P Protected biometrics for Identity Trust Protected biometrics for - - PowerPoint PPT Presentation

p protected biometrics for identity trust protected
SMART_READER_LITE
LIVE PREVIEW

P Protected biometrics for Identity Trust Protected biometrics for - - PowerPoint PPT Presentation

Dec 21, 2023 412 likes •627 views

P Protected biometrics for Identity Trust Protected biometrics for Identity Trust P t t t d bi t d bi t i t i f f Id Id tit T tit T t t RISE - Awareness of Biometrics and Security Ethics y By Nicolas DELVAUX

slide-1
SLIDE 1

P t t d bi t i f Id tit T t P t t d bi t i f Id tit T t Protected biometrics for Identity Trust Protected biometrics for Identity Trust

RISE - Awareness of Biometrics and Security Ethics y

By Nicolas DELVAUX nicolas.delvaux@sagem.com Hong-Kong, 5th of January 2010

DOCUMENT INTERNE - Equipe Marketing / 20 février 2010

slide-2
SLIDE 2

SAFRAN AT A GLANCE

An international high technology group

 More than 12 billion Euros sales in 2007 (At December 31, 2007)  58 200 employees in over 30 countries  58,200 employees in over 30 countries (At September 30, 2008)  Three branches of activity:

  • Aerospace propulsion
  • Aircraft equipment
  • Defense Security

Sagem Sécurité: worldwide leading positions

 Multi modal biometrics solutions  ID l ti  ID solutions  Biometric terminals (access control)  Automated fingerprint identification systems  Secure ID documents including biometric features (passports, H&ID cards, driving licenses)

1

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

slide-3
SLIDE 3

2

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

slide-4
SLIDE 4

Agenda

  • 1. An Identity use case - from Passport to e-Passport: a short survey1
  • 2. Identity : a new field for organised crime
  • 3. Biometrics for identity : strategies for trustworthy framework
  • 4. Conclusion

3

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

slide-5
SLIDE 5

An Identity use case - from Passport to e-Passport: a short survey

4

DOCUMENT INTERNE - Equipe Marketing / 20 février 2010

slide-6
SLIDE 6

Travel document : passport usage

 Process for identity verification:

1 T th ti t th t l d t i iti t 1. To authenticate the travel document: issuer, securities, etc… 2. To check document personalisation 3 To check the link between document data and holder 3. To check the link between document data and holder

 Majors identity’s issues j y

 Fake travel documents

 Genuine travel document with fraudulent personalisation  Stolen travel document with photo substitution Stolen travel document with photo substitution

 Impostor using similarity with the genuine travel document holder

5

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

slide-7
SLIDE 7

Challenging issues for checking process

Genuine document Facial similarity

6

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

slide-8
SLIDE 8

Identity on e-Passport: more authentication factors

ICAO 9303 introduces major updates

 El t i t th ti t th i t l d t d i f ti  Electronic: to authenticate the genuine travel document and information consistency by electronic signature  Biometrics features: face (M), fingerprint and iris to link the document and the holder

To know: PIN To be: biometrics

1 2 3 4 5 6

To have: token biometrics

7 8 9 * #

7

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

slide-9
SLIDE 9

Identity : a new field for organised crime y g

8

DOCUMENT INTERNE - Equipe Marketing / 20 février 2010

slide-10
SLIDE 10

Biometric authentication

 Biometrics technologies is not restricted to law enforcement

 Since 90’s: large scale civil application for civil registry, welfare, etc. Since 90 s: large scale civil application for civil registry, welfare, etc.

 Need for ID fraud prevention

 US: $50 billions / year (source: Javelin Strategy & Research Survey – 2007)  UK £1 7 billi /  UK: £1.7 billions / year (source: 2006 Home office report)  France:  France: € 6.2 Billions / year for welfare organizations € 474 Millions for 212,762 victims in 2008, (source CREDOC, June 2009)

9

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

slide-11
SLIDE 11

Biometrics as Security Enhanced Technology for Identity

 Identity management is a security target for the future  Biometrics: individual authentication or identification based on physiological / behavioral traits of individuals

 Many modalities : fingerprint, face, iris, vein, DNA..  Different performances and no « silver bullet » modality or technology  Common characteristics: Universality, Uniqueness, Permanence, Collectability y, q , , y

 As any stage, use of biometrics can potentially raise privacy & securiy concerns:

 Misuse / Abuse breach function Creep  Misuse / Abuse, breach,function Creep  Collected without consent: collected from a trace, from a data base,

 Nobody can revoke his/her biometrics

 Protection schemes are essential!

10 10

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

slide-12
SLIDE 12

ISO/IEC JTC1 SC37 Reference Architecture

Biometrics protection issues

Data Collection Data Storage Matching Decision

Comparison

Attacks

Presentation Matchi ng

Signal P i

Match?

Template T l t

Matching Score(s)

Identity Claim

Enrolment Database Candidate?

Compare

Presentation

Biometric Characteristics Template Creation

Processing

Template Match/ Non -match Features Threshold Candidate List

Sensor Quality Control Verified?

Decision Criteria Features Re-acquire

Segmentation Feature Extraction

Identified?

Compression

Sample Sample

Expansion

Verification Identification

p

Transmission

Transmission

Channel

Enrolment Verification Identification

11 11

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

slide-13
SLIDE 13

Biometrics for identity : strategies for trustworthy framework

13

DOCUMENT INTERNE - Equipe Marketing / 20 février 2010

slide-14
SLIDE 14

Biometrics protection: technological approaches Secure token

 Pros: an evaluated solution  Cons: what happens when Cons: what happens when token is cracked?

Cryptography

 Pros: reliable solutions  Cons: ready for all your live

Multi-modalities

 Pros: statics and dynamics mixture  Pros: statics and dynamics mixture  Cons: increase complexity only

Crypto-biometrics

 Pros: revocability capability  Cons: accuracy & irreversibility

14 14

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

slide-15
SLIDE 15

An implementation on bio-encryption

Fingerprint biometry biometry

Multivendor Generation of Multiple + revocable identities based on the Multivendor interoperability Minutiae Generation of protected pseudo identities identities based on the same fingerprint Minutiae Vendor A Minutiae Template protection Hash ID1 ID3 Minutiae Vendor B ID2

Identities are not invertible

15 15

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

slide-16
SLIDE 16

Biometrics protection: Legal Approaches

Solution providers in EU

 Needs more developments

EU: legal Data Protection framework

Needs more developments  Depending MS:

 from prior authorisation to simple notification

 Directive 95/46 on personal data protection

 Interpretation by DPA principles:  “PROPORTIONALITY PRINCIPLE”  Systematic warnings about biometrics d t b

protection  National transposition in (27) laws  different perceptions

 I t MS

databases

 Deployment discrepancy & different identity management  diff t l l f t t

 In most MS:

no specific provisions on biometrics

 Some MS:

biometric data as sensitive data

 different level of trust

biometric data as « sensitive data »

  • r only when reveal racial, ethnic
  • rigins or health

Needs of dedicated legal decision

16 16

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

slide-17
SLIDE 17

Principles of proportionality: uses cases

Time attendance Access control in sport stadium Access control in swimming pool At school (Fingerprint)

17 17

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

slide-18
SLIDE 18

Biometrics database: submitted to DPA decision?

18 18

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

slide-19
SLIDE 19

Conclusion

T d t t Id tit

Identity is a major value in society

To demonstrate Identity:

 Travel document: authentication factors by a token  Need of an additional authentication factor: biometrics modalities  Long-term mechanisms for a worldwide trust

N d f h i l d l l i h Needs of technical and legal consistent approaches

 Protect identity for citizen privacy  Protect identity for trusted relationship Protect identity for trusted relationship  Security against abuse, misuse and corruption of identity  Privacy and Security shall become “a positive-Sum Paradigm”

19 19

Sagem Sécurité / DTS / ND / RISE – 05 Jan 2010

slide-20
SLIDE 20

Th k f ti ! Th k f ti ! Thank you for your patience! Thank you for your patience!

Protected biometrics for identity trust y RISE - Awareness of Biometrics and Security Ethics

By Nicolas DELVAUX nicolas.delvaux@sagem.com @ g Hong-Kong, 5th of January 2010

20

DOCUMENT INTERNE - Equipe Marketing / 20 février 2010