable value for a practical system.
Before we look at a final extract from Dettmer, I want to make a short detour into verification. This is because documents such as identity cards, passports, driving licences and the like are, strictly speaking, for verification of identity rather than for identification. Increasingly these documents have biometric data in memory chips incorporated in the document.