COMMENTARY

A better approach to biometrics

Troy Potter, vice president of identity solutions at Unisys Federal Systems, previously served as deputy assistant director for identity services for the Homeland Security Department’s U.S. Visitor and Immigrant Status Indicator Technology program. Terry Hartmann is vice president of global security and identity solutions at Unisys.

For years, U.S. defense, law enforcement and civilian agencies have been implementing large-scale biometric solutions to identify criminals, enhance national security, and authenticate the identities of government personnel, contractors and citizens. The technology has now matured to the point where the federal government relies on it to mitigate the risks associated with personal identification.

But as the benefits of biometrics have become clear and the solutions more widespread, the government’s development and deployment of those solutions have become less efficient. Biometric solutions have typically been designed and implemented to meet the specific needs of a particular organization, purpose or even use case. That approach has resulted in a lack of flexibility that limits the potential value of the solutions and greatly increases the initial investment and the cost of future adoption.

Given today’s austere budgetary landscape, the government can no longer afford to build biometric solutions from scratch to address its broad range of current and future requirements.

The problem can’t be solved by consolidating solutions into one mega-system because that would inevitably compromise the solution’s ability to address particular use cases and business needs. Rather, it is most effective to start with a robust, reusable baseline solution as a foundation and customize it to meet specific needs, resulting in a more reliable and faster implementation phase.

Although the government has yet to take full advantage of it, the process of developing those biometric solutions has evolved internationally and commercially to apply a vendor-independent, scalable and repeatable service-oriented architecture (SOA) based on industry standards. The approach has several virtues: easier functional upgrades over time, adaptability for differing mission requirements, the ability to scale up as biometric enrollments increase, and the ability to interoperate and integrate with other national or international biometric systems — all while requiring less upfront investment.

For example, the government of Angola recently implemented a national identification system using fingerprint and face biometrics largely based on a solution already in place in other countries. It was developed using a library of distinct software modules that cover the entire identity management life cycle: biometric collection, enrollment, identification, verification, storage, expert examination, results, document production and document authentication.

Subsequently, Mexico deployed a vendor-neutral citizen ID solution based largely on those deployed in South Africa and Angola and paid roughly two-thirds less for its solution than it would have paid to build a system from the ground up. In addition, Mexico was able to field the system in well under a year, compared to the two years typically needed when using more traditional approaches.

Likewise, the U.S. government could reduce investment and maintenance costs by perhaps 50 percent while significantly reducing the time it takes to field solutions by reusing proven SOA-based solutions instead of following current approaches that reinvent the wheel to meet changing requirements.

The main barrier to the new approach is the mind-set that the unique nature of the applications of biometric solutions in the federal government — whether for national security, identity management or other uses — precludes the reuse of existing solutions from non-government programs.

Our experience has proven that the overwhelming majority of typical system requirements for biometric solutions can indeed be met by taking a commercial approach and reusing scalable, open architectures that adhere to industry standards. At a time when government is looking for ways to cut costs while continuing to address critical security needs, federal agencies should consider an approach that has already been proven elsewhere to achieve both objectives.

About the Authors

Troy Potter, vice president of identity solutions at Unisys Federal Systems, previously served as deputy assistant director for identity services for the Homeland Security Department's U.S. Visitor and Immigrant Status Indicator Technology program.

Terry Hartmann is vice president of global security and identity solutions at Unisys.

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • computer network

    How Einstein changes the way government does business

    The Department of Commerce is revising its confidentiality agreement for statistical data survey respondents to reflect the fact that the Department of Homeland Security could see some of that data if it is captured by the Einstein system.

  • Defense Secretary Jim Mattis. Army photo by Monica King. Jan. 26, 2017.

    Mattis mulls consolidation in IT, cyber

    In a Feb. 17 memo, Defense Secretary Jim Mattis told senior leadership to establish teams to look for duplication across the armed services in business operations, including in IT and cybersecurity.

  • Image from Shutterstock.com

    DHS vague on rules for election aid, say states

    State election officials had more questions than answers after a Department of Homeland Security presentation on the designation of election systems as critical U.S. infrastructure.

  • Org Chart Stock Art - Shutterstock

    How the hiring freeze targets millennials

    The government desperately needs younger talent to replace an aging workforce, and experts say that a freeze on hiring doesn't help.

  • Shutterstock image: healthcare digital interface.

    VA moves ahead with homegrown scheduling IT

    The Department of Veterans Affairs will test an internally developed scheduling module at primary care sites nationwide to see if it's ready to service the entire agency.

  • Shutterstock images (honglouwawa & 0beron): Bitcoin image overlay replaced with a dollar sign on a hardware circuit.

    MGT Act poised for a comeback

    After missing in the last Congress, drafters of a bill to encourage cloud adoption are looking for a new plan.

Reader comments

Wed, Feb 8, 2012 Bruce Brotman

all very nice but you have not addressed the persistent protection of the data while at rest over time as well as in transit.

Wed, Feb 8, 2012

SOA with CrossPlatform Interoperability would further enhance the solution to technically agnostic level wherein even the platform or software becomes independent on a plug and play mode.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group