All of us accumulate a lot of keys over time. We have locker keys, door keys, desk drawer keys, car keys, padlock keys, and keys that just appeared one day with no apparent use or function. If you have keys, you’ve probably lost keys, too. What if you had a key that was impossible to lose? That’s biometrics.
We’ve been using biometrics for over a hundred years to identify people. Fingerprints are the measurement that first comes to mind, but people are included or excluded from a sample of interest by more evident characteristics such as gender, hair and eye color, height and weight, and age. Some of these things can be changed at will, and other change over time all by themselves, but many key measurements remain constant.
A face changes with age, weight gain and loss, and when disguises or facial hair is added or removed. What doesn’t change are the distances between facial landmarks such as pupils, corners of the mouth, tip of the nose, and the polygons formed by drawing lines between these landmarks. Biometric facial recognition isn’t as unique as a fingerprint, but it will reduce the number of possible matches in the data pool to something manageable.
Voice Prints and Others
Other biometric methods are showing up as valid investigatory techniques. An al Qaeda bombing plan was foiled when telephone conversations monitored by GCHQ in the United Kingdom revealed plans to strike at targets in Europe. GCHQ identified the plotters from a database of voices of known terrorists. Before the bombing missions could be carried out, the terrorist planners in Pakistan received special greetings delivered by U.S.-controlled UAVs. Another case was the arrest of a Columbian recreational pharmaceutical entrepreneur named Juan Carlos Ramirez Abadia, who resorted to plastic surgery and false identities to evade capture. When the DEA matched his voice to a recording made by Columbian authorities, he was identified and taken into custody.
Other biometric methods use the pattern of colors and shapes in the iris of the eye, the geometry of fingers and hands (the relative length of three or more fingers), and the pattern of veins in the fingers and hands to distinguish one person from another. Iris patterns, like fingerprints, are supposedly unique to an individual, but voiceprints, vein patterns, hand geometry and facial characteristics are shared with others.
Over-relying on any one technology invites problems. Law enforcement has long held fingerprints to be the gold standard of identification, despite the lack of an established specification of how many “points” are required for a positive match. In 2004, Oregon attorney Brandon Mayfield was arrested when a print found on evidence in a subway bombing in Madrid was matched to his tenprint card. In court, he showed that the match was “slight” and for the wrong finger. He collected $2 million in damages, but I’m not sure I would regard that as a fair trade for living a nightmare as an accused international terrorist.
Inherently Fallible
A new book on biometrics describes the state of the art and appropriate uses for it, but cautions that, “Human recognition systems are inherently probabilistic, and hence inherently fallible.” That holds true for any tool offered up as the magic bullet. There’s a reason that patrol officers carry multiple tools on their Sam Brownes, and that those tools have changed over the years. It doesn’t matter that you’re a master marksman with your sidearm, a Kendo black belt with your baton, and an international trainer with your TASER. Sometimes those tools just aren’t the right ones for the situation, and you have to resort to something else.
Biometrics have a place in law enforcement and security, but only when combined with other tools and techniques. If your fingerprint examiner says your latents are a match to Bad Guy A, but Bad Guy A just doesn’t seem to fit the situation, look harder. Don’t ever hang your case on a single technological hook.
