Feds aim to make biometrics useful

Related Links

"Eye on biometrics"

The National Institute of Standards and Technology is working with other federal agencies that will develop an independent test to help agency officials determine if their commercial biometric fingerprinting systems are accurate and reliable.

Agencies are most interested in fingerprint technology — the most established form of biometrics — although facial recognition and iris scanning are not far behind. But the commercial solutions vary widely in both accuracy and reliability, which is why independent tests are needed, said Martin Herman, chief of NIST's Information Access Division in the Information Technology Lab.

Numerous factors can affect the reliability of fingerprint biometrics, such as the quality of the original scan and of additional scans, and the changing conditions in which they are taken.

"It's extremely tricky because it depends so much on the quality of data that you're using," Herman said. "If you can control the quality of the data collected, that makes a huge

difference."

Developing standards for biometric data collection is only one of NIST's current projects. The goal is to improve the likelihood that agencies will be able to rely on biometrics.

Most agencies are investigating the use of biometrics as part of a larger authentication and authorization infrastructure. This includes the Homeland Security Department's U.S. Visitor and Immigrant Status Indicator Technology (US-VISIT) program, which launched in January, and the Department of Veterans Affairs' enterprisewide deployment of smart cards, which begins in July.

The White House's Office of Science and Technology Policy coordinates much of the biometric work governmentwide through its Interagency Working Group on Biometrics, chaired by Kevin Hurst, a senior policy analyst in the office.

Subgroups of the working group are drafting plans to improve the interface for biometric systems to address the legal, privacy and policy issues. They also are developing an international testing and evaluation structure "to be able to include some consistency and make biometrics a science rather than an ad hoc collection of vendor products," Hurst said.

The plans will be available on the Biometrics Catalog Web site within the next three to four months, he said.

One of the top priorities of the working group is to figure out how to fuse different biometric data, often called modalities, within a single multimodal solution. Using more than one biometric tool raises the authentication level, and officials know that every biometric can be imitated.

"Each type of biometric definitely has its pros and cons," Hurst said. "One idea that we're looking at then is to combine multiple biometrics."

For the US-VISIT program, DHS officials are requiring two fingerprints for visas. In the future, however, they are looking to use multiple biometrics, according to undersecretary Charles McQueary, testifying before a House subcommittee last month. DHS, which has a close relationship with NIST, will be helping officials determine which biometric types would best serve the program's needs, he said.

VA officials will start their smart card program this July, issuing cards to more than 500,000 people, including employees, contractors and doctors, said Fred Catoe, program manager for the department's

authentication and authorization infrastructure project.

Right now, the smart cards simply hold biometric information for a subset of users, because not everyone needs the higher level of security afforded by biometrics on top of a digital certificate, Catoe said.

The difficult decision that VA officials face is which biometric solutions to use, he said. Officials are evaluating fingerprint and iris scan solutions, and they are also involved with the initiatives under way at NIST to make sure that whatever technology officials choose fits with governmentwide standards, Catoe said.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.