AllevaTe LimIted

Applied Identity


Allevate Blog

T: +44 20 3239 6399


Watch a video on the MXSERVER Media Exploitation System

Video:Enhancing Public Safety with Automated Media Analysis


Allevate Presents MXSERVER from Tygart Technology

Security concerns are increasing. Incidents of public disorder and organized crime are on the rise.

The challenges for security services grow more complex. The 7/7 and Boston bombings vividly illustrated the impact of smaller, less sophisticated and more fragmented extremist activities.

Simultaneously, Governments are implementing the most severe budget cuts of recent times. In this landscape, technology can play an increasingly vital role in more efficiently enhancing public safety.

Our security services are faced with a relentless increase in digital media – from police body cameras , online sources such as Facebook and YouTube, confiscated phones and computers and, increasingly, “crowd-sourced” from members of the public.

Allevate is offering MXSERVER from Tygart Technology, a solution that can ingest, analyse and index huge quantities of video and photo media – identifying and highlighting useable intelligence. Trained investigators are freed to intelligently apply their skills without having to view countless hours of media.

Working with Allevate, our security services can more efficiently enhance public safety. We help unlock the intelligence within the vast amounts of media available to police faster than ever before, freeing them to focus on what they are trained to do best – solving and preventing crime and terrorism.

Posted by allevate at 11:16 Comments disabled

Allevate is Pleased to be Presenting at the 2014 Counter Terror Expo Conference

… in the Practical Counter Terrorism Conference, Day 2, 301th April, 2014


Countering the Terrorist Threat via Digital Media Analysis

  • Exploiting digital media to enhance public safety whilst reducing operational budgets
  • Easy and cost-effective routes to access the intelligence in digital media held by law enforcement and intelligence agencies
  • Using face recognition technology to depict individuals of interest


Posted by allevate at 8:11 Comments disabled

Allevate Seeking UK Policing SME to Join Our Team as an Associate Partner

Our enhanced team fully integrated and functioning well! Now looking to further expand the team with a senior policing subject matter expert, suited to a retired senior UK police officer looking to get involved in an exciting new public safety venture with a strong passion to continue to make a difference and improve the safety of society. 


Posted by allevate at 7:33 Comments disabled

Biometrics 2013: Privacy at the cross road: A debate on frameworks

Allevate’s Carl Gohringer is pleased to be participating as a panellist at this week’s debate at Biometrics 2013 on privacy within the context of biometrics.

Tuesday 15th October, 1600, Queen Elizabeth II Conference Centre, London, UK


Privacy at the cross road: A debate on frameworks
As biometrics become part of our daily lives, the issue of privacy and the protection of personal identifiable information (PII) such as biometric data is beginning to take centre stage.

There will be an exciting opportunity for anonymous audience participation via mobile devices.

This debate will review the pressing issues with respect to privacy and the role of the biometrics industry in it.

The audience will hear the views of prominent privacy experts that will explain what is at stake and why legal frameworks have been difficult to develop so far, and also from industry experts who will give the market perspective and the industry concern regarding the chilling effect of over-reaching privacy legislation.

Delegates will also be invited to play an active role in what promises to be an exciting dialogue on the future of privacy and the role of the biometrics industry in it.


Posted by allevate at 9:41 Comments disabled

Article: Intelligence and Efficiency through On-Demand Media Analysis using Face Recognition

You can download a PDF copy of this article by clicking this link.

 Western governments are implementing the most severe budget cuts of recent times. Against this backdrop, threats from terrorism, organised crime and public disorder continue to rise. Yet recent statistics in the UK demonstrate that authorities can remain resilient and still ensure law-and-order. The targeted application of technology can further increase resilience and the readiness to respond to major events. The relentless advance in the accuracy of face recognition technology, increase in the availability of digital media and mass availability of cheap computing power now provide unique opportunities to meet challenging budgets by drastically enhancing the operational efficiency of forensic investigators while even further enhancing public safety. Digital media can be bulk-ingested in an automated fashion to be processed in a cloud computing environment to identify and extract potential actionable intelligence. Processing is continuous, consistent and predictable. Multiple identification technologies can be deployed and the most suitable algorithms integrated to meeting evolving requirements. Analysts can now focus on investigating and confirming suggested results rather than having to manually watch countless hours of media in the hope of stumbling across the required information. Expanding beyond traditional sources of media is increasingly being accomplished by engaging the public and crowd-sourcing intelligence in response to incidents.

Having previously written on the subject of the application of face recognition in airports[i] and privacy concerns of face recognition when used by retail[ii], this article focusses on the application of face recognition to support bulk processing of media by what has traditionally been the first and thus far most proliferate user of biometric technologies: law enforcement. The convergence of multiple advancements now provides a whole new set of opportunities to use identification technologies in manners that provide benefits that are only now being realised.

1.A Need for Enhanced Safety and Operational Efficiency

Governments across Europe are in fiscal crisis. Austerity is the order of the day and public budgets are being slashed. Against this backdrop, security risks are continuously increasing. The threat from terrorism, organised crime and public disorder is not abating. Indeed, as reported by the BBC News on the 17th July 2013[iii], the threat landscape is “substantial” and becoming ever more fragmented, consisting of a greater number of smaller and less sophisticated plots.

However, the UK’s police forces have demonstrated that it is possible to maintain and even improve upon public safety despite the relentless pressure of austerity. Recent reports indicate that crime in the UK is at an historic low, being at its lowest level since 1981 [iv]. As always, it appears that necessity is the mother of invention and it is likely that technology is playing an innovative role in improving police efficiency.

What is not apparent from these recent reports, however, is the current level of readiness to respond to a major event. Indeed, the UK’s Police Federation, the body representing rank and file police officers, warns that the police “could not handle more riots”[v] after the budget cuts and Her Majesty’s Inspectorate of Constabulary (HMIC) warns that neighbourhood policing risks being “eroded”. [vi]

There is a need to enhance public safety whilst reducing public operational budgets.

2. A Relentless Increase in Digital Media

The increase in the creation of digital media is relentless. Law enforcement and intelligence agencies have amassed large collections of biographical, video and photographic information from multiple sources such as:

  • Computer hard drives.
  • Mobile phones and portable cameras.
  • Flash memory devices.
  • Online sources on the Internet such as Facebook and YouTube.

Additionally, when tragic events or social disorder occur, investigators have a long and arduous task of reviewing countless hours of CCTV footage, generally with a varying degree of concentration and scrutiny.

A solution that minimises manual effort in the extraction of actionable intelligence from amassed media by automating this process with a consistent and repeatable level of scrutiny will deliver concise and consistent information in a fraction of the time taken by operators undertaking the task completely manually.

3. An Automated Media Processing and Exploitation Solution

Police, intelligence and other public order agencies would benefit from the application of a powerful media processing solution designed to process, ingest, analyse and index in an automated fashion very large quantities of photographs and videos to transform them into usable assets. 

Allevate is offering MXSERVER[vii], already operationally proven with US Federal agencies, to EU agencies to address the issues raised in this article.

Such an automated solution ingests and processes media from multiple sources. Once processed, law enforcement agencies can analyse and make use of the extracted assets and manage them in a centralised repository of information. Data links, associations and metadata inferences can be managed across the whole dataset by multiple users from a single common user interface. Backend processing services are run in a cloud-computing environment, the capacity of which can be configured and incrementally scaled up and down to meet an organisation’s changing demands; peaks arising from specific events can be easily accommodated.

Features include:

  • Automatically find, extract and index faces to enable biometric and biographic searching of media.
  • Create and manage watchlists of people of interest via a web-based interface.
  • Find and cross-reference all media instances in which a person of interest has been seen.
  • Identify, locate, and track persons of interest, their associates and their activities across all media.
  • Discover, document and view links between people of interest, their activities and networks.
  • Use of metadata (including geo data) in the media to enhance investigations and association of data.
  • Integration into existing system environments, databases and components via a flexible API.


3.1  Incorporating Other Detection Capabilities

In addition to face detection and recognition, other detection engines can be incorporated, such as:

  • Automatic Number Plate Recognition. (ANPR)
  • Voice Biometrics.
  • Object / Logo Recognition.
    (Other identifying features can be used to track individuals through other processed media.)
  • Scene Recognition
    (Identify similarities in the entire frame, often used in child-exploitation investigations)

Vendor independence allows the use best-of-breed algorithms.

3.2  Biographic Filtering and Fuzzy Match Capability

Forensic investigations are complex and require a holistic view of all available data. This involves not only analysing media, but making full use of all textual and biographic data available as well. This can include text from files recovered from hard drives and other storage devices, online sources, metadata associated with photo or video files and data entered by investigators during the investigation.

Traditional Boolean search techniques only work within a black and white, true and false paradigm. More applicable within a complicated forensic analysis are techniques that use advanced “fuzzy” algorithms that to calculate similarities and aggregate match scores using multiple criteria to enable a “shades of grey” analysis.

Such an approach can fuse match scores across multiple disparate search criteria and even allows for fusion and aggregation of search results across multiple biometric and biographic criteria.

The use of media metadata and other biographic data further refines biometric matching.

3.3  Working with Geo-Location Data

An ever-increasing amount of media available to investigators is captured on mobile devices and cameras affixed with location determining technology. This includes media obtained from CCTV, confiscated hardware and devices, online sources and voluntarily made available by members of the public. The majority of the time, this geo-location data is incorporated into the media metadata, thereby providing significant potential to further enhance the analysis of the media. For example, geo-location can be used to:

  • Compartmentalise and refine analysis by location of where the media was created.
  • Overlay location of proposed matches onto maps.
  • Chart movements of individuals of interest by location and time of sightings.
  • Link individuals at the same location and time even if they do not appear together in media

3.4  Architecture and Integration with Existing Systems

There are significant similarities in organisation and methods of operation in many western law enforcement agencies facilitating increased levels of co-operation. Operational systems should support full control of information and data as well as have sufficient in-built flexibility to enable authorised data exchanges.

In addition to utilising COTS components, adhering to common standards and being cloud-architected to enable massive scalability, a well delineated scope of functionality and open API enables:

  • Flexibility in customisation and integration with existing systems and workflows.
  • Well-defined mechanisms of loading data and automating ingestion of media for processing.
  • Dynamic alteration and sharing of watchlists, media, system-generated results and operator analysis.

3.5  Hosting, Cloud and Virtualisation Options

Full architectural flexibility enables flexibility of hosting options. Organisations can elect to:

  • Take advantage of IaaS and SaaS options on cloud offerings.
    (UK accreditation of IL0 to IL3 is available via hosting partners)
  • Fully host the solution on their own private and secure premises and datacentres.
  • Deploy in a hybrid manner.
    (Thereby taking advantage of external processing power whilst retaining the most secret data) 

3.6  Working Hand-in-Glove with Trained Forensic Investigators

The human operator will always remain the critical and essential part of intelligence analysis; media analysis solutions are not designed to replace the intricate skills and knowledge of trained investigators. Rather, the operator is enabled to intelligently direct and apply their extensive training at suggested results, eliminating the necessity of rote viewing of countless hours of media either in a sequential our random fashion.

Integration of enhanced verification, charting and mapping tools enables operators to conduct detailed analysis of suggested matches and identifications to confirm or deny them.

4. Potential Use Cases

There are myriad different applications of a solution architecture as described herein within military, law enforcement, intelligence and public site security agencies. These are summarised into three broad categories:

4.1  Time Critical Investigations, Media of Critical Importance

In certain major incidents, timeliness of response is of the essence. Authorities need to quickly process evidence to identify and apprehend individuals. The scale of the investigation is often huge and the amount of media that needs to be processed massive. Examples include terrorist events such as the recent Boston bombing and the Woolwich attack in South London.

Often, the media acquired in these instances is of such critical importance that the authorities may choose to review it all in its entirety, frame-by-frame. However, in the early stages after the incident, decisive and immediate action is critical. Rather than having to sift through the media in a random or sequential fashion, a media analysis solution can quickly direct the investigators to the portions of the media that are most likely to deliver immediate results. Full review of the media can be conducted during subsequent stages of the investigation.

4.2  Bulk Ingestion of Media Arising from Criminal Investigations

During routine operations or specific criminal investigations, authorities may recover significant quantities of media on confiscated hard drives, mobile phones, flash / thumb drives and other sources that need to be processed to either further the investigation or to assist in building an evidence base for criminal prosecution.

Examples include:

  • Military or counter-terror officers raiding terrorist training facilities.
  • Specialist organised crime investigators raiding the offices of organised crime syndicates.
  • Child protection officers raiding premises of individuals or organisations involved in child exploitation.

This media can be bulk ingested in an automated fashion to provide the investigating officers an overall summary of the contents including focus areas for further investigation.

4.3  Continuous Background Processing of Media Sources

Authorities may as a matter of routine have access to masses of media which may contain actionable intelligence, but typically would never be viewed or processed due to a lack of resource and the time consuming nature doing so. Examples include:

  • Media from specific cameras installed at high-profile or sensitive locations.
  • Media from known or suspect online sources or accounts from social media sites.
  • Media made available to the authorities by the general public.

Intelligence in these sources may be missed entirely and never acted upon.

This media can now be bulk ingested and processed in an entirely automated fashion to flag any relevant intelligence, using operator controlled criteria, to the authorities as required for follow-up processing.

5. A Compelling Business Case

The solution and optional IaaS / SaaS components can be made available on a monthly service-charge basis, thereby requiring a minimal capital outlay and enabling a compelling operating expenditure business model.

Whilst the human operator is an essential part of intelligence analysis, an entry level solution empowers the analyst to process up to an order of magnitude more media on a daily basis. This enables trained operators to apply their expertise and training by focussing on the analysis of results generated by the solution in a more focused effort than manually watching hour upon hour of media.

Efficiency is dramatically boosted by bulk processing media 24×7 at a constant and predictable level of focus and accuracy: operational staff can focus on analysing results.

6. Engaging the Public to Crowd-Source Media to aid Investigations

Increasingly, especially from crowded public events, authorities are making greater use of media captured intelligence in the form of photographs and videos that have been recorded by members of the public.

With the advent of smartphones, almost everybody has a high quality camera in their pocket.

Most members of society would welcome the opportunity to assist the authorities with their investigations, but often do not know how or are fearful of being involved.

Allevate’s proposed PublicEye service is aimed at empowering the public to take a greater collective social responsibility and assist law enforcement in much the same manner as the phenomenally successful CrimeWatch. It enables members of the public to (at their discretion) upload media directly from their mobile phone or other internet device to a public portal for processing and dissemination to the relevant authorities.

A PublicEye portal could be used:

  • In response to appeals by the police to the public who were present at an event or disturbance.
  • When individuals witness a crime being committed.
  • Upon suspected sightings of missing persons or individuals wanted by the authorities.

A PublicEye enables the authorities to crowd-source media to augment their own sources.

7. Summary

In the UK, MXSERVER is available on the G-Cloud catalogue [viii]which is designed to provide a streamlined process for buying ICT products and services as a commodity without having to invite tenders from suppliers.

Security concerns are ever increasing. However, public budgets are being slashed. Law enforcement agencies are rising to the challenge of implementing budget cuts partly through the focussed application of technology. The accuracy of face recognition has increased dramatically over the past 10 years. This, coupled with the massive increase in the creation of digital media and the availability of cheap computing, now provides authorities with the ability to bulk ingest and process media in an automated fashion. Results are continuous and predictable. Trained analysts can now focus their skills on investigating suggested results and on intelligence extracted by automated systems. Not only does this provide the ability to process critical media even faster than ever before to respond time critical investigations, but it also enables authorities to extract intelligence from media sources that in the past may never even have been looked at because of the significant resource this previously would have entailed.

Additionally, the availability of smartphones means almost everybody is carrying in their pocket a high quality camera. The ability to process media rapidly and cheaply means the authorities will be able to, on a continuously increasing basis, engage with members of the public to crowd-source media in response to major investigations.

8. About the Author

Carl is the founder of Allevate Limited (, an organisation that works with law-enforcement, intelligence and government agencies to enhance public safety by ensuring positive identification through the application of biometric and identification technology. With over 20 years’ experience working in the hi-technology and software industry globally, he has significant experience with identification and public safety technologies including databases, PKI and smartcards, and has spent the past 10 years enabling the deployment of biometric technologies to infrastructure projects. Carl started working with biometrics whilst employed by NEC in the UK and Allevate subsequently supported NEC’s global and public safety business internationally.

Residing in the UK since 1993, Carl was born and raised in Canada and holds a Bachelor of Science Degree on Computer Science and Mathematics from the University of Toronto.

You can download a PDF copy of this article by clicking this link.

 Follow us on Twitter: @Allevate

2,774 words


[i] Allevate, July 2012:

[iii] BBC News, 17th July 2013


[viii] The UK’s G-Cloud Programme is a cross government initiative led by Andy Nelson (Ministry of Justice) supported by Denise McDonagh (Home Office) under the direction of the Chief Information Officer Delivery Board as part of the Government ICT Strategy.


Posted by allevate at 12:01 Comments disabled

Find People Fast in Media using Cloud-Based Face Recognition during Forensic Analysis

When tragic events or social disorder occur, forensic investigators have a long and daunting task of reviewing countless hours of CCTV footage. Increasingly, especially at public events attended by large numbers of people carrying mobile phones with HD cameras, authorities rely on  members of the public to turn in photographs and videos they have taken in the hope that they will contain useful intelligence. Much of this media is already uploaded to public sites such as Facebook and YouTube, providing another rich source of information.

Additionally, police have to review countless hours of media obtained from confiscated computer hard drives, mobile phones and portable cameras and flash memory devices.

Face Recognition?

All of this creates a significant resource burden;  this footage must be watched by people. The application of face recognition technology can play a crucial role in identifying potential suspects.

An Automated Media Processing Cloud

A solution to automate the processing of this staggering amount of media to quickly and efficiently unlock actionable intelligence is required to save significant time and human capital. The ability to automate this would allow the more efficient application of resources as well as massively speed up time-critical investigations.

However, the need goes far beyond the simple application of face recognition technology.

What is needed is a server-based system that can process vast amounts of media quickly to transform files from  mobile phones, flash memory devices, online sources, confiscated computers and hardrives and video surveillance systems into searchable resources. This would enable forensic investigators to work more efficiently and effectively by automatically finding, extracting and matching faces from very large collections of media to discover, document and disseminate information in  real-time.

Such a powerful video and photograph processing architecture should automatically ingest, process, analyse and index hundreds of thousands of photographs and videos in a centralised repository to  glean associations in a cloud environment. Instrumental would be the ability to:

  • Automatically find, extract and index faces to enable  the biometric and biographic searching of media.
  • Create and manage watchlists of people of interest via a web-based interface.
  • Find all instances of photos and videos where a person of interest has been seen.
  • Quickly review and process  media to identify, locate, and track persons of interest, their associates and their activities.
  • Discover, document and diagramtically view  associations between people of interest, their activities and networks.
  • Use media meta-data to geotag video footage and watchlist hits and overlay and present on maps.

Public Facing Cloud-Service to Crowd-Source Media

Finally, a public-facing interface to such a system would enable members of the public to upload their media in a self-service manner to enable quick and ready access by the authorities to this raw data for automatic processing.

Enhance Public Safety and Reduce Budgets

Read about how MXSERVER addresses the AMAIS space (Automated Media Analysis for Intelligence Searching)

This solution is now available to UK public sector on the Government Procurement Service CloudStore – G-Cloud iii Framework as a commodity from the catalogue without having to invite tenders from suppliers.


Posted by allevate at 9:00 Comments disabled

Enthused and Excited

Had a fantastic 2 day workshop / strategic planning session at the Lensbury Conference Centre (excellent facilities) with my business partners.

Hugely excited, enthused and very much looking forward to announcing their participation and our plans moving forward.

Posted by allevate at 10:21 Comments disabled

Could Automating Media Processing Aid the Forensic Investigation into the Boston Marathon Bombing?

The horror of the events at the marathon in Boston 2 days ago is still very raw. People are united in their sympathy for the victims and their families, their revulsion of these despicable acts and their solidarity in not succumbing to terror. The FBI vows to “…go to the ends of the Earth to find the bomber” with President Obama openly stating the “…heinous and cowardly…” event to be “…and act of terror”.

The investigation into the bombing is in its nascent phases, with the Boston Police Commissioner Ed Davis admitting that they are dealing with the “…most complex crime scene that we have dealt with in the history of our department.” Still, authorities are already honing in on crucial evidence and beginning to release details; BBC news reports that a source close to the investigation told AP news agency that the bombs consisted of explosives placed in 1.6-gallon pressure cookers, one with shards of metal and ball bearings, the other with nails, and placed in black bags that were left on the ground. Images of what appear to be a trigger mechanism have already been released.

Face Recognition?

Forensic investigators have a long and daunting task ahead of them with countless hours of CCTV footage to  pore over, and some people are already suggesting that the application of face recognition technology can play a crucial role in identifying potential suspects. However CCTV footage, especially from older systems that have not been specifically configured for the task, is notoriously unreliable as a source for face recognition.

Perhaps more useful at an event attended by so many, most of whom will have been carrying and using mobile phones and cameras, is the footage acquired by members of the public. Images and video captured by these high-quality devices will potentially be of much greater use than CCTV and authorities have appealed for people to turn in photographs and videos they have taken in the hope that they will contain useful intelligence. Much of this media will already have been uploaded to public sites such as Facebook and YouTube.

 An Automated Media Processing Cloud

A solution to automate the processing of this staggering amount of media to quickly and efficiently unlock actionable intelligence is required to save significant time and human capital. The ability to automate this would allow the more efficient application of resources as well as massively speed up a time-critical investigation.

However, the need goes far beyond the simple application of face recognition technology.

What is needed is a server-based system that can process vast amounts of media quickly to transform files from  mobile phones, flash memory devices, online sources, confiscated computers and hardrives and video surveillance systems into searchable resources. This would enable forensic investigators to work more efficiently and effectively by automatically finding, extracting and matching faces from very large collections of media to discover, document and disseminate information in  real-time.

Such a powerful video and photograph processing architecture should automatically ingest, process, analyse and index hundreds of thousands of photographs and videos in a centralised repository to  glean associations in a cloud environment. Instrumental would be the ability to:

  • Automatically find, extract and index faces to enable  the biometric and biographic searching of media.
  • Create and manage watchlists of people of interest via a web-based interface.
  • Find all instances of photos and videos where a person of interest has been seen.
  • Quickly review and process  media to identify, locate, and track persons of interest, their associates and their activities.
  • Discover, document and view  associations between people of interest, their activities and networks.

Finally, a public-facing interface to such a system would enable members of the public to upload their media in a self-service manner to enable quick and ready access by the authorities to this raw data for automatic processing.


Posted by allevate at 1:04 Comments disabled

Unlocking Intelligence from Multi-media

Driven by growing security concerns arising from increasing terrorist attacks, racial and ethnic disturbances, organised civil unrest, random violence, riots, burglary and physical assaults, the global market for the face and voice biometric technologies is projected to reach US$2.9 billion by the year 2018.

Across Europe, governments and law enforcement agencies are increasingly impotent in their ability to combat a deterioration in public safety. The economic crisis that is increasingly fueling public disorder is also paralysing our police and intelligence agencies with draconian budget cuts.

Having previously invested heavily in infrastructure, these agencies have at their disposal huge volumes of data in the form of media, but have no way to unlock the potential intelligence bonanza it contains. Vast sums are being spent allocating experienced and expensive human capital to rote tasks of watching countless of hours of media in the hope of randomly finding useful information.

A solution to automate this processing to quickly and efficiently unlock actionable intelligence from this staggering amount of data is required. The potential to improve public safety whilst simultaneously enabling the more efficient use of our public finances is huge.

Posted by allevate at 11:38 Comments disabled

Very Pleased to Join the Planet Biometrics Expert Advisory Panel

Very Pleased to Join the Planet Biometrics Expert Advisory Panel.

Posted by allevate at 3:53 Comments disabled

Article: Face Recognition in Retail: Profit, Ethics and Privacy

You can download a PDF copy of this article by clicking this link.

The accuracy of face recognition has increased dramatically. Though biometric technologies have typically been deployed by governments and law enforcement agencies to ensure public, transport and border safety, this improvement in accuracy has not gone unnoticed by retailers and other commercial organisations. Niche biometric companies are being snapped up by internet and social media behemoths to further their commercial interests, and retailers and other enterprises are experimenting with the technology to categorise customers, analyse trends and identify VIPs and repeat spenders. Whilst the benefits to business are clear and seductively tantalising, it has been impossible to ignore the increasing murmurs of discontent amongst the wider population. Concerns over intrusion of privacy and the constant monitoring of our daily lives threaten to tarnish the reputation of an industry which has endeavoured to deliver significant benefit to society through improved public safety. Can the industry be relied upon to self-regulate? Will commercial enterprise go too far in their quest to maximise profits? How far is too far? How can organisations ethically make use of face recognition technology to increase efficiencies and drive revenue, whilst respecting and preserving privacy and maintaining the trust of their clientele and society?

Having previously written on the subject of the application of face recognition in airports as applied by law enforcement and border control, this article looks at the increasing exploitation of the technology for commercial advantage. As well as contrasting the different use-cases defined by commercial exploitation versus public safety applications, this article also touches upon the very different agendas of those using the technology and the privacy issues that arise.

1  Advances in Face Recognition Technology

Face recognition is increasingly transforming our daily lives. A study by the US National Institute of Standards and Technology (NIST) in 2010 demonstrated that the technology has improved by two orders of magnitude in accuracy over 10 years and further tests currently being conducted by NIST are expected to demonstrate its continued relentless advance. Those interested in reading of these astonishing improvements are encouraged to refer to “Advances in Face Recognition Technology and its Application in Airports”, first published in Biometrics Technology Today (BTT) in July 2012, which summarises the 2010 NIST results in detail.

2  Public Safety versus Generating Profit

Most people accept that the reality of the world today necessitates certain inconveniences and intrusions. We tolerate and increasingly expect surveillance technology to be deployed wisely in situations where there is demonstrable benefit to public safety, such as at transport hubs, large gatherings, public events or areas of critical national infrastructure. The key factor behind such tolerance is comprehension; we understand the reasoning behind these uses and the benefits to ourselves, namely our safety. Though we don’t necessarily like it, we generally accept it.

However, it has been difficult to avoid the increasing coverage in the media of the use of face recognition by commercial organisations. The single most common term that is bandied about in reference to these deployments tends to be “creepy”. The technology being deployed is very often similar, if not identical to, the technology deployed for public safety applications. So precisely what is it about this use of technology that people are averse to?

In order to understand this, it is useful to consider in each case who people perceive benefit from the system. In the case of public safety, the people perceived to benefit are us; the citizens. In the case of commercial use, people perceive the commercial organisation deploying the technology as the beneficiaries. In this scenario the term “benefit” generally means profit, either by increasing revenues or decreasing costs. Often there is a general distrust within society of large corporations profiting from the exploitation of the populace, and this is especially true in times of prolonged economic difficulty. This is additionally complicated by the fact that our biometric traits are viewed as being something that are intrinsically ours and that are a constituent part of our definition.

3  Examples: Uses to Reduce Cost and Generate Revenue

It hasn’t taken long for business minded technology companies to devise a whole range of new uses of face recognition, all focussed on delivering bottom line business benefit. An important characteristic of face recognition is that it is only useful if you have something to match a photograph (probe) against, whether it is another photograph, or a database of photographs (reference set). It is the management, control of access to and often the creation of these reference sets that generate the most privacy concerns.

Let us briefly discuss some of the manners in which the technology is currently being deployed.

3.1  Efficiently Identifying Customers and Staff

This perhaps is the most traditional use of biometrics within commercial organisations. The ability to positively identify people, whether they are your staff or increasingly your customers, is absolutely necessary for the day-to-day operation of business and indeed society. Biometrics can be applied to ensure identity in a more cost-effective and positive manner, thereby introducing efficiencies into the business. It is an unfortunate reality that staff are responsible for a significant amount of theft. Adopting biometric technology can eliminate password theft and help mitigate the risks of identity sharing, thereby reducing fraudulent and unauthorised transactions and ensuring relevant personnel are physically present at the time of a transaction. Additionally, customers can be identified positively before conducting transactions. Cashless payments provide numerous efficiency opportunities by allowing elimination of cash and credit cards at point of payment altogether.

3.1.1         Privacy Considerations

These examples are usually only possible with the consent and approval of the individuals in question. Customers typically register for a biometric payment system, for example, in order to realise a benefit offered by the enterprise. The enterprise in turn must satisfy the customer that their biometric reference data will be kept and managed securely and only for the stated purpose.

The advent of face recognition provides new manners in which you can identify your customers, for example from CCTV cameras as they enter shops or as they view public advertising displays. It is when these activities are performed without the individual’s knowledge or consent that concerns arise.

3.2  Identifying Who is Entering Your Premises

These solutions are designed to integrate with existing surveillance systems; faces are extracted in real-time from a CCTV video feed and matched against a database of individuals. When the system identifies an individual of interest it can raise an alert that can be responded to rapidly and effectively, or log where and when the individual was seen for the formation of analytical data.

This can be used to provide valuable real-time or analytical intelligence to organisations, such as:retail

  • Notification of the arrival of undesirables, such as banned individuals or known shoplifters.
  • Notification of the arrival of valued or VIP customers.
  • Collation of behaviour data of known customers, such as how frequently they visit, which stores they visit and integration with loyalty programmes.




3.2.1         Privacy Considerations

There are a number of potential issues with regards to privacy that need to be considered here, most notably:

  • How is the reference set obtained? Who is in it?
  • Do you have the permission of the individuals in the reference set?
  • How are the photographs in the reference set stored and secured?
  • Are the members of the reference set aware of how and when their photos will be searched?
  • Are the people crossing the cameras aware that their photos are being searched against pre-defined reference sets?
  • What action is taken if a probe image matches against the reference set? What are the implications of a match or a false match?
  • What is done with the probe images after searching the reference set? Are they discarded or stored?

The number of possible uses of this functionality and resulting business benefits are too large to enumerate here, but very careful consideration must be made with regards to the proportionality of the solution when measured against the requirement. Additionally, the views and considerations of the individuals whose images you are verifying, both the people within the reference set and the people whose faces you are sampling as probe images, should be well understood and considered; approval should be sought for inclusion into a reference set.

3.3  Analysing How People Moving Through Your Premises

Face recognition can also be used to determine how people move through premises, such as a department store. Understanding peak and quiet times is essential to enable sufficient and efficient staffing and resourcing. Raising alerts to manage unforeseen queues is critical for ensuring customer satisfaction.

Face recognition applied to CCTV can timestamp when individuals are detected at known camera locations, thereby providing highly accurate information on people flows such as:

  • How long on average does it take to move between two or more points?
    (such as from the entrance of a store to a checkout or exit)
  • What are the averages flow times across the day and when are the peaks?
  • How does this vary with the time of day?

This can be used to determine how people typically move through the premises, and how long on average they linger in specific areas. You can also analyse this data across different age and gender demographic categories.

3.3.1         Privacy Considerations

Importantly, no person identifying information is recorded. There is no interest in identifying who the individuals moving through the premises are or in taking any specific action on any specific individual. There is no need to search against any pre-defined reference sets.

However, there are some issues you should consider when deploying such systems:

  • Biometric matching of people crossing the cameras still occurs. The probe photos are matched against other anonymous people that have previously crossed the cameras.
  • You should carefully consider how long this data will be retained for matching, (generally hours) and the nature of the premises being monitored.

Generally the privacy considerations of this application are minimal.

3.4  Building Databases of People Visiting Your Premises

As previously mentioned, face recognition is only useful if you have images to match against. Previous examples have dealt with matching the faces of people crossing the camera against known databases of individuals. A potentially far more valuable practice to enterprise is to dynamically build reference databases consisting of the people who cross the camera. Unfortunately, this is also the practice that riles the populace the most and is rife with potential privacy intrusions.

The increase in the use of CCTV cameras has led to an ever increasing volume of archived video footage. The intelligence in this footage typically remains inaccessible unless appropriately analysed and indexed. Such systems can be used to populate databases of “seen” individuals, thereby enabling searching for specific people of interest to determine if, when and where they have been present. This then allows the collation of data such as how frequently individuals visit your premises, how long they stay and when was the last time the individual visited your premises, as well as which of your locations any individual frequents and which is the most common.

If this functionality is combined with the ability to search and cross- reference against databases of known individuals, for example a subscribed customer database, this can then allow you to build very valuable analytical data on specific individuals thereby enabling you to predict future behaviour and market more specific services and products.

3.4.1         Privacy Considerations

Tread very carefully. Some of the most vocal opposition to the application of face recognition technology results from the capture of biometric data of potentially large numbers of people without their knowledge or consent, especially if the people are then identified and profiled against existing databases. In many jurisdictions around the world, the retention of such data may be in contravention of privacy legislation.

3.5  Analysing Who is Viewing What to Target Your Advertising

There have been many examples in recent months of retail and advertising organisations using technology to determine the approximate age and gender of people entering premises or viewing advertising walls. Though not technically face recognition, it is still worth mentioning here as often the distinction between the two uses is blurred. The premise is simple: such solutions can count the number of people watching an advert at any given time, and even estimate their age, dwell time, sex and race. While providing invaluable information for the advertiser, it can also allow them to dynamically change the adverts in real time to more appropriately target the demographic of the current viewer(s). Such solutions are increasingly being deployed in Japan and it is only a matter of time until they are more widely considered in Europe and North America.

3.5.1         Privacy Considerations

The key consideration here is that this form of technology is not actually identifying anybody or extracting personally identifiable information. There does appear to be some opposition to this, though none of it very vocal or serious. It is difficult to see any infringement of privacy and often may be advantageous to the consumer as advertising may be more specifically tailored to their needs.

3.6  Matching People on Your Premises with Social Media Accounts

Both Google and Facebook have acquired face recognition technology companies over the past year. Facebook’s users, for example, publish over 300 million photos onto the site every day, thereby making Facebook the owner of the largest photographic database in the world.

Facebook is already trialling a new service called Facedeals which enables its users to automatically check in at participating retail sites equipped with specially enabled cameras. In order to entice users to participate, the participating retailer can offer special deals to Facebook users when they arrive. The flow of information can be bi-directional. Such automatic check-in data coupled with the users’ manual checkins can be used by Facebook to hone their profile of individuals allowing them to target users with more relevant advertising. The system is entirely voluntarily, and the reference sets searched by retailers only contain photos of users who have opted into the service.

3.6.1         Privacy Considerations

Making data from social media sites available to other commercial organisations is a potential privacy minefield and should only ever be done with users’ consent. Defining these as opt-in services is exactly the right way forward. Likewise the profiling of users of social media sites based upon automatic tagging of images uploaded to those sites should be strictly controlled and only enabled on an opt-in basis. The privacy concerns over such activities have recently been very aptly illustrated by Facebook’s withdrawal of its controversial auto-tagging feature from use in Europe after pressure from privacy campaigners and regulators.

4  Social Media, Cloud Computing and Face Recognition

Dr. Joseph J. Atick of the International Biometrics and Identification Association has written a thought-provoking paper entitled “Face Recognition in the Era of the Cloud and Social Media: Is it Time to Hit the Panic Button?”. The paper raises several interesting points that merit mention here. In it Dr. Atick argues that the convergence of several trends including the:

  • High levels of accuracy now attainable by face recognition algorithms.
  • Ubiquity of social networking with its inherent large photographic databases.
  • Availability of cheap computer processing and the advent of cloud computing.

…coupled with the fact that “face recognition occupies a special place [within the family of biometrics in that] it can be surreptitiously performed from a distance, without subject cooperation and works from ordinary photographs without the need for special enrolment…” is “ … creating an environment … that threatens privacy on a very large scale…”.

One of the main premises of the paper is that this issue “… will require the active cooperation of social media providers and the IT industry to ensure the continued protection of our reasonable expectations of privacy, without crippling use of this powerful technology”.

5  Can All This be Done Ethically? (What About Privacy?)

Can organisations ethically make use of face recognition technology to increase efficiencies and drive revenue, whilst respecting and preserving privacy and maintaining the trust of their clientele and society?

The premise of “privacy-by-design” should be used to ensure that privacy is considered from the outset of any deployment of face recognition technology. In fact, the European Union’s 22-month Privacy Impact Assessment Framework (PIAF) project advises that “Privacy impact assessments should be mandatory and must engage stakeholders in the process” for all biometric projects.

Reputable organisations such as the Biometrics Institute have gone so far as to publish invaluable privacy charters to act as a “…good executive guide operating over a number of jurisdictions…” which should be reviewed and seriously considered before any deployment of biometric technology.

Some of these fundamental principles are outlined below within context of the subject matter of this article and specifically within the context of commercial use of the technology. These will not necessarily apply when discussing matters of public safety, law enforcement and national security.

5.1  Proportionality

A fundamental principle of privacy concerns the limitation of the collection of data to that which is necessary. Organisations should not collect more personal information than they reasonably need to carry out the stated purpose. Biometric data by its very nature is sensitive and absolute assurance must be provided that it will be managed, secured and used appropriately. However, a key consideration in the use of this technology should be proportionality; is the collection of such sensitive data justified for the benefit realised?

5.2  Educate and Inform

People on the whole generally resent not being informed, especially in matters that involve them. History is littered with IT projects that have failed because key stakeholders were not involved from the outset, were not sufficiently informed and whose buy-in to the process was not obtained. Customers are one of the most important stakeholders and these issues are even more critical when dealing with their personal and biometric data.

There is a very interesting video on YouTube that illustrates this point very nicely. It is filmed by a man with a camera walking around filming random strangers without explanation. The reaction is predictably always negative and sometimes hostile. The message the video is trying to make is obvious: most people do not approve of being videoed, so why do we so readily accept surveillance cameras? The message that comes across is actually clearer: People object when they do not understand intent, purpose or benefit to themselves. The cameraman offered no messages of explanation of his intent, even when challenged. Objection was guaranteed.

5.3  Be Truthful and Accurate when Describing the Business Purpose and Benefit

As part of the process of informing, organisations should also be direct and open in disclosing not only the existence of the systems, but the scope, intent and purpose of the solutions. Why are you utilising an individual’s biometric data? What benefit does it serve? What is the scope of the use of this data?

Importantly stay well clear of “scope creep”. All too often it is tempting to start using data once you have it for other than the stated intended purpose for which it was collected. Such endeavours will inevitably lead to loss of trust.

5.4  Provide Benefit to the Customer

Simply understanding the scope, purpose and intent of a system generally will not be sufficient to garner acceptance of the system. While people are generally astute enough to realise that businesses are in the business of making money, they’ll want to know what is in it for them. What is their benefit?

An example with which most of us will be familiar are grocery store loyalty or “club” cards. Whilst we all understand the objective of the grocery store is to profile and analyse our spending in order to better market to us, a majority of us still subscribe in order to receive the enticements and benefits on offer.

Within the context of face recognition, Facebook’s Facedeals programme demonstrates this principle nicely. Users understand the benefit to Facebook and the retailer, yet they still may choose to opt in to the programme because there is a clear and discernible benefit for them to do so as well, namely targeted discounts and offers at retail outlets.

This is also affirmed by a survey in 2012 by IATA which finds that “… most travellers are receptive to the idea of using biometrics within the border control process.” Why? Because there is clear and discernible benefit to them in the form of a more efficient passenger process and increased levels of security.

5.5  Seek Consent and Operate on an Opt-in Principle Where Appropriate

Biometric enrolment into such systems should not be mandatory. Individuals should be allowed the ability to opt-in, with an opt-out status being the default. Clearly this is not always feasible when considering people in public places the crossing cameras. However, if they are being identified against reference sets, the individuals in the reference sets should be there only with consent. Automatic enrolment into reference sets or biometric databases should involve the consent and approval of those enrolled.

Importantly, people should not be penalised should they choose not to opt-in; they should still be allowed a mechanism of transacting and conducting their business.

The recent decision by the UK Department of Education to prohibit schools from taking pupils’ fingerprints or other biometric data without gaining parents’ permission is a prime example of a potential backlash when such systems are made mandatory without providing any alternative mechanism of transacting. In many cases in UK schools, students were left with no mechanism of buying their school lunch unless they enrolled into a biometric system.

6  Summary

The accuracy of face recognition has increased dramatically. Retailers and other commercial organisations are investigating ways to exploit this technology to increase revenues, improve margins and enhance efficiency. Social media companies own the largest photographic databases in existence and are under pressure from shareholders to find ways to monetise these assets. As these explorations gather pace, so does the discontent of privacy advocates.

This article has outlined a number of ways face recognition can be used by enterprise and highlights potential privacy issues. Is it possible to ethically use face recognition technology and respect privacy? This will only be possible if enterprise maintains the trust and respect of its customers. Open and honest discourse is the best manner in which to achieve this. This should be accompanied by delivering real benefit to all parties involved in a manner that also empowers the customer; nobody should be forced to enrol into biometric systems or be disenfranchised from refusing to do so.

How far is too far? History has shown that there is no absolute answer to such questions. The exact location of the line to be crossed is always a factor of and changes with the times we live in. History has also shown, especially as it pertains to technology, that it is next to impossible to put the genie back into the bottle once released. It is now the collective responsibility of all to ensure the proper and ethical use of this technology in a manner that delivers the maximum benefit. This will require the active cooperation of social media, enterprise, the IT industry and civil liberty groups to ensure the continued protection of our reasonable expectations of privacy without crippling the use of this powerful technology. In the end, the people have the loudest voice. If enterprise crosses the line, customers will pass judgement with their wallets. 

7  About the Author

Carl is the founder of Allevate Limited (, an independent consultancy specialising in market engagement for biometric and identification solutions. With over 20 years’ experience working in the hi-technology and software industry globally, he has significant experience with identification and public safety technologies including databases, PKI and smartcards, and has spent the past 10 years enabling the deployment of biometric technologies to infrastructure projects. Carl started working with biometrics whilst employed by NEC in the UK and has subsequently supported NEC’s global and public safety business internationally.

Residing in the UK, Carl was born and raised in Canada and holds a Bachelor of Science Degree on Computer Science and Mathematics from the University of Toronto.

You can download a PDF copy of this article by clicking this link.


3,976 words


Multiple Biometric Evaluation (2010) Report on Evaluation of 2D Still Image Face Recognition
Patrick J. Grother, George W. Quinn and P. Jonathon Phillips

Advances in Face Recognition Technology and its Application in Airports
Carl Gohringer,  Allevate Limited,
July 2012

Face Recognition in the Era of the Cloud and Social Media: Is it Time to Hit the Panic Button?
Dr. Joseph Atick
International Biometrics and Identification Association


Privacy Charter
Biometrics Institute

The International Air Transport Association (IATA)

Posted by allevate at 1:00 Comments disabled

“From grainy CCTV to a positive ID: Recognising the benefits of surveillance”

Interesting article in London’s Independent newspaper on CCTV surveillance and face biometrics.

Especially interesting is the view of the combination of biometrics over CCTV with artificial intelligence and behavioral recognition, as this does appear to be the way things are moving.

I agree that biometrics, and especially face recognition, can provide huge benefit to society. I also agree that there is a certain level of concern and distrust by large swathes of the population, some of it well-founded, and some of it based on misperception and incorrect knowledge.

In either case, I think it is dangerous to simply dismiss these concerns and objections simply because we feel “we know best”. I believe society can be much better off with the well placed and controlled use of this technology, but I also believe that we should be working with the civil liberties groups rather than fighting them. Ultimately, these systems need to be accepted if they are to succeed, and in order for this to happen, the public has to better understand the benefit to themselves, and have trust in the people using them.

Posted by allevate at 10:16 Comments disabled

SITA and NEC announce automated border control partnership

NEC Europe, leaders in biometric technology and SITA, the air transport IT specialist, announced an agreement to jointly provide an automated border control (ABC) gate solution. It incorporates sophisticated biometrics technology for use at immigration control points at airports in the European Union. The agreement comes as EU member states implement recommendations to move to self-service border control using ABC gates.

The speed and accuracy of this SITA/NEC automated border control gate helps speed up passenger flows at border control checkpoints while improving security and resource management. It incorporates face recognition, and optionally fingerprint verification, against e-passport data. Passengers can be processed through the SITA/NEC ABC gate in ten seconds or less

“SITA has significant experience in dealing with the challenges facing border control authorities around the globe and automated border control gates are recognized as a potential solution to the combined goals of improving the passenger journey and increasing border security,” said Dan Ebbinghaus, SITA Vice President, Government Solutions. “Working with NEC, our ABC gates combine SITA’s air transport industry experience and market knowledge with the fastest and most accurate face recognition software in the market. This combination will provide significant benefits to border control and airport authorities.”

ABC gates are less resource intensive as it only requires manual intervention by an immigration officer in rare cases when a match is unsuccessful. This frees up border security staff for other activities. In addition to the improved traveler experience, reduced waiting times can attract more airlines and increased revenue for the airport authority.

A core element in this ABC solution is NEC’s “NeoFace” face recognition algorithm which provides speed, accuracy and performance regardless of the database size and image quality. NEC face recognition technologies were ranked No. 1 in the MBE Still-Face Track in 2010 carried out by the National Institute of Standards and Technology (NIST), commissioned by the Department of Homeland Security.

Chris de Silva, Vice President IT Solutions, NEC, said: “NEC has a long history in innovation and with NeoFace we have extremely fast and accurate face recognition software, ideal for security applications. We have incorporated our software in a variety of security-based applications, but by integrating it into this new ABC gate, we believe it will significantly improve the efficiency of processing people through control checkpoints.”

He further added: “SITA has a wealth of experience as an IT integrator in the air transport industry and we are well-placed with our combined expertise to deliver a market-leading ABC solution across Europe.”

Posted by allevate at 12:22 Comments disabled

An Example of how Biometric Identification Systems Assist Law Enforcement Agencies Solve Cold Cases



The Bexar County Sheriff’s Department in San Antonio, Texas used a latent examiner’s workstation from NEC to search a criminal database using a partial latent print to solve a cold case  in a matter of minutes.

Posted by allevate at 4:58 Comments disabled

Article: Advances in Face Recognition Technology and its Application in Airports

You can download a PDF copy of this article by clicking this link.

The accuracy of face recognition has increased dramatically. The top performing algorithm in independent evaluations by the US National Institute of Standards and Technology (NIST) is now capable of providing reliable results in real-world environments; the technology is being deployed in airports today to enable everything from automated immigration processes, improved surveillance, security and seamless passenger travel, to the gathering of valuable statistical information pertaining to passenger movements.

1.0 The Business Environment

Airports are complex environments involving multiple stakeholders with conflicting requirements:

  • Government and border control.
  • Police.
  • Airport operators.
  • Airlines.
  • Retailers.

All parties must comply with all Government regulations and utilise the latest documents and passports from multiple issuing states while adhering to all security requirements.

1.1 More Passengers, Same Resources

Passenger numbers are relentlessly increasing; border crossings into the European Union by air alone are expected to increase to 720 million by 2030. The need to mitigate risk is constantly weighed against the requirement to ensure passenger mobility, whilst accurately and unambiguously identifying all those who move through this complex environment.

Biometrics is playing an ever-increasing role in response to these multi-faceted requirements.

2 Advances in Face Recognition Technology

Enter Face Recognition biometrics. This technology is set to transform CCTV surveillance. It is here. Ready to deploy. Now. A recent study by the US National Institute of Standards and Technology (NIST) demonstrated that the accuracy achieved by the top vendor can provide clear and measurable benefits to a range of applications, including surveillance.

2.1 Order of Magnitude Improvements between Subsequent Tests

Most remarkable is the rate of improvement in the accuracy of face recognition algorithms. NIST testing has demonstrated an order of magnitude of improvement in the False Reject Rates (FRR) every four years. Whilst maintaining a False Accept Rate (FAR) of 0.001, the FRR over 3 tests spanning 8 years were:

  • 2002: FRR of 0.2
  • 2006: FRR of 0.01
  • 2010: FRR of 0.003

Put simply, in the latest tests, if the best performing algorithm was set so that it would not falsely match two images of different people more than once in every 1,000 attempts, it would then fail to match two images of the same person only three times in every 1,000 attempts. In contrast, the 2002 tests mismatched 20 times for every 100 attempts.

FRR Results from NIST MBE2010

This arguably outperforms the accuracy of human beings.

2.2 Laboratory Testing versus Real World Environments

Although the above results are excellent, the controlled conditions of a laboratory environment are not representative of real-world conditions. They are a good indicator of results that may be attained when comparing photos of a similar quality taken under similar conditions (i.e. identifying 1 passport photo against a database of passport photos). However, photographs taken in an automatic border control e-gate or from a CCTV camera are not taken under the same control. These are commonly termed non-compliant captures.

Traditionally, face recognition software suffers degradation in accuracy when dealing with challenges such as variable lighting conditions or non-frontal images of the subject. Vendors that can better deal with these challenges deliver systems that perform in a consistently more reliable fashion in the field.

The latest NIST test indicates that the ability of the software to deal with the challenges of non-compliant photos has drastically increased. Face recognition software can now be reliably deployed in airport environments to deliver real and tangible business benefits.

2.3 Increased Tolerance to Angle / Pose

One way to predict how well a face recognition algorithm will perform in a real-world environment when dealing with non-compliant captures is to measure how well it performs in the laboratory with non-frontal photographs (where the subject‘s image is captured at an angle).

These lab results are an indicator as to which solutions will perform better when applying face recognition to CCTV cameras.

The recent NIST tests showed that the most accurate algorithm is highly tolerant to changes in pose. This indicates that detection rates from CCTV cameras should provide tangible benefits whilst minimising the level of false alarms.

Photos at a 25 Degree Angle

2.4 Increased Tolerance to Time Between Photographs

Additionally, it is often the case that the reference photographs we are comparing the live captures to are not recent. For example, most passports are valid for 10 years, so it is essential that we can still maintain a high level of accuracy when verifying photographs against older reference sets.

The NIST MBE 2010 study demonstrated that the highest performing algorithm was able to maintain accuracy rates that deliver quantifiable benefits in these circumstances.

Photos Taken 8 Years Apart

2.5 Lower Resolution Photos

It is also common for non-compliant face captures from CCTV cameras to involve photographs in which the subject’s face constitutes a small percentage of the overall frame of the picture or where the face resolution is not particularly high. This may be due to the use of a lower resolution camera or due to distance between the subject and the camera.

In December of 2011, NIST published another report entitled The Performance of Face Recognition Algorithms on Compressed Images. Although not the primary driver of this study, the results clearly show that the same top performing algorithm was able to generate the same high levels of accuracy with inter-eye distances all the way down to 24 pixels between the eyes, thereby providing another indicator of expected accuracy in real-world environments.

2.6 Real-World Results

There are numerous factors in a live deployment that need to be considered such as lighting, camera postion, distance of the subjects from the camera and the angles at which the sample photographs are taken.

Recently, a national government conducted an evaluation of an e-gate solution at an airport. As part of this evaluation, e-passport holders were invited to use the gates. A sufficient number of passengers were subsequently processed through the gates to provide proper statistical significance. Algorithms from three separate face recognition vendors were tested in the gate.

In this real-world scenario, passport photos of passengers were verified against a lesser quality livescan photo taken within the e-gate itself. The results were presented at the Biometrics 2010 Conference in London: the top performing vendor in the NIST test was able to achieve a real-world FRR rate of 1.1%. This is arguably a better result than can be obtained by a live border guard manually comparing passport photos against the passport holders.

FRR Attained in a Live immigration e-Gate

3 Current Applications of Face Recognition in Airports

Face recognition has evolved significantly over the past decade and has now attained a level of accuracy that provides real and quantifiable business benefit to all stakeholders in an airport environment. Solutions incorporating face recognition are already being deployed today.

3.1 Automated Border Control Gates at Immigration

Many nations world-wide have deployed e-Passports which are being carried by an ever-increasing percentage of the world’s population. This enables governments to deploy Automated Border Control (ABC) gates. In EU nations for example, these gates:

  • are for EU passport holders only.air travel
  • do not require pre-enrolment.
  • perform a 1:1 face verification of a live scan against the JPG on the passport chip.

In the UK these gates are being widely deployed at entry ports and seemingly form the backbone of the government’s strategy for automatically clearing EU passengers.

In Asia the three largest ABC deployments in the world (Singapore, Macau and Hong Kong) each process hundreds of thousands of passengers daily, maximising the efficiency of live border guards.

3.1.1 How it Works

The process involved in an ABC gate is fairly simple:

  1. The passenger approaches the gate and has their passport read by the e-gate.
  2. The validity of the data page on the passport is verified using a variety of tests.
  3. The information in the machine readable zone (MRZ) is verified against the data read off the chip.
  4. The passport information is sent to the appropriate government systems for the appropriate checks.
  5. If there are any problems thus far, the passenger is re-directed to a manned border lane, otherwise …
  6. A live photo is captured of the passenger (with appropriate liveness checks).
  7. Face recognition is used to verify the live capture with the photograph read off the passport’s chip.
  8. If the photo does not match, the passenger is assisted by a live border guard, otherwise…
  9. The passenger is allowed to proceed.

In this use of face recognition:

  • FAR represents the percentage of passengers holding a passport that does not belong to them that are wrongly admitted.
  • FRR represents the percentage of legitimate passengers who are wrongly re-directed to a live border guard due to the photographs not matching.

There have been no published studies of the FAR and FRR achieved by a live border guard, but it is generally accepted that face recognition operates at a higher level of accuracy, especially when a border guard has been on operational duty for more than 2 hours or has to deal with visual verification of multiple races of passengers. Most e-gate deployments in Europe today operate with an FRR of approximately 6% set against a corresponding FAR of 0.1%.

Recently, an officer responsible for a large deployment of e-gates in an international airport indicated that in his view, most imposters attempting fraudulent entry into the country prefer to try their luck with manned border guards rather than use automated gates.

3.1.2 The Business Benefit

You don’t have to look far today to read of the burgeoning deficits of most western nations. Austerity is the order of the day. Even in light of the expected year-on-year growth in passenger numbers, budgets are being cut. More and more often, improved efficiencies introduced by the sensible deployment of technology are being relied on to address these budget shortfalls.

Border guards are highly skilled and experienced staff deployed at the front-line of our nations defences. 99% of travellers entering a country are benign. Routine checking of travel documents and verification of valid ownership are tasks that can now be better performed by technology, thereby enabling the automated egress of legitimate travellers and allowing the border guards to focus on and find the 1% of the travellers they really want to speak with. In effect, removing the haystack to reveal the needle.

It is also relevant to note that the higher the accuracy of the face recognition solution deployed, the lower the FRR realised, thereby resulting in fewer passengers redirected to a live border guard and a lower cost of total ownership.

3.1.3 An Example

Another nation that has recently trialled the deployment of 4 ABC lanes determined the following:

  • Without the ABC lanes, 8 manual lanes required 8 border guards.
  • With the ABC lanes, the same 8 border guards were able to monitor 12 lanes.
  • Without the 4 ABC lanes, 8 border guards oversaw the entry of 950 passengers per hour.
  • With the 4 ABC lanes, 8 border guards oversaw the entry of 2,400 passengers per hour.

Even with the deployment of a limited number of ABC lanes a real and tangible benefit was realised.

3.2 Trusted Traveller Systems

Most ABC solutions deployed today take one of two forms:

  • Non-Registered, for holders of e-Passports from authorised countries (as discussed above).
  • Registered, for holders of passports from countries not authorised to use the Non-Registered lanes (or holders of older passports without a chip).

Examples of the latter include the US Global Entry, Dutch Privium (collectively FLUX) and the UK IRIS systems.

As non-registered systems become more commonplace and the number of e-passport holders continues to rise, the business case for governments to provide separate free-to-use Trusted Traveller systems becomes vague. Ideally, given the limited space available in airports, the best scenario involves these passengers using the same physical e-gates as users of the non-registered systems.

Existing e-gates can be modified to accommodate holders of e-Passports from other nations. An additional step in the process flow allows the e-gate to cross-reference against a database of pre-enrolled and vetted Trusted Travellers. An additional face verification can be performed against the stored face details of the enrolled passenger.

3.3 Departure and Boarding Gates

The previous example depicts the use of biometrics to facilitate passenger processing at immigration and to introduce efficiencies to the tasks of border control officials. Airport operators and airlines are also increasingly turning to biometrics to facilitate the flow of outbound passengers through airport terminals.

Simplifying Passenger Travel (SPT) was an initiative led by airlines, airports, governments and technology providers which proposed the “Ideal Process Flow”. The goal was to combine e-passports, biometrics and network infrastructure to enable the automatic identification and processing of passengers to move them through the airport seamlessly while freeing up staff to concentrate on security threats and customer service.

While the full ambition of assigning a single biometric identifier to a passenger’s entire airport journey, from booking, to check-in, bag drop through to security and eventually boarding is yet to be realised, key elements are already being implemented by airport operators.

3.3.1 The Problem

Many airport terminals have a single common departure lounge for both domestic and international passengers. Here exists the potential for a departing domestic traveller to swap boarding cards with an arriving international traveller, thereby enabling the arriving traveller to transit to a domestic airport and bypass immigration processes.

3.3.2 The Solution

This problem can be remedied by introducing automatic gates with face recognition at the entry to the common departure area and at the gate prior to airplane boarding. The automated gate at plane boarding captures the passenger’s face and verifies it with the face captured and associated with the boarding card when the passenger entered the departure area, thereby detecting if a boarding card has been swapped.

3.4 Surveillance: Real Time Watchlist Alerts

Matching faces captured from CCTV against photographic databases has long been the holy grail of face recognition. These systems are now being deployed today.

Although the results obtained in the NIST evaluations do not reflect the results that can be obtained in a live surveillance environment, it stands to reason that solutions that incorporate the best performing algorithms will also yield the highest accuracy results when matching CCTV images against a watchlist.

3.4.1 What it Delivers

These solutions are designed to integrate with existing surveillance processes; faces are extracted in real-time from the CCTV video feed and matched against a watchlist of individuals. When the system identifies an individual of interest, it raises an alert that can be responded to rapidly and effectively.

In this application of face recognition:

  • FAR represents the percentage of people captured by a CCTV camera that are falsely matched against the watchlist (in essence the number of false alarms raised by the system).
  • FRR represents the percentage of people captured by a CCTV camera who are in the watchlist but for which no alarm is raised.

The alerting mechanism is a binary process. If the system raises too many false alarms, it will quickly be ignored by those tasked with responding to these alerts. The objective of these systems is to minimise the false alerts to a manageable level, while detecting the highest possible percentage of people moving past the cameras who are in the watchlist (true ID rate).

3.4.2 Challenges

It is essential that expectations are set appropriately. Scenarios where thousands of cameras are scanning large crowds of people in day and night environments and from a distance to identify individuals of interest are still largely unrealistic. The best results are obtained:

  • Using newer high definition cameras (3-5 megapixels).
  • Indoors with uniform lighting or outside during daylight in the absence of specific glare.
  • Where people are generally facing the same direction and moving towards the camera.
  • In a suitable pinch-point, such as in a corridor, lane or access gate / turnstile (not large crowds of people).
  • Where cameras are positioned in such a manner as to minimise the angle to the face (ideally < 20 degrees).

Additionally, as the system is comparing poorer quality photos captured from CCTV, it is imperative that the highest quality reference photos are inserted into the watchlist. Systems comparing poor photos against poor photos operate at significantly reduced accuracy levels.

Even with the above considerations in mind, there exist substantial opportunities and environments in which these solutions may be deployed to deliver significant results.

3.4.3 Technical Considerations

These solutions are typically deployed in environments where large numbers of people may be crossing the cameras. As such, depending on the size of the watchlist, a very large number of face verifications need to take place. Such solutions potentially require intensive use of server infrastructure.

Typically, the main considerations that determine the server infrastructure required are:

  • The size of the watchlist.
    (Typically, these would only contain key or significant individuals.)
  • The number of people moving across the camera(s).
    (This represents the number of transactions or searches against the watchlist.)
  • The response time required in which to raise an alert.
  • The number of frames per second which are being captured by the cameras.
    (The higher the frame rate, the more times you capture the same person walking past the camera.)

Real-time searching of an entire criminal database is not typically feasible; consideration should be taken when determining who should be inserted into the watchlist to minimise its size. Typical watchlist sizes are in the hundreds or thousands.

The two major areas of processing inherent in such a system include:

  • Creating biometric templates of all the faces moving across the CCTV camera.
  • Matching these biometric templates against the watchlist.

Of these, template creation generally requires the most CPU power and time.

Therefore very careful consideration must be given to the number of frames per second (fps) the cameras are running at. Many systems typically run at 5-10 fps. While the processing power is significantly reduced, so is the overall accuracy of the system. The lower the fps, the more likely it is that the system will throw away frames containing a high quality image of the individuals’ faces.

To obtain optimal accuracy, cameras should be running at up to 20fps. However, this will result in more images of the same person being captured, resulting in a higher level of template creations and searches.
Solutions must be designed with scalability in mind, allowing the most efficient use of server power available.

3.4.4 An Example

An example of an existing live deployment in an airport environment consists of:

  • Up to 10 five megapixel cameras running at 25 fps.
  • A peak transaction rate of 1,000 people per minute moving across the cameras.
  • A watchlist of up to 1,000 people.
  • An alert response time of 5 seconds.

Each person is captured tens of times, resulting in tens of thousands of template creations per minute and tens of millions of biometric verifications per minute.

In this environment, assuming suitable environmental conditions and positioning of the cameras, this system identifies people in the watchlist up to 90% of the time (true id rate) with only one false alarm per day. If operators are willing to accept more false alarms, the true id rate can be increased by configuring system tuning parameters and lowering matching thresholds.

Such systems are already running today.

3.5 Surveillance: Forensic Video Analysis

The increase in the use of CCTV cameras has led to an ever increasing volume of archived video footage. The intelligence in this footage typically remains inaccessible unless appropriately analysed and indexed. Reducing investigation hours when limited resources are available is essential. Such systems can be used to populate databases of “seen” individuals, thereby enabling authorities to search for specific people of interest to determine if, when and where they have been present.

3.5.1 How it Works

  • Faces of individuals are captured from CCTV and archived in a database.
  • Authorities can search the archive using a photo to determine a camera ID and timestamp.
  • Playback of the relevant recording can be enabled by storing pointers into the video archive.

3.5.2 Usage Example: Passengers without Documentation

One usage already deployed today is to quickly and accurately determine the point of origin of arriving passengers without documentation, such as asylum seekers.

If a passenger presents themselves to immigration without documentation and does not provide accurate or complete information about themself, authorities can capture a photograph of the person and search the database of archived faces. If cameras are placed in aerobridges to record disembarking passengers, it is then a simple process to identify on which flight the passenger arrived.

3.6 Queue Management and Flow Analysis

It is becoming increasingly important for airlines and airport operators to monitor queue lengths and passenger flows within the airport. Understanding peak and quiet times is essential to enable sufficient and efficient staffing and resourcing. Raising alerts to manage unforeseen queues is critical for ensuring passenger satisfaction as well as for ensuring that all SLAs with other stakeholders, such as airlines or government agencies, are adhered to.

A common solution thus far has involved the tracking of bluetooth enabled devices such as PDAs and smartphones which are carried by passengers. However, relatively low percentages (approximately 15%) of passengers carry such a device, let alone have the bluetooth on the device activated.

A solution that provides a much more comprehensive data set and accurate information is needed.

3.6.1 The Application of Face Recognition

Solutions using CCTV with face recognition can timestamp when individuals are detected at known camera locations, thereby providing highly accurate information on passenger flows such as:

  • How long does it take to move between two or more points? (such as check-in to security)
  • What are the averages and when are the peaks?
  • How does this vary with time of day?

…as well as providing invaluable insight on how passengers move through the airport:

  • What percentage of passengers move from security to duty free?
  • How many of these are male / female?
  • How long does the average passenger spend shopping in duty free?
  • How is this impacted by queue lengths?

Importantly, no specific passenger identifying information is recorded.

3.6.2 How it Works

As passengers enter an area of interest they are acquired by a camera and anonymously enrolled into the system:

  • CCTV cameras enabled with biometric technology are installed at appropriate areas of interest.
  • Passengers are automatically searched against the database of enrolled individuals.
  • The passenger’s anonymous record is updated with a camera number and timestamp.
  • The database is automatically purged as required at regular pre-defined intervals.
  • The system can raise the appropriate alerts as required (i.e. queues too long).

4 Privacy Considerations

Any article on face recognition would be seriously remiss without at least mentioning privacy. There are a multitude of sources available for detailed discussions on privacy versus benefit of this technology, including the views of this article’s author; readers should familiarise themselves with this issue before considering any deployment of face recognition.

5 What’s Next?

As the use of face recognition continues to be substantiated, more ingenuitive applications will be deployed. Cloud-based services will enable the transfer of expensive computing power out of the airport into shared server facilities. Face recognition will assign a passenger a single unique and transient identity during their movement through the airport, thereby allowing them to be processed by multiple applications seamlessly and effortlessly. Passenger movement through an airport environment can be tracked up to the point of their departure. Personalised way-finding solutions can guide individual passengers to their specific gate, thereby reducing flight delays and passengers who are delaying flights can be quickly and easily located.

6 Summary

The accuracy of face recognition has increased dramatically over the past years. The top performing algorithm in independent evaluations by the US National Institute of Standards and Technology is now capable of providing reliable results in real-world environments and the technology is being deployed today in airports to enable everything from automated immigration processes, improved surveillance and security, seamless passenger travel and the gathering of valuable statistical information pertaining to passenger movements. The number of potential applications of this technology will continue to deliver benefits in creative ways we have yet to imagine.

The business benefit is real and quantifiable.

7 About the Author

Carl is the founder of Allevate Limited (, a consultancy focused on providing strategic expertise for identity projects that incorporate biometrics, automation and analytic technologies. With over 20 years’ experience working in the hi-technology and software industry, he has spent the past 10 years enabling the deployment of biometric technologies to national infrastructure projects. Carl started working with biometrics whilst employed by NEC in the UK. Allevate continues to work closely with NEC on identification projects in Europe for government, border control and law enforcement.

You can download a PDF copy of this article by clicking this link.


This is the author’s original version of a work that was accepted for publication in Biometrics Technology Today (BTT). Changes resulting from BTT’s publishing process are not reflected in this original version, and as such this article may differ from the version subsequently published in Biometrics Technology Today, VOL: 2012, ISSUE: 7, Date: July, 2012,  DOI:

Posted by allevate at 4:22 Comments disabled

Western Identification Network Selects NEC for Criminal AFIS Across 8 US States

NEC Corporation of America announced that it has been awarded a multiyear contract with the Western Identification Network, Inc. (WIN) to modernize WIN’s multistate criminal identification system across 8 US states.

WIN is a non-profit organisation that provides identification services to law enforcement in: Alaska, Idaho, Montana, Nevada, Oregon, Utah, Washington, Wyoming, and California (as an interface member).

WIN has been a long-standing customer of NEC America, and this contract was re-competed last year.

The re-award of the contract to NEC is a testament to the skill and efforts of their team in Sacramento, and the quality of the NEC AFIS solutions.

Interestingly, NEC is providing this capability to WIN as a service, thereby eliminating the need for any upfront capital expenditure, and has been doing so long before “cloud” became fashionable.  The solution is entirely owned by NEC and hosted in NEC data centers.


Posted by allevate at 6:05 Comments disabled

Does turning off the Iris system at Manchester and Birmingham represent a failure of biometrics?

News that the Iris biometric gates at Manchester and Birmingham airports have been turned off has been widely reported. (BBC: Eye scanners at England airports turned off, Register: Two UK airports scrap IRIS eye-scanners)

The comments that this represents a failure of biometric systems started to fly almost immediately.air travel

  • “Multi-million pound eye scanners, billed as a key tool in securing Britain’s borders, have been scrapped.”
  • “…the technology has been beset by problems,…”

… are typical of the comments and headlines making their rounds.

I admit the gates were not perfect and did require some getting used to in order to navigate your way through quickly.

But I think the systems were far from a failure, and the reality is a little bit more subtle than the headlines may suggest.

Let’s not forget the system was originally introduced in 2004, initially as a pilot.  At this time, such use of Iris technology was fairly innovative.  That the footprint of the pilot was gradually extended and became a permanent system is indicative that the system was fairly well received. The fact that over 380,000 people have voluntarily enrolled (myself included) makes it difficult to argue that the system is derided.

In my opinion, the turning off of the system at these two locations is more in line with a planned phasing out of this particular solution, for some rather more mundane reasons:

  1. The system  no longer fits border-automation strategy in the UK  moving forward. It has largely been replaced by the momentum to accommodate EU e-Passports holders,whose passports hold an electronic copy of their face photographic.
  2. As innovative as the technology was in 2004, it is now woefully out-of-date. Iris technology has moved on leaps-and-bounds in the 8 years since (as demonstrated by the Iris-at-a-distance  e-gate solutions for departing passengers at Gatwick airport). The initial investment undoubtedly has long since been written off, and the technology needs a refresh.
  3. The initial deployment was meant to be limited, and the contract has undoubtedly been extended numerous times. A complete and expensive technology refresh (as is required) without an open and competitive re-tender would undoubtedly not rest on firm legal ground.
  4. The business model was never well thought out. It is completely funded by the UK government and can be used by any nationality completely free of charge.

This Iris system is intended for pre-registered Trusted Travellers, who are pre-vetted before they can use the system. At point of use, it is a 1:n Iris check and no travel documents are required.

Since the system has been deployed, most European Union (EU) nations have deployed e-Passports and an ever-increasing percentage of the EU population is now carrying a chip passport. The Iris gates have been gradually been superseded by a new breed of e-Gates that:

  • are for EU passport holders only.
  • do not require pre-enrolment.
  • perform a 1:1 face check against the JPG on the passport chip.

These gates are now being widely deployed at UK ports of entry and seemingly form the backbone of the government’s strategy for automated passenger clearance. This is only natural, as by far the bulk of passengers entering the UK are EU citizens.

If the remaining Iris gates are end-of-life’d, this will clearly leave a hole in the border automation strategy, mainly those passengers that:

  • are not EU citizens.
  • are EU citizens but do not yet have an e-passport.

Arguably, the second of the two will become less of a problem as time passes, as holders of older passports have their passports renewed.

The former, however, will form a minority of arriving passengers, and the business case for the government to provide a free-to-use Trusted Traveler system remains vague. More likely than not, any replacement system  will take the form of a paid subscription requiring a pre-enrollment with vetting.

Ideally, given the limited space available airports, the best scenario would involve these passengers using the same physical e-gates as EU passport holders.

In my view, allowing these systems to reach their end-of-life is not an argument for the failure of biometrics deployed at the border. The fact that a system that was only ever meant to have a limited deployment lasted this long and was only replaced by a government strategy that is more harmonised across EU nations, is a testament to the value this technology provides.

Thank you project IRIS, but I won’t miss you. I use the new e-Passport e-Gates now.

Posted by allevate at 11:08 2 comments

NEC Face Recognition Software Analyzes the Chinese Clay Soldier Army


Not your standard high – security project.

Posted by allevate at 4:45 Comments disabled

Biometrics in Banking

Man using iris biometrics to authenticate to ATMTurkey, BruneiNigeria and Poland are just some of the countries that have already announced biometric ATMs, for example. The use of biometrics at the till for payment is also on the rise.

Some cite the fact that there has not been a massive up-take in the use of biometrics in consumer facing applications as evidence that the technology does not yet function to an adequate level of performance. Every large biometric deployment deployment I have been involved in has entailed rigorous and exhaustive testing to clearly demonstrate accuracy performance against clearly and aggressively pre-defined test parameters, in real-world environments, using customer data; I don’t expect financial customers would be any less arduous.

I do agree that lab testing / data is insufficient, and solution providers who are unwilling or unable to demonstrate predictable and repeatable accuracy SLAs in real-world environments should be treated with caution.

Is a biometric system fallible? Yes. The question is, is it less fallible then existing precautions already in place, and does the deployment of such a system, in simple financial terms, demonstrate a clear ROI. Again, the answer is: Yes.

Rather, I believe that the thus far reluctance in Western societies to deploy such systems en masse for consumer identification is more due to the banks’ concern of how such systems will be perceived by their clientele; the UK populace, for example, is ever suspicious of Big Brother, their governments and large institutions.

However, these “perception barriers” are already lowering, and there is mounting evidence that public opposition, where clear benefit is realised, is eroding.

Banks are now increasingly becoming aware of the value of biometric identification, of both their internal staff and their external clientele, especially in the area of high net-worth individuals and high-value transactions, and I expect we will see many exciting developments in identification solutions for this market.

Posted by allevate at 3:24 Comments disabled

Which biometric applications have been the most influential?



Listen to:

  • Vance Bjorn
  • David Buckley
  • Jim Wayman
  • Joseph Atick
  • Mark Crego

Posted by allevate at 11:49 Comments disabled

On Biometric Suppliers Publishing Accuracy Figures

Of late there have been repeated calls on Twitter for biometric suppliers to publicly release statistics pertaining to the performance of their biometric algorithms, specifically False Accept Rates (FAR) and False Reject Rates (FRR).

Whilst not a response to those calls, this post is in part motivated by them.

Those repeatedly calling for the release of these figures know in advance that their calls will not be heeded. As they are already well-versed in the technology, they already understand the reasons why. Yet I believe they persist so they can cite the non-responsiveness of suppliers as “evidence” that the technology does not work.

Let’s examine why suppliers keep this information secret.


I have been involved in negotiating multiple contracts for deployment of biometric technology, ranging from large government infrastructure programmes, through to enterprise access control solutions. I can emphatically state that in every one of these instances, the customer has been absolutely fully aware of the performance metrics of the technology they are deploying, from accuracy through to HW requirements. In fact, before securing any contract, it is very common for the supplier to have to benchmark their technology on customer supplied data, and often the adherence to pre-defined accuracy SLAs is written into contract, with penalties for non-performance.

2. There is no single correct answer

Anybody versed in biometrics knows that the answer is almost always “It depends”. The accuracy is dependent upon multiple factors, many of which will be under the control of the customer, not just the supplier, such as:

      - Quality of the data being matched against
      - Representative population
        - Environmental conditions


          - Performance required
          – Budget

      Again, required levels of accuracy will often be pre-agreed with the client, and it is often down to a matter of how much budget the client has available. Faster and / or more accurate will require more computing power, and the determination is often down to a cost benefit analysis.

      3. It is Competitive Confidential Information

      Accuracy of biometric technology can pose a strong competitive advantage, and suppliers often don’t want this information to be in the public domain (or more specifically, available to their competitors). Though the release of this information is often required, for example to prospective clients, it will almost always be under a non-disclosure agreement.

      4. There is no Commercial Reason to do so

      Suppliers, like anybody, don’t like having their time wasted. They’ll apply their resources to those who wish to engage with them seriously, and as mentioned above, they will have no problem in releasing the information as required. A car salesman will spend his or her resources on the individual who wants to buy a car, and ignore the tire kickers.

      My Point

      To only ever argue the facts on one side of a debate to follow a predefined agenda generally results in a loss of credibility. The irony is that people who do so often have valid concerns or issues that quite rightly should be aired and considered, but end up falling by the wayside.

      These are my own personal opinions, and not necessarily the opinions of any suppliers I may happen to work with.

      Posted by allevate at 11:49 2 comments

      UK BA Suspensions

      air travelThe news last week that Brodie Clarke and Graeme Kyle were suspended from the UK Borders Agency following claims that identity checks were relaxed during busy periods at Heathrow raises some interesting questions.

      Without passing any judgement, I understand in part both why there may have been pressure to do so,  and the government’s decision to undertake suspensions.  The latter is easier to address. Whatever concerns may have existed, freedom to exercise authority cannot fly in the face of direct ministerial guidance.


      Having said that, I’m sure the reasons for doing so were well intentioned, and may have resulted from trying to meet conflicting requirements, mainly ensuring:

      • High security and appropriate passenger screening.
      • Passenger throughput and avoidance of queues / delays.

      While I’m not close to the environment in question, at initial glance it appears that the former requirement may have been sacrificed to an extent to ensure the latter during busy periods.

      Delays and queues, in a very real and commercial sense, cost money, and it is easy to quantify exactly how much. So it appears the dilemma faced was the age old one, being : “What is an acceptable cost for increased security?”

      It appears that some at least felt the benefit delivered did not warrant the disruption to existing processes. Unfortunately it also appears that the decision was taken without due process and consultation.

      This situation  highlights the importance of understanding the overall cost of any new security system (which invariably is significantly higher than the cost of procuring it), and the benefits it delivers. Invariably, any system will have an impact on existing workflows, and if carefully designed, should deliver an improvement in workflow in addition to an increase in security.

      Posted by allevate at 1:39 Comments disabled

      Biometric security: More bottom-line benefits, less James Bond

      Biometric security: More bottom-line benefits, less James Bond

      Carl Gohringer December 03, 2003

      Bond movies will always be associated with state-of-the-art technology, but few of the products he uses or encounters ever make it into the real world.

      A car that turns into a submarine might be nice to have or an umbrella that transforms into a rope ladder useful on the odd occasion, but their uses in everyday life are limited.

      There is one exception to the James Bond rule – biometrics – the technology that uses unique, physical geometry to identify and authenticate individuals.

      According to market research group Frost & Sullivan, the biometrics market will reach a phenomenal $2.05 billion by 2006 (it was valued at just $93.4 million last year).

      Concrete evidence for the growth in biometrics is starting to proliferate. The Home Office has announced that it is planning to install biometrics in 10 UK airports by the middle of next year to assist immigration control. The Nationwide Building Society is running extensive biometrics tests using iris scans in place of PINs at cash machines. Most recently, the Home Secretary announced that national ID cards – to be phased in over the next five years – will incorporate biometric data access via fingerprint recognition.

      However, for most organisations, there are two understandable questions that need to be answered before biometric identification will reach the boardroom agenda:

      • “When budgets are tight, what is the business case for investing in yet more security technology?”
      • “Aren’t there fundamental drawbacks with biometric technology?”

      The second issue is currently the source of most controversy in the media. For years films such as Minority Report have presented a rather superficial interpretation of biometrics. Eyes have been gouged out to gain access to computer networks and “fake” or severed fingers used to access a building.

      The reality is far less dramatic. As the use of biometrics becomes more common place, people will realise that the risk is no greater than being forced to reveal a password or to hand over an access swipe card. Indeed, the risk is much less, thus representing an improvement over and above the existing solution already in place. In fact, one of the key benefits of biometrics is that even if an ‘identity’ such as an access card or password is stolen, without the correct authenticating biometric, access will be denied. The same applies to the sharing of passwords, helping businesses and organisations control who can and cannot access certain areas.

      In addition to the physical risk, with biometrics comes the perceived threat of ‘Big Brother’, with concerns of data compilation and movement monitoring. While there is no escaping the fact that in the wrong hands this could be the case, in reality the threat is no greater than your bank recording the cash points you have accessed, mobile phones being used to track your whereabouts, a supermarket using loyalty cards to track your spending patterns or in fact, a security company monitoring the comings and goings of staff via CCTV.

      There is no doubting that to dispel the notion of a Big Brother state an education programme is needed to highlight the benefits of biometric security (e.g. the ability to protect a person’s identity, the near elimination of passport fraud and the ability to store important data without the threat of unauthorised access). However, the greatest support will be won once biometric security is fully integrated into daily processes, whether logging on to the network at work or withdrawing cash without the threat of skimming from a cash machine.

      The business case for biometrics, once explained, clearly demonstrates three primary reasons as to why a business should adopt biometrics:

      • To improve an organisation’s security by providing positive identification of individuals accessing your premises and networks
      • To save large sums of money by eliminating user provisioning and password management
      • To increase usability and convenience to staff

      Robust security

      What’s the point of spending a vast amount of money protecting and securing your networks if you still can’t positively identity who is accessing them? Obviously none but this is exactly what most companies are currently doing.

      Standard corporate user IDs and passwords used to govern the physical and virtual access to a company and / or network tend to follow the same format. The most common being the first letter of the user’s first name and the whole of their surname for a username i.e. cgohringer for Carl Gohringer. The bottom line for a business is that IDs can generally be cracked with one or two educated guesses. So assuming there is little or no security around IDs, a company’s security depends solely on the strength of passwords.

      Again, if you know a little about the people whose passwords you are trying to guess, it often does not take much to figure it out. There are plenty of available password cracking utilities easily accessible on the Internet to help you out.

      The question is how big an issue are ID/password breaches? It’s difficult to be precise, but we do know that 60-70% of hacking attacks have an internal source (i.e. are conducted by people who know something about each other and for whom, ID/password theft would be relatively simple). And, to give you an idea of the financial impact, last year 39% of Fortune 500 companies suffered an electronic security breach at an average cost of $50,000.

      Biometrics tackle this problem by providing a truly unique individual identifier. If access to either a building or network is controlled by a smartcard containing biometric templates, you can be sure that only the valid owner of the card will be able to access those resources. Access rights to different buildings and rooms can also be set – via the smartcard – for each individual; and with emails increasingly being used as legally binding documents, biometrics can guarantee identity by requiring the user to supply their fingerprint when digitally signing them.

      Ant Allen, research director at analyst house, Gartner Group, sums up the benefits of biometric human authentication: “It is unique to the individual, not something that somebody else decides will be your password, shared secret or token. Passwords can be learnt by various means and tokens can be stolen, but biometrics cannot.”

      Increased convenience, less money wasted

      The ID/password combination is also inconvenient for staff and financially inefficient for companies to manage.

      Just think about the number of passwords you may have to remember in a given day: the password for your office network; the number to access voicemail on your phone; the ‘unlock’ code for your PDA and so on.

      Inevitably, passwords are forgotten or compromised on a daily basis, which results in the IT department being pestered for a new code. The cost of maintaining passwords is costly and with this in mind, the ROI on biometrics is commonly realised in less than a year. IT staff are then freed up to focus on other, potentially revenue-generating issues.

      In place of this often forgotten, easily hacked, regularly shared password, a biometric smartcard gives employees single-sign-on access to the corporate network, which eliminates the need to remember numerous passwords and PINs and removes the cost of managing them for the IT department.

      The present and future of security

      The benefits of biometrics can potentially run much deeper. For example, many public sector organisations see biometrics as a useful tool for improving customer service. In a hospital environment, facial recognition can identify a patient on arrival and ensure their medical records are ready for when they arrive at reception, enabling them to be instantly directed to the appropriate ward.

      However, the purpose of this piece is to examine the impact on bottom line. In this respect, the case for biometrics is extremely powerful. Not only are they an essential tool to prevent your business losing large sums of money to cyber crime, on a day-to-day basis biometrics can dramatically reduce management and administration costs.

      So next time you see James Bond or Tom Cruise battling biometrics in the movies, consider their potential for saving you money and giving your business robust insurance against the financial risk of hacking.

      Posted by allevate at 2:44 1 comment

      Biometric Trends Improving Performance

      Iris Biometrics

      Major improvements have been realised in the capture capability, enabling Iris capture on the move or from a distance. While this is not an improvement in the SDK matching per say, it has a significant influence on the matching and usability of the system.

      Face Biometrics

      There have been significant and drastic improvements in the quality and accuracy of matching performance in a very short period of time in the last few years. This has been demonstrated by recent NIST tests, as well as other independent testing. It is not anticipated this rate of improvement will level out any time soon; expect in the coming years further drastic improvements.

      Fingerprint Biometrics

      Accuracy is still continually improving, though not at the same drastic rate as face recognition, as this is a much older technology. However, areas where there are major improvements are in the automated processing of latent prints (both in automated ridge, minutiae identification, feature extraction, and in automated 10-print to latent matching). This has the potential to enable enhanced functionality at verification points, such as border crossings, by implementing functionality such as real-time watchlist checking against latent watchlists.

      Multi-Biometric Record Level Fusion

      Another area where developments are aiding in accuracy improvements is multi-biometric fusion, occurring at the record level. Rather than merging multiple candidate lists from multiple biometrics post search, fusing biometrics and biographics in-record has the potential to provide multi-biometric record-level scores. However, this has more of an impact in very large scale identification systems, as opposed to verification systems, or small scale databases, such as watchlist checking.

      Biometric Matching as a Service

      Supported by trends such as cloud computing, data center consolidation, shared infrastructure and virtualisation.
      See here for more.

      Posted by allevate at 4:23 Comments disabled


                                                                                                                                        Identity and Biometrics

      Home | What | ID | Access | Surveillance | Mobile | Government | Police | Air Travel | Finance | Retail | Clients | Contact | Links | Blog