by David Moss
October 2009

If our last two Prime Ministers are to be believed, and our last five Home Secretaries, the solution to all the problems of crime detection, counter-terrorism and the delivery of efficient public services is ... biometrics. They're certainly ladelling our money into biometrics. But no-one ever asks, do biometrics work?

Speaking at last week’s Biometrics 2009 conference in London, James A Loudermilk II (the man behind the FBI's Automated Fingerprint Identification System) outlined the plans for the future of biometrics at the FBI.

Under the Next Generation Identification initiative, an irisprint database is likely to be added to the FBI’s existing fingerprint and DNA databases. Fingerprints are likely to be supplemented with friction prints of other ridges, probably palmprints and maybe footprints. Voiceprints are being evaluated. Anything that can feasibly increase public safety.

What will not be added is facial recognition.

Facial recognition would be the killer application of biometrics, Mr Loudermilk told the hundreds of conference delegates. The FBI would love to be able to use facial recognition in their fight against crime. But they can’t. The algorithms just don’t exist to deliver the highly reliable verification required. That's what he said.

They have been evaluating facial recognition technology since 1963. They didn’t invest then. And they’re still not investing now.

The FBI may not be investing, but the Australian Customs and Border Protection Service are. They have installed smart gates at all their international airports. Australian citizens insert their ePassports into a reader, the picture is compared with their face caught on camera and the gate decides whether the two images match. The idea is to make it quicker for travellers to cross the border, while maintaining national security.

The UK are doing the same. The National Audit Office (NAO) reviewed our project to introduce ePassports, which we have been issuing since 2006, and said: "It is not yet clear whether increased security benefits will be delivered at border control". It still isn't clear. The only thing that is clear is that the FBI think it's a poor investment.

What is the return on this investment? According to the NAO, meticulously listed at Appendix 6 of their report, the Home Office's cost-benefit analysis revealed that ePassports would either cost the UK between £100 million and £344 million or save us £2 billion or they might only save us £89 million or they might actually cost us £98 million.

At Biometrics 2009, M. Antoine Tollet described the roll-out of smart gates, supplied by Sagem, at Australian airports. When asked from the floor what is the return on investment, he was clearer than the Home Office – border control staff reductions.

We're rolling out smart gates, too. The UK Border Agency (UKBA) promised to have them installed at 10 UK airports by 31 August 2009. Did they achieve that? Their Director of Identity Management, Mr Alex Lahood (a man whose civil service career to date seems to have been largely in the area of preventing alcohol abuse) told Biometrics 2009 that they have, indeed, achieved it. Why? What is the benefit?

If the FBI are right, then UKBA are wrong, and vice versa. Which is it?

There is a cornucopia of evidence to suggest that facial recognition technology cannot be used to verify identity. For example, in 2004, the UK Passport Service conducted a biometrics enrolment trial and found that the technology failed with 31% of the able-bodied participants and 52% of the disabled. It would be cheaper and more reliable to toss a coin.

But perhaps the technology has improved? We don’t know. UKBA haven’t published the results of their trials of smart gates at Manchester and Stansted airports. It’s the same with the Australians: “Customs refused to disclose the rates at which the system inaccurately identified people”.

We’re left guessing and betting and speculating whether our rulers know what they’re doing. It’s a strange way to be governed. Perhaps now, though, now that Mr Loudermilk’s torpedo has hit UKBA amidships and holed their credibility, the crew will feel motivated to justify the course they have set. After all, we do pay for their rations.

Meanwhile, the Identity & Passport Service (IPS) project to create a biometric National Identity Register proceeds. On 7 October 2009, Sagem issued a press release: "Sagem Sécurité will provide multibiometric facial and fingerprint recognition technology that was assessed for speed, accuracy and cost in competitive trials developed and run by IBM, using in excess of 10 million images. The technology will enable IBM to help IPS and the UK Border Agency to deliver the next generation of secure and reliable identity documents to British citizens, residents and people requesting asylum, while minimising the risk of fraud".

There is no published proof that facial recognition technology will "help IPS and the UK Border Agency". But we do know that the FBI disagree. Can the Home Office explain why the FBI are wrong?

And one other thing. Sagem issued a press release. IBM didn't. Neither did UKBA. Nor did IPS. It's a funny way to be governed, again, a strange way of keeping us informed what our masters are up to with our money. And our security.